Sha256: 696a396d8ac9f90e295c660572d7a568dd2d60ee5108d33f8d9341e8ab1b7460
Contents?: true
Size: 1.36 KB
Versions: 12
Compression:
Stored size: 1.36 KB
Contents
class Ability
include CanCan::Ability
def initialize(user)
# Define abilities for the passed in user here. For example:
#
# user ||= User.new # guest user (not logged in)
# if user.admin?
# can :manage, :all
# else
# can :read, :all
# end
#
# The first argument to `can` is the action you are giving the user
# permission to do.
# If you pass :manage it will apply to every action. Other common actions
# here are :read, :create, :update and :destroy.
#
# The second argument is the resource the user can perform the action on.
# If you pass :all it will apply to every resource. Otherwise pass a Ruby
# class of the resource.
#
# The third argument is an optional hash of conditions to further filter the
# objects.
# For example, here the user can only update published articles.
#
# can :update, Article, :published => true
#
# See the wiki for details:
# https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
user ||= User.new
if user.is?(:user_admin)
can :manage, User
if Chaltron.ldap_allow_all
cannot :edit, User, { provider: 'ldap' }
cannot :destroy, User, { provider: 'ldap' }
end
can :read, Log, category: 'user_admin'
end
if user.is?(:admin)
can :read, Log
end
end
end
Version data entries
12 entries across 12 versions & 1 rubygems