class Ability include CanCan::Ability def initialize(staff) # Define abilities for the passed in user here. For example: # # user ||= User.new # guest user (not logged in) alias_action :index, :trends, :show, :to => :read if staff.is_admin can :manage, :all else staff.role.permissions.each do |ps| can ps.action.to_sym, "EducodeSales::#{ps.subject}".constantize # level = @current_admin.role.role_areas.find_by(clazz: 'name')&.level # if level == '自己' # can ps.action.to_sym, "EducodeSales::#{ps.subject}".constantize, staff_id: staff.id # elsif level == '区域' # schools = School.where(province: staff.areas.pluck(:name)).pluck(:id) # can ps.action.to_sym, "EducodeSales::#{ps.subject}".constantize, staff_id: staff.id # else # end # case level # when '自己' # @businesses = Business.where(staff_id: @current_admin.id) # when '区域' # staff_ids = Staff.joins(department: :school).where("school.province in ?", staff.areas.pluck(:name)).pluck(:id) # @businesses = Business.joins("JOIN departments ON businesses.department_id = departments.id").where("departments.school_id in ?", school_ids) # else # @businesses = Business # end end if staff.role end # # The first argument to `can` is the action you are giving the user # permission to do. # If you pass :manage it will apply to every action. Other common actions # here are :read, :create, :update and :destroy. # # The second argument is the resource the user can perform the action on. # If you pass :all it will apply to every resource. Otherwise pass a Ruby # class of the resource. # # The third argument is an optional hash of conditions to further filter the # objects. # For example, here the user can only update published articles. # # can :update, Article, :published => true # # See the wiki for details: # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities end end