Sha256: 7d239337909f4c4858e52730cdbea4357ada92c746189b43ef03f0495bce5dbc

Contents?: true

Size: 1.81 KB

Versions: 5

Compression:

Stored size: 1.81 KB

Contents

# frozen_string_literal: true

module Decidim
  module Admin
    module Abilities
      # Defines the abilities for a user in the admin section. Intended to be
      # used with `cancancan`.
      class AdminAbility < Decidim::Abilities::AdminAbility
        def define_abilities
          super

          can :manage, Category
          can :manage, ParticipatoryProcessUserRole
          can [:create, :update, :index, :new, :read], StaticPage

          can [:update_slug, :destroy], [StaticPage, StaticPageForm] do |page|
            !StaticPage.default?(page.slug)
          end

          can [:read, :update], Decidim::Organization do |organization|
            organization == user.organization
          end

          can :manage, Feature
          can :manage, :admin_users

          can :manage, :managed_users
          cannot [:new, :create], :managed_users if empty_available_authorizations?
          can :impersonate, Decidim::User do |user_to_impersonate|
            user_to_impersonate.managed? && Decidim::ImpersonationLog.active.empty?
          end
          can :promote, Decidim::User do |user_to_promote|
            user_to_promote.managed? && Decidim::ImpersonationLog.active.empty?
          end

          can :manage, Moderation
          can :manage, Attachment
          can :manage, Scope
          can :manage, ScopeType
          can :manage, Newsletter
          can [:create, :index, :new, :read, :invite], User

          can [:destroy], [User] do |user_to_destroy|
            user != user_to_destroy
          end

          can [:index, :verify, :reject], UserGroup
        end

        private

        def empty_available_authorizations?
          return unless @context[:current_organization]
          @context[:current_organization].available_authorizations.empty?
        end
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
decidim-admin-0.7.4 app/models/decidim/admin/abilities/admin_ability.rb
decidim-admin-0.7.3 app/models/decidim/admin/abilities/admin_ability.rb
decidim-admin-0.7.2 app/models/decidim/admin/abilities/admin_ability.rb
decidim-admin-0.7.1 app/models/decidim/admin/abilities/admin_ability.rb
decidim-admin-0.7.0 app/models/decidim/admin/abilities/admin_ability.rb