Class: Ability
- Inherits:
-
Object
- Object
- Ability
- Includes:
- CanCan::Ability
- Defined in:
- app/models/users/ability.rb
Overview
Copyright © 2008-2013 Michael Dvorkin and contributors.
Fat Free CRM is freely distributable under the terms of MIT license. See MIT-LICENSE file or www.opensource.org/licenses/mit-license.php
See the wiki for details: github.com/ryanb/cancan/wiki/Defining-Abilities
Instance Method Summary collapse
-
#initialize(user) ⇒ Ability
constructor
A new instance of Ability.
Constructor Details
#initialize(user) ⇒ Ability
Returns a new instance of Ability.
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'app/models/users/ability.rb', line 13 def initialize(user) # handle signup can(:create, User) if User.can_signup? if user.present? entities = [Account, Campaign, Contact, Lead, Opportunity] # User can :manage, User, id: user.id # can do any action on themselves # Tasks can :create, Task can :manage, Task, user: user.id can :manage, Task, assigned_to: user.id can :manage, Task, completed_by: user.id # Entities can :manage, entities, access: 'Public' can :manage, entities + [Task], user_id: user.id can :manage, entities + [Task], assigned_to: user.id # # Due to an obscure bug (see https://github.com/ryanb/cancan/issues/213) # we must switch on user.admin? here to avoid the nil constraints which # activate the issue referred to above. # if user.admin? can :manage, :all else # Group or User permissions t = Permission.arel_table scope = t[:user_id].eq(user.id) if (group_ids = user.group_ids).any? scope = scope.or(t[:group_id].eq_any(group_ids)) end = Permission.select(:asset_type, :asset_id).where(scope).where(asset_type: entities.map { |k| k.name.to_s }) .each do |p| can :manage, p.asset_type.constantize, id: p.asset_id end end end end |