Class: Ability

Inherits:
Object
  • Object
show all
Includes:
CanCan::Ability
Defined in:
app/models/ability.rb

Instance Method Summary collapse

Constructor Details

#initialize(user) ⇒ Ability

Returns a new instance of Ability.



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'app/models/ability.rb', line 4

def initialize(user)
  # Define abilities for the passed in user here. For example:
  #
  #   user ||= User.new # guest user (not logged in)
  #   if user.admin?
  #     can :manage, :all
  #   else
  #     can :read, :all
  #   end

  can :manage, User, :id => user.id
  can :update, PageAttachment
  can :see_student_grades, Course


  if (user.human_name == "Todd Sedano" ||user.human_name == "Chris Zeise" || user.human_name == "Stephanie Scott")
    can :upload, Course
  end

  #  This next line is for testing purposes only when working on managing active directory from whiteboard
  if (user.human_name == "Edward Akoto" || user.human_name == "Jazz Sabian" || user.human_name == "Albert Liu" || user.human_name == "Stacy Marshall" || user.human_name == "Todd Sedano" || user.human_name == "Stephanie Scott")
    can :create, User
  else
    cannot :create, User
  end

  if (user.is_admin? || user.human_name == "Rofaida Abdelaal" || user.human_name == "Sarah Stanek")
    can :upload_official_photo, User
    can :update, User
  else
    cannot :upload_official_photo, User
  end


  #Contracts manager
  if (user.is_admin? || user.human_name == "Ngoc Ho" || user.human_name == "Hector Rastrullo")
    can :manage, SponsoredProjectAllocation
    can :manage, SponsoredProjectEffort
    can :manage, SponsoredProjectSponsor
    can :manage, SponsoredProject
  end

  if (user.is_admin? || user.is_staff?)
    can :view_assignments, Job
  end

  if (user.human_name == "Wendy Fong" || user.human_name == "Sylvia Arifin")
    can :manage, Job
  end

  if (user.is_admin?)
    can :manage, Course
    can :manage, Job
    can :manage, User
    can :see_current_sign_in_ip, User
  else
    cannot :see_current_sign_in_ip, User
  end

  if  (user.is_staff?)
    can [:teach, :create, :update, :peer_evaluation, :team_formation], Course
    can :manage, Assignment
    can [:create, :see_job_details], Job
  end
  can [:teach, :update, :peer_evaluation, :team_formation], Course, :faculty => {:id => user.id} #Useful for TAs.
  can :update, Job, :supervisors => {:id => user.id}


  # The first argument to `can` is the action you are giving the user permission to do.
  # If you pass :manage it will apply to every action. Other common actions here are
  # :read, :create, :update and :destroy.
  #
  # The second argument is the resource the user can perform the action on. If you pass
  # :all it will apply to every resource. Otherwise pass a Ruby class of the resource.
  #
  # The third argument is an optional hash of conditions to further filter the objects.
  # For example, here the user can only update published articles.
  #
  #   can :update, Article, :published => true
  #
  # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
end