Sha256: d5068beb80b1d7d227bc8b2b96dcb6119036f262be124da9eae5b4f88cecace8
Contents?: true
Size: 1.8 KB
Versions: 14
Compression:
Stored size: 1.8 KB
Contents
# frozen_string_literal: true
class Ability
include CanCan::Ability
def initialize(user)
# Define abilities for the passed in user here. For example:
#
# user ||= User.new # guest user (not logged in)
# if user.admin?
# can :manage, :all
# else
# can :read, :all
# end
#
# The first argument to `can` is the action you are giving the user
# permission to do.
# If you pass :manage it will apply to every action. Other common actions
# here are :read, :create, :update and :destroy.
#
# The second argument is the resource the user can perform the action on.
# If you pass :all it will apply to every resource. Otherwise pass a Ruby
# class of the resource.
#
# The third argument is an optional hash of conditions to further filter the
# objects.
# For example, here the user can only update published articles.
#
# can :update, Article, :published => true
#
# See the wiki for details:
# https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
# This will always be the first Ability, since the abilities are "last wins"
self.merge Abilities::ThecoreAuthCommons.new user
# Other Abilities
Abilities.constants(false).each do |ability|
unless ability.to_s == "ThecoreAuthCommons"
const = Abilities.const_get(ability)
self.merge const.new(user) if const.is_a? Class
end
end
# Overrides from the database defined permissions
::Permission.joins(roles: :users).where(users: {id: user.id}).order(:id).each do |permission|
# E.g. can :manage, :all
self.send(permission.predicate.name.to_sym, permission.action.name.to_sym, (permission.target.name.classify.constantize rescue permission.target.name.to_sym))
end unless user.blank?
end
end
Version data entries
14 entries across 14 versions & 1 rubygems