app/models/ability.rb

	ability.rb revision 772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9be
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornbergerclass Ability
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger  include CanCan::Ability
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger  def initialize(user)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger    # Define abilities for the passed in user here.
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger    user ||= User.new # guest user (not logged in)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger    if user.admin?
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger      can { true }
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger    elsif user.id
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      # Repositories
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      can [:edit, :update], Repository do |subject|
be6eb5d7ea1888f2f835fe0fff358f72572afeb4henning mueller        subject.permission?(:editor, user)
be6eb5d7ea1888f2f835fe0fff358f72572afeb4henning mueller      end
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      can [:destroy, :permissions], Repository do |subject|
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger        subject.permission?(:owner, user)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger      end
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      can [:new, :create], Repository
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      # Ontology
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      can :manage, Ontology do |subject|
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger        subject.permission?(:editor, user)
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger      end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen      # Logics
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen      can [:edit, :update], Logic do |subject|
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen        subject.permission?(:editor, user)
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen      end
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen      can [:destroy, :permissions], Logic do |subject|
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen        subject.permission?(:owner, user)
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen      end
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen      can [:new, :create], Logic
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      # LogicMappings
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      can [:edit, :update], LogicMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen        subject.permission?(:editor, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      end
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      can [:destroy, :permissions], LogicMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen        subject.permission?(:owner, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      end
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      can [:new, :create], LogicMapping
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      # LanguageMappings
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      can [:edit, :update], LanguageMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen        subject.permission?(:editor, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      end
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      can [:destroy, :permissions], LanguageMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen        subject.permission?(:owner, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      end
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen      can [:new, :create], LanguageMapping
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      # LogicAdjoints
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      can [:edit, :update], LogicAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen        subject.permission?(:editor, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      end
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      can [:destroy, :permissions], LogicAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen        subject.permission?(:owner, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      end
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      can [:new, :create], LogicAdjoint
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      # LanguageAdjoints
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      can [:edit, :update], LanguageAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen        subject.permission?(:editor, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      end
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      can [:destroy, :permissions], LanguageAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen        subject.permission?(:owner, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      end
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen      can [:new, :create], LanguageAdjoint
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen      # Languages
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen      can [:edit, :update], Language do |subject|
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen        subject.permission?(:editor, user)
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen      end
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen      can [:destroy, :permissions], Language do |subject|
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen        subject.permission?(:owner, user)
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen      end
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen      can [:new, :create], Language
7c5e9db9a07461d92c007563a2a27ca42ce93baeChristian Clausen
7c5e9db9a07461d92c007563a2a27ca42ce93baeChristian Clausen      # Serializations
7c5e9db9a07461d92c007563a2a27ca42ce93baeChristian Clausen      can [:new, :create, :destroy, :edit, :update], Serialization
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger      # Team permissions
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger      can [:create, :show, :index], Team
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger      can [:edit, :update, :destroy], Team do |subject|
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger        subject.admin?(user)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger      end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
432ee743a5f1c5688c73446b5977b06ed97fb67cJulian Kornberger      # Comments
432ee743a5f1c5688c73446b5977b06ed97fb67cJulian Kornberger      can [:create], Comment
8566aec18eff0f0d248d73d2f44f9df16cc41456Julian Kornberger      can [:destroy], Comment do |subject|
8566aec18eff0f0d248d73d2f44f9df16cc41456Julian Kornberger        subject.user == user || subject.commentable.permission?(:owner, user)
8566aec18eff0f0d248d73d2f44f9df16cc41456Julian Kornberger      end
432ee743a5f1c5688c73446b5977b06ed97fb67cJulian Kornberger
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger      can [:create, :destroy], Metadatum do |subject|
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger        # TODO tests written?
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger        subject.user == user || subject.metadatable.permission?(:editor, user)
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger      end
c1c9b51cf3a275c9631b6de90e71b833bf97ded9Julian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger    end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger    # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger  end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornbergerend