submit-social-housing-lettings-and-sales-data/app/policies/user_policy.rb

class UserPolicy
  attr_reader :current_user, :user

  def initialize(current_user, user)
    @current_user = current_user
    @user = user
  end

  def edit_password?
    @current_user == @user
  end

  %w[
    edit_roles?
    edit_dpo?
    edit_key_contact?
  ].each do |method_name|
    define_method method_name do
      return true if @current_user.support?
      return true if @current_user.data_coordinator? && @user.active?

      Rails.env.staging? && Rails.application.credentials[:staging_role_update_email_allowlist].include?(@current_user.email.split("@").last.downcase)
    end
  end

  %w[
    edit_emails?
    edit_telephone_numbers?
    edit_names?
  ].each do |method_name|
    define_method method_name do
      return true if @current_user.support?

      (@current_user == @user || @current_user.data_coordinator?) && @user.active?
    end
  end

  def delete_confirmation?
    delete?
  end

  def delete?
    return false unless current_user.support?
    return false unless user.status == :deactivated

    !has_any_logs_in_editable_collection_period && !has_signed_data_protection_agreement?
  end

  %w[
    edit_organisation?
    log_reassignment?
    update_log_reassignment?
    organisation_change_confirmation?
    confirm_organisation_change?
  ].each do |method_name|
    define_method method_name do
      @current_user.support?
    end
  end

private

  def has_any_logs_in_editable_collection_period
    editable_from_date = FormHandler.instance.earliest_open_for_editing_collection_start_date

    LettingsLog.where(assigned_to_id: user.id).after_date(editable_from_date).or(LettingsLog.where(startdate: nil, assigned_to_id: user.id)).any?
  end

  def has_signed_data_protection_agreement?
    return false unless user.is_dpo? && user.organisation.data_protection_confirmed?

    user.organisation.data_protection_confirmation.data_protection_officer == user
  end
end