Class: Kaui::Ability
- Inherits:
-
Object
- Object
- Kaui::Ability
- Includes:
- CanCan::Ability
- Defined in:
- app/models/kaui/ability.rb
Instance Method Summary collapse
-
#initialize(user) ⇒ Ability
constructor
A new instance of Ability.
- #permission_to_model_action(permission) ⇒ Object
Constructor Details
#initialize(user) ⇒ Ability
Returns a new instance of Ability.
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'app/models/kaui/ability.rb', line 7 def initialize(user) if Kaui.demo_mode # Show the links, the server will enforce permissions can :manage, :all return end # user is a Kaui::User object (from Devise) user..each do || # permission is something like invoice:item_adjust or payment:refund # We rely on a naming convention where the left part refers to a Kaui model model, action = () if (model == '*') && (action == '*') # All permissions! can :manage, :all elsif (model == '*') && (action != '*') # TODO elsif action == '*' # TODO: Not sure the :all is really working (but we don't use it) begin can :all, "Kaui::#{model.camelize}".constantize rescue StandardError nil end else begin can action.to_sym, "Kaui::#{model.camelize}".constantize rescue StandardError nil end end end rescue KillBillClient::API::Unauthorized => _e nil end |
Instance Method Details
#permission_to_model_action(permission) ⇒ Object
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'app/models/kaui/ability.rb', line 43 def () # # Permissions are defined in Kill Kill apis (https://github.com/killbill/killbill-api/blob/master/src/main/java/org/killbill/billing/security/Permission.java) # and they look something like 'invoice:item_adjust' or 'payment:refund', where the first part is the Kill Bill module and the second the action. # # For most of those the Kill Bill module maps to the Kaui model, but for a few, the naming convention breaks, so in order to keep the API clean, we do the fix up # in KAUI itself: # to_be_model, action = .split(':') # Currently the only actions implemented for overdue and catalog (upload_config) are those implemented at the tenant level: to_be_model = 'admin_tenant' if %w[tenant overdue catalog].include?(to_be_model) to_be_model = 'subscription' if to_be_model == 'entitlement' [to_be_model, action] end |