Class: Locomotive::Ability

Inherits:

Object

• Object
• Locomotive::Ability

Includes:

CanCan::Ability

Defined in:

app/models/locomotive/ability.rb

Constant Summary

ROLES =

%w(admin designer author)

Instance Method Summary

• #initialize(account, site) ⇒ Ability constructor

  A new instance of Ability.

• #setup_admin_permissions! ⇒ Object
• #setup_author_permissions! ⇒ Object
• #setup_default_permissions! ⇒ Object
• #setup_designer_permissions! ⇒ Object

Constructor Details

#initialize(account, site) ⇒ Ability

Returns a new instance of Ability.

# File 'app/models/locomotive/ability.rb', line 7

def initialize(account, site)
  @account, @site = account, site

  alias_action :index, :show, :edit, :update, :to => :touch

  if @site
    @membership = @site.memberships.where(:account_id => @account.id).first
  elsif @account.admin?
    @membership = Membership.new(:account => @account, :role => 'admin')
  end

  return false if @membership.nil?

  if @membership.admin?
    setup_admin_permissions!
  else
    setup_default_permissions!

    setup_designer_permissions! if @membership.designer?

    setup_author_permissions!  if @membership.author?
  end
end

Instance Method Details

#setup_admin_permissions! ⇒ Object

# File 'app/models/locomotive/ability.rb', line 81

def setup_admin_permissions!
  can :manage, :all

  cannot [:update, :destroy], Membership do |membership|
    @membership.account_id == membership.account_id # can not edit myself
  end
end

#setup_author_permissions! ⇒ Object

# File 'app/models/locomotive/ability.rb', line 35

def setup_author_permissions!
  can :touch, [Page, ThemeAsset]
  can :sort, Page

  can :manage, [ContentEntry, ContentAsset, Translation]

  can :touch, Site do |site|
    site == @site
  end

  can :read, ContentType
end

#setup_default_permissions! ⇒ Object

# File 'app/models/locomotive/ability.rb', line 31

def setup_default_permissions!
  cannot :manage, :all
end

#setup_designer_permissions! ⇒ Object

# File 'app/models/locomotive/ability.rb', line 48

def setup_designer_permissions!
  can :manage, Page

  can :manage, ContentEntry

  can :manage, ContentType

  can :manage, Snippet

  can :manage, ThemeAsset

  can :manage, ContentAsset

  can :manage, Translation

  can :manage, Site do |site|
    site == @site
  end

  can :point, Site

  cannot :create, Site

  can :manage, Membership

  cannot :grant_admin, Membership

  cannot [:update, :destroy], Membership do |membership|
    @membership.account_id == membership.account_id || # can not edit myself
    membership.admin? # can not modify an administrator
  end
end