# frozen_string_literal: true
class UserPolicy < ApplicationPolicy
def reset_password?
role.can?(:manage_user_access) && role.overrides?(record.role)
end
def change_email?
def disable_2fa?
def change_role?
role.can?(:manage_roles) && role.overrides?(record.role)
def confirm?
role.can?(:manage_user_access) && !record.confirmed?
def enable?
role.can?(:manage_users)
def approve?
role.can?(:manage_users) && !record.approved?
def reject?
def disable?
role.can?(:manage_users) && role.overrides?(record.role)