Class: CamaleonCms::Ability
- Inherits:
-
Object
- Object
- CamaleonCms::Ability
- Includes:
- CanCan::Ability
- Defined in:
- app/models/camaleon_cms/ability.rb
Instance Method Summary collapse
-
#can?(action, subject, *extra_args) ⇒ Boolean
overwrite can method to support decorator class names.
-
#cannot?(*args) ⇒ Boolean
overwrite cannot method to support decorator class names.
-
#initialize(user, current_site = nil) ⇒ Ability
constructor
A new instance of Ability.
Constructor Details
#initialize(user, current_site = nil) ⇒ Ability
Returns a new instance of Ability.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
# File 'app/models/camaleon_cms/ability.rb', line 4 def initialize(user, current_site = nil) # Define abilities for the passed in user here. For example: # user ||= CamaleonCms::User.new # guest user (not logged in) if user.admin? can :manage, :all elsif user.client? can :read, :all else # conditions: current_user_role = user.get_role(current_site) || current_site.user_roles.new @roles_manager ||= current_user_role.("_manager_#{current_site.id}", {}) || {} @roles_post_type ||= current_user_role.("_post_type_#{current_site.id}", {}) || {} ids_publish = @roles_post_type[:publish] || [] ids_edit = @roles_post_type[:edit] || [] ids_edit_other = @roles_post_type[:edit_other] || [] ids_edit_publish = @roles_post_type[:edit_publish] || [] ids_delete = @roles_post_type[:delete] || [] ids_delete_other = @roles_post_type[:delete_other] || [] ids_delete_publish = @roles_post_type[:delete_publish] || [] can :posts, CamaleonCms::PostType do |pt| (ids_edit + ids_edit_other + ids_edit_publish).to_i.include?(pt.id) rescue false end can :create_post, CamaleonCms::PostType do |pt| ids_edit.to_i.include?(pt.id) rescue false end can :publish_post, CamaleonCms::PostType do |pt| ids_publish.to_i.include?(pt.id) rescue false end can :edit_other, CamaleonCms::PostType do |pt| ids_edit_other.to_i.include?(pt.id) rescue false end can :edit_publish, CamaleonCms::PostType do |pt| ids_edit_publish.to_i.include?(pt.id) rescue false end can :categories, CamaleonCms::PostType do |pt| @roles_post_type[:manage_categories].to_i.include?(pt.id) rescue false end can :post_tags, CamaleonCms::PostType do |pt| @roles_post_type[:manage_tags].to_i.include?(pt.id) rescue false end can :update, CamaleonCms::Post do |post| pt_id = post.post_type.id r = false r ||= ids_edit.to_i.include?(pt_id) && post.user_id == user.id rescue false r ||= ids_edit_publish.to_i.include?(pt_id) && post.published? rescue false r ||= ids_edit_other.to_i.include?(pt_id) && post.user_id != user.id rescue false r end can :destroy, CamaleonCms::Post do |post| pt_id = post.post_type.id r = false r ||= ids_delete.to_i.include?(pt_id) && post.user_id == user.id rescue false r ||= ids_delete_publish.to_i.include?(pt_id) && post.published? rescue false r ||= ids_delete_other.to_i.include?(pt_id) && post.user_id != user.id rescue false r end # support for custom abilities for each posttype # sample: http://camaleon.tuzitio.com/documentation/category/40756-uncategorized/custom-models.html @roles_post_type.each do |k , v| next if ['edit', 'edit_other', 'edit_publish', 'publish', 'manage_categories'].include?(k.to_s) can k.to_sym, CamaleonCms::PostType do |pt| v.include?(pt.id.to_s) rescue false end end # others can :manage, :media if @roles_manager[:media] rescue false can :manage, :comments if @roles_manager[:comments] rescue false # can :manage, :forms if @roles_manager[:forms] rescue false can :manage, :themes if @roles_manager[:themes] rescue false can :manage, :widgets if @roles_manager[:widgets] rescue false can :manage, :nav_menu if @roles_manager[:nav_menu] rescue false can :manage, :plugins if @roles_manager[:plugins] rescue false can :manage, :users if @roles_manager[:users] rescue false can :manage, :settings if @roles_manager[:settings] rescue false @roles_manager.try(:each) do |rol_manage_key, val_role| can :manage, rol_manage_key.to_sym if val_role.to_s.cama_true? rescue false end end cannot :impersonate, CamaleonCms::User do |u| u.id == user.id end end |
Instance Method Details
#can?(action, subject, *extra_args) ⇒ Boolean
overwrite can method to support decorator class names
97 98 99 100 101 102 103 |
# File 'app/models/camaleon_cms/ability.rb', line 97 def can?(action, subject, *extra_args) if subject.is_a?(Draper::Decorator) super(action,subject.model,*extra_args) else super(action, subject, *extra_args) end end |
#cannot?(*args) ⇒ Boolean
overwrite cannot method to support decorator class names
106 107 108 |
# File 'app/models/camaleon_cms/ability.rb', line 106 def cannot?(*args) !can?(*args) end |