summaryrefslogtreecommitdiffstats
path: root/app/policies
diff options
context:
space:
mode:
Diffstat (limited to 'app/policies')
-rw-r--r--app/policies/account_moderation_note_policy.rb17
-rw-r--r--app/policies/account_policy.rb43
-rw-r--r--app/policies/application_policy.rb18
-rw-r--r--app/policies/custom_emoji_policy.rb31
-rw-r--r--app/policies/domain_block_policy.rb19
-rw-r--r--app/policies/email_domain_block_policy.rb15
-rw-r--r--app/policies/instance_policy.rb11
-rw-r--r--app/policies/report_policy.rb15
-rw-r--r--app/policies/settings_policy.rb11
-rw-r--r--app/policies/status_policy.rb35
-rw-r--r--app/policies/subscription_policy.rb7
-rw-r--r--app/policies/user_policy.rb41
12 files changed, 246 insertions, 17 deletions
diff --git a/app/policies/account_moderation_note_policy.rb b/app/policies/account_moderation_note_policy.rb
new file mode 100644
index 00000000000..885411a5b5a
--- /dev/null
+++ b/app/policies/account_moderation_note_policy.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AccountModerationNotePolicy < ApplicationPolicy
+ def create?
+ staff?
+ end
+
+ def destroy?
+ admin? || owner?
+ end
+
+ private
+
+ def owner?
+ record.account_id == current_account&.id
+ end
+end
diff --git a/app/policies/account_policy.rb b/app/policies/account_policy.rb
new file mode 100644
index 00000000000..85e2c84199b
--- /dev/null
+++ b/app/policies/account_policy.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+class AccountPolicy < ApplicationPolicy
+ def index?
+ staff?
+ end
+
+ def show?
+ staff?
+ end
+
+ def suspend?
+ staff? && !record.user&.staff?
+ end
+
+ def unsuspend?
+ staff?
+ end
+
+ def silence?
+ staff? && !record.user&.staff?
+ end
+
+ def unsilence?
+ staff?
+ end
+
+ def redownload?
+ admin?
+ end
+
+ def subscribe?
+ admin?
+ end
+
+ def unsubscribe?
+ admin?
+ end
+
+ def memorialize?
+ admin? && !record.user&.admin?
+ end
+end
diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb
new file mode 100644
index 00000000000..3e617001fa4
--- /dev/null
+++ b/app/policies/application_policy.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class ApplicationPolicy
+ attr_reader :current_account, :record
+
+ def initialize(current_account, record)
+ @current_account = current_account
+ @record = record
+ end
+
+ delegate :admin?, :moderator?, :staff?, to: :current_user, allow_nil: true
+
+ private
+
+ def current_user
+ current_account&.user
+ end
+end
diff --git a/app/policies/custom_emoji_policy.rb b/app/policies/custom_emoji_policy.rb
new file mode 100644
index 00000000000..a8c3cbc7333
--- /dev/null
+++ b/app/policies/custom_emoji_policy.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+class CustomEmojiPolicy < ApplicationPolicy
+ def index?
+ staff?
+ end
+
+ def create?
+ admin?
+ end
+
+ def update?
+ admin?
+ end
+
+ def copy?
+ admin?
+ end
+
+ def enable?
+ staff?
+ end
+
+ def disable?
+ staff?
+ end
+
+ def destroy?
+ admin?
+ end
+end
diff --git a/app/policies/domain_block_policy.rb b/app/policies/domain_block_policy.rb
new file mode 100644
index 00000000000..47c0a81af44
--- /dev/null
+++ b/app/policies/domain_block_policy.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class DomainBlockPolicy < ApplicationPolicy
+ def index?
+ admin?
+ end
+
+ def show?
+ admin?
+ end
+
+ def create?
+ admin?
+ end
+
+ def destroy?
+ admin?
+ end
+end
diff --git a/app/policies/email_domain_block_policy.rb b/app/policies/email_domain_block_policy.rb
new file mode 100644
index 00000000000..5a75ee1838a
--- /dev/null
+++ b/app/policies/email_domain_block_policy.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class EmailDomainBlockPolicy < ApplicationPolicy
+ def index?
+ admin?
+ end
+
+ def create?
+ admin?
+ end
+
+ def destroy?
+ admin?
+ end
+end
diff --git a/app/policies/instance_policy.rb b/app/policies/instance_policy.rb
new file mode 100644
index 00000000000..d1956e2ded4
--- /dev/null
+++ b/app/policies/instance_policy.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class InstancePolicy < ApplicationPolicy
+ def index?
+ admin?
+ end
+
+ def resubscribe?
+ admin?
+ end
+end
diff --git a/app/policies/report_policy.rb b/app/policies/report_policy.rb
new file mode 100644
index 00000000000..95b5c30c885
--- /dev/null
+++ b/app/policies/report_policy.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class ReportPolicy < ApplicationPolicy
+ def update?
+ staff?
+ end
+
+ def index?
+ staff?
+ end
+
+ def show?
+ staff?
+ end
+end
diff --git a/app/policies/settings_policy.rb b/app/policies/settings_policy.rb
new file mode 100644
index 00000000000..2dcb79f51f2
--- /dev/null
+++ b/app/policies/settings_policy.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class SettingsPolicy < ApplicationPolicy
+ def update?
+ admin?
+ end
+
+ def show?
+ admin?
+ end
+end
diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb
index 2ded61850a3..0373fdf04fc 100644
--- a/app/policies/status_policy.rb
+++ b/app/policies/status_policy.rb
@@ -1,20 +1,17 @@
# frozen_string_literal: true
-class StatusPolicy
- attr_reader :account, :status
-
- def initialize(account, status)
- @account = account
- @status = status
+class StatusPolicy < ApplicationPolicy
+ def index?
+ staff?
end
def show?
if direct?
- owned? || status.mentions.where(account: account).exists?
+ owned? || record.mentions.where(account: current_account).exists?
elsif private?
- owned? || account&.following?(status.account) || status.mentions.where(account: account).exists?
+ owned? || current_account&.following?(author) || record.mentions.where(account: current_account).exists?
else
- account.nil? || !status.account.blocking?(account)
+ current_account.nil? || !author.blocking?(current_account)
end
end
@@ -23,26 +20,30 @@ class StatusPolicy
end
def destroy?
- admin? || owned?
+ staff? || owned?
end
alias unreblog? destroy?
- private
-
- def admin?
- account&.user&.admin?
+ def update?
+ staff?
end
+ private
+
def direct?
- status.direct_visibility?
+ record.direct_visibility?
end
def owned?
- status.account.id == account&.id
+ author.id == current_account&.id
end
def private?
- status.private_visibility?
+ record.private_visibility?
+ end
+
+ def author
+ record.account
end
end
diff --git a/app/policies/subscription_policy.rb b/app/policies/subscription_policy.rb
new file mode 100644
index 00000000000..ac9a8a6c441
--- /dev/null
+++ b/app/policies/subscription_policy.rb
@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class SubscriptionPolicy < ApplicationPolicy
+ def index?
+ admin?
+ end
+end
diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
new file mode 100644
index 00000000000..aae207d06f1
--- /dev/null
+++ b/app/policies/user_policy.rb
@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+class UserPolicy < ApplicationPolicy
+ def reset_password?
+ staff? && !record.staff?
+ end
+
+ def disable_2fa?
+ admin? && !record.staff?
+ end
+
+ def confirm?
+ staff? && !record.confirmed?
+ end
+
+ def enable?
+ admin?
+ end
+
+ def disable?
+ admin? && !record.admin?
+ end
+
+ def promote?
+ admin? && promoteable?
+ end
+
+ def demote?
+ admin? && !record.admin? && demoteable?
+ end
+
+ private
+
+ def promoteable?
+ !record.staff? || !record.admin?
+ end
+
+ def demoteable?
+ record.staff?
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 08:21:12 +0000