# app/policies/user_policy.rb class UserPolicy < ApplicationPolicy def index? admin_ou_gerente? end def show? admin? || record == user end def create? admin? end def new? create? end def update? admin? || record == user end def edit? update? end def destroy? admin? && record != user end def toggle_ativo? admin? end class Scope < Scope def resolve if user.admin? scope.all elsif user.gerente? scope.where.not(role: :admin) else scope.where(id: user.id) end end end end