module Recordings class AccessPolicy def initialize(recording, viewer: nil) @recording = recording @viewer = viewer end def allowed? return false if @recording.deleted? return true if @recording.status == "processing" && (club_member? || manage_allowed?) return false unless @recording.ready? return true if @recording.unlisted? || @recording.publicly_listed? club_member? end def manage_allowed? return false unless @viewer team = @recording.team team.club.owned_by?(@viewer) || @viewer.manageable_teams.exists?(id: team.id) end private def club_member? return false unless @viewer @recording.team.club.users.exists?(id: @viewer.id) end end end