Added acces rules for jobs, operator/jobs and admin/dashboard view, including lazy loading for cancel button in broadcasts

app/policies/admin/dashboard_policy.rb

@@ -0,0 +1,4 @@
+class Admin::DashboardPolicy < ApplicationPolicy
+  def show
+  end
+end

app/policies/application_policy.rb

@@ -1,5 +1,12 @@
 # Base class for application policies
 class ApplicationPolicy < ActionPolicy::Base
+  pre_check :allow_admins
+
+  # admin is good! :)
+  def allow_admins
+    allow! if user.admin?
+  end
+
   # Configure additional authorization contexts here
   # (`user` is added by default).
   #
@@ -7,6 +14,7 @@ class ApplicationPolicy < ActionPolicy::Base
   #
   # Read more about authorization context: https://actionpolicy.evilmartians.io/#/authorization_context
 
+
   private
 
   # Define shared methods useful for most policies.

app/policies/job_policy.rb

@@ -1,9 +1,12 @@
 class JobPolicy < ApplicationPolicy
+  skip_pre_check :allow_admins, only: :cancel?
+
+  def cancel?
+    record.open? && (user == record.costumer || user.operator? || user.admin?)
+  end
+
   # See https://actionpolicy.evilmartians.io/#/writing_policies
   #
-  # def index?
-  #   true
-  # end
   #
   # def update?
   #   # here we can access our context and record

app/policies/operator/job_policy.rb

@@ -0,0 +1,21 @@
+class Operator::JobPolicy < ApplicationPolicy
+  pre_check :allow_operators
+
+  def index?
+  end
+
+  def update?
+  end
+
+  def increment_page?
+  end
+
+  def decrement_page?
+  end
+
+  private
+
+  def allow_operators
+    allow! if user.operator?
+  end
+end

app/policies/session_policy.rb

@@ -0,0 +1,5 @@
+class SessionPolicy < ApplicationPolicy
+  def new?
+    true
+  end
+end