File tree Expand file tree Collapse file tree 1 file changed +15
-1
lines changed
Expand file tree Collapse file tree 1 file changed +15
-1
lines changed Original file line number Diff line number Diff line change @@ -68,11 +68,17 @@ function applySuperAdminPermissions(
6868function applyAdminPermissions ( builder : AbilityBuilder < Ability > , ctx : Context ) {
6969 // admins can approve anyone but superadmins
7070 builder . can (
71- ACTIONS . CASL . UPDATE ,
71+ [ ACTIONS . CASL . UPDATE , ACTIONS . CASL . CREATE ] ,
7272 SUBJECTS . USER ,
7373 FIELDS . USER . APPROVAL ,
7474 hasRole ( [ 'VOLUNTEER' , 'MANAGER' , 'ADMIN' ] )
7575 ) ;
76+ // admins can pre-approve/create anyone but superadmins
77+ builder . can (
78+ ACTIONS . CASL . CREATE ,
79+ SUBJECTS . USER ,
80+ hasRole ( [ 'VOLUNTEER' , 'MANAGER' , 'ADMIN' ] )
81+ ) ;
7682 // admins can update location and role of volunteers and managers
7783 builder . can (
7884 ACTIONS . CASL . UPDATE ,
@@ -112,6 +118,14 @@ function applyManagerPermissions(
112118 ...hasSameLocation ( ctx . latestLocationObjectId ) ,
113119 ...isToday ( 'createdAt' )
114120 } ) ;
121+ // managers can pre-approve/create volunteers at their location
122+ builder . can (
123+ ACTIONS . CASL . CREATE ,
124+ SUBJECTS . USER , {
125+ ...hasRole ( [ 'VOLUNTEER' ] ) ,
126+ ...hasSameLocation ( ctx . latestLocationObjectId ) ,
127+ }
128+ ) ;
115129 // can only edit own profile
116130 builder . can (
117131 ACTIONS . CASL . UPDATE ,
You can’t perform that action at this time.
0 commit comments