Class: Ability

Inherits:
Object
  • Object
show all
Includes:
CanCan::Ability
Defined in:
app/models/ability.rb

Instance Method Summary collapse

Constructor Details

#initialize(operator = nil) ⇒ Ability

Returns a new instance of Ability.



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
# File 'app/models/ability.rb', line 4

def initialize(operator=nil)
  # guest user (not logged in)
  # unless user
  #   user = User.new
  #   user.role = 'guest'
  # end

  can :read, :all
  # can :manage, :all

  # Todos os direitos relativos
  Permission.where("role_id IS NULL").each do |permission|
    if permission.subject_id.blank?
      if permission.action.include?("not_")
        cannot permission.action.gsub("not_", "").to_sym, permission.subject_class.constantize
      else
        can permission.action.to_sym, permission.subject_class.constantize
      end
    else
      if permission.action.include?("not_")
        cannot permission.action.gsub("not_", "").to_sym, permission.subject_class.constantize, :id => permission.subject_id.to_i
        set_child_permissions("cannot",permission.action.gsub("not_", "").to_sym, permission.subject_class.constantize,permission.subject_id.to_i)
      else
        can permission.action.to_sym, permission.subject_class.constantize, :id => permission.subject_id.to_i
        set_child_permissions("can",permission.action.to_sym, permission.subject_class.constantize,permission.subject_id.to_i)
      end
    end
  end

  # Direitos que afetam apenas certas funções de usuário
  if operator && operator.respond_to?(:roles)
    operator.roles.each do |role|
      role.permissions.each do |permission|

        if permission.subject_class == ":all"
          if permission.action.include?("not_")
            cannot permission.action.gsub("not_", "").to_sym, :all
          else
            can permission.action.to_sym, :all
          end
        end

        if !permission.subject_class.include?(":all") && permission.subject_id.blank?
          if permission.action.include?("not_")
            cannot permission.action.gsub("not_", "").to_sym, permission.subject_class.constantize
          else
            can permission.action.to_sym, permission.subject_class.constantize
          end
        end

        if !permission.subject_class.include?(":all") && permission.subject_id.present?
          if permission.action.include?("not_")
            cannot permission.action.to_s.gsub("not_", "").to_sym, permission.subject_class.constantize, :id => permission.subject_id.to_i
            set_child_permissions("cannot",permission.action.gsub("not_", "").to_sym, permission.subject_class.constantize,permission.subject_id.to_i)
          else
            can permission.action.to_sym, permission.subject_class.constantize, :id => permission.subject_id.to_i
            set_child_permissions("can",permission.action.to_sym, permission.subject_class.constantize,permission.subject_id.to_i)
          end
        end
      end
    end
  end
end

Instance Method Details

#set_child_permissions(able, action_name, model_name, id_name) ⇒ Object 



68
69
70
71
72
73
74
75
76
77
78
79
 
# File 'app/models/ability.rb', line 68

def set_child_permissions(able,action_name, model_name,id_name)
  if able == "can" && model_name.new.respond_to?(:descendant_ids) && object = model_name.find_by_id(id_name)
    object.descendant_ids.each do |child_id|
      can action_name, model_name, :id => child_id
    end
  end
  if able == "cannot" && model_name.new.respond_to?(:descendant_ids) && object = model_name.find_by_id(id_name)
    object.descendant_ids.each do |child_id|
      cannot action_name, model_name, :id => child_id
    end
  end
end