# frozen_string_literal: true class PostPolicy < ApplicationPolicy class Scope < Scope def resolve table = Post.arel_table value = current_user.role.value role_check = (table[:role_visibility] & value).eq(value) scope.where(role_check.to_sql) end end def index? current_user.permission?(:post_view) end def show? index? && (record.role_visibility.include?(current_user.role.name.to_sym) || edit?) end def create? current_user.permission?(:post_modify) end def update? create? end def destroy? current_user.permission?(:post_delete) end end