mirror of
https://github.com/Freika/dawarich.git
synced 2026-01-10 17:21:38 -05:00
22 lines
496 B
Ruby
22 lines
496 B
Ruby
# frozen_string_literal: true
|
|
|
|
class FamilyInvitationPolicy < ApplicationPolicy
|
|
def show?
|
|
# Public endpoint for invitation acceptance - no authentication required
|
|
true
|
|
end
|
|
|
|
def create?
|
|
user.family == record.family && user.family_owner?
|
|
end
|
|
|
|
def accept?
|
|
# Users can accept invitations sent to their email
|
|
user.email == record.email
|
|
end
|
|
|
|
def destroy?
|
|
# Only family owners can cancel invitations
|
|
user.family == record.family && user.family_owner?
|
|
end
|
|
end
|