Sha256: 811b1c990a5208efee1ada5ae6befedf92faf4dbded6fb76e36d2c59d8ee15ac
Contents?: true
Size: 1.92 KB
Versions: 17
Compression:
Stored size: 1.92 KB
Contents
module Locomotive
class Ability
include CanCan::Ability
ROLES = %w(admin designer author)
def initialize(account, site)
@account, @site = account, site
alias_action :index, :show, :edit, :update, to: :touch
if @site
@membership = @site.memberships.where(account_id: @account.id).first
elsif @account.admin?
@membership = Membership.new(account: @account, role: 'admin')
end
return false if @membership.nil?
if @membership.admin?
setup_admin_permissions!
else
setup_default_permissions!
setup_designer_permissions! if @membership.designer?
setup_author_permissions! if @membership.author?
end
end
def setup_default_permissions!
cannot :manage, :all
end
def setup_author_permissions!
can :touch, ThemeAsset
can [:read, :create, :update], Page
cannot :destroy, Page
cannot :customize, Page
can :manage, [ContentEntry, ContentAsset, Translation]
can :touch, Site, _id: @site._id
can :read, ContentType
end
def setup_designer_permissions!
can :manage, Page
can :manage, ContentEntry
can :manage, ContentType
can :manage, Snippet
can :manage, ThemeAsset
can :manage, ContentAsset
can :manage, Translation
can :manage, Site, _id: @site._id
can :point, Site
cannot :create, Site
can :manage, Membership
cannot :grant_admin, Membership
cannot [:update, :destroy], Membership do |membership|
@membership.account_id == membership.account_id || # can not edit myself
membership.admin? # can not modify an administrator
end
end
def setup_admin_permissions!
can :manage, :all
cannot [:update, :destroy], Membership do |membership|
@membership.account_id == membership.account_id # can not edit myself
end
end
end
end
Version data entries
17 entries across 17 versions & 1 rubygems