ability.rb revision 8838c545565ed474cf42f886b1296c6cdfc2276d
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornbergerclass Ability
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger include CanCan::Ability
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger def initialize(user)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger # Define abilities for the passed in user here.
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger user ||= User.new # guest user (not logged in)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger if user.admin?
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger can { true }
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger elsif user.id
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger # Repositories
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], Repository
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa can :show, Repository do |subject|
4755669b9d408e3240e1f005349399973923c095Eugen Kuksa if subject.is_private
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa subject.permission?(:reader, user) ||
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa subject.permission?(:editor, user) ||
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa subject.permission?(:owner, user)
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa else
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa true
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa end
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa end
f1304db188bff0f7c40172819863ffe54401b400Julian Kornberger can [:write], Repository do |subject|
8d050e0562ded9f29d349f3589d870fe9121f7e2henning mueller subject.permission?(:editor, user) or subject.public_rw?
be6eb5d7ea1888f2f835fe0fff358f72572afeb4henning mueller end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update, :destroy, :permissions], Repository do |subject|
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger subject.permission?(:owner, user)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger end
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger # Ontology
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger can :manage, Ontology do |subject|
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger subject.permission?(:editor, user)
772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9beJulian Kornberger end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen # Logics
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update], Logic do |subject|
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen subject.permission?(:editor, user)
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen end
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen can [:destroy, :permissions], Logic do |subject|
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen subject.permission?(:owner, user)
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], Logic
f9c64720306a03102ed06e2e497c8f7d5bd0910aChristian Clausen
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen # LogicMappings
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update], LogicMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen subject.permission?(:editor, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen end
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen can [:destroy, :permissions], LogicMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen subject.permission?(:owner, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], LogicMapping
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen # LanguageMappings
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update], LanguageMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen subject.permission?(:editor, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen end
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen can [:destroy, :permissions], LanguageMapping do |subject|
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen subject.permission?(:owner, user)
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], LanguageMapping
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen # LogicAdjoints
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update], LogicAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen subject.permission?(:editor, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen end
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen can [:destroy, :permissions], LogicAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen subject.permission?(:owner, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], LogicAdjoint
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen # LanguageAdjoints
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update], LanguageAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen subject.permission?(:editor, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen end
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen can [:destroy, :permissions], LanguageAdjoint do |subject|
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen subject.permission?(:owner, user)
ca68055161f6beb2ec248e789ab787e6de69bd18Christian Clausen end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], LanguageAdjoint
0ae77dd0f6698fa1948d1c6c973cc64d6df9e8d6Christian Clausen
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen # Languages
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update], Language do |subject|
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen subject.permission?(:editor, user)
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen end
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen can [:destroy, :permissions], Language do |subject|
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen subject.permission?(:owner, user)
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen end
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create], Language
7c5e9db9a07461d92c007563a2a27ca42ce93baeChristian Clausen
7c5e9db9a07461d92c007563a2a27ca42ce93baeChristian Clausen # Serializations
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create, :destroy, :update], Serialization
813c1fb6ef7f1d386c65abf8d79389be3cb0f4e9Christian Clausen
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger # Team permissions
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:create, :read], Team
1d2a2bdc364ab8fecd3db98c17162ce9f03d4361Eugen Kuksa can [:update, :destroy], Team do |subject|
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger subject.admin?(user)
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
432ee743a5f1c5688c73446b5977b06ed97fb67cJulian Kornberger # Comments
432ee743a5f1c5688c73446b5977b06ed97fb67cJulian Kornberger can [:create], Comment
8566aec18eff0f0d248d73d2f44f9df16cc41456Julian Kornberger can [:destroy], Comment do |subject|
8566aec18eff0f0d248d73d2f44f9df16cc41456Julian Kornberger subject.user == user || subject.commentable.permission?(:owner, user)
8566aec18eff0f0d248d73d2f44f9df16cc41456Julian Kornberger end
432ee743a5f1c5688c73446b5977b06ed97fb67cJulian Kornberger
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger can [:create, :destroy], Metadatum do |subject|
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger # TODO tests written?
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger subject.user == user || subject.metadatable.permission?(:editor, user)
f4f335875509867dd238df7c92b0b8f4fe101705Julian Kornberger end
3c4b1bd39fa36d241f2ef0d6f7ebbf2a9a6f4d36henning mueller
8838c545565ed474cf42f886b1296c6cdfc2276dEugen Kuksa can [:create, :read], Project
8838c545565ed474cf42f886b1296c6cdfc2276dEugen Kuksa can [:create, :read], Task
8838c545565ed474cf42f886b1296c6cdfc2276dEugen Kuksa can [:create, :read], LicenseModel
b23869f9e7504049f5d28bbbc54d812c8ca36abbEugen Kuksa
80bec0e081f3ea13eec9ef8ea50a9ccbb74fcb46Eugen Kuksa can :read, FormalityLevel
3c4b1bd39fa36d241f2ef0d6f7ebbf2a9a6f4d36henning mueller can :read, Category
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa else
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa can :show, Repository do |subject|
4755669b9d408e3240e1f005349399973923c095Eugen Kuksa !subject.is_private
df8908f48450f65ca99c9b997ebd3711f49049e5Eugen Kuksa end
17e3eda463c5fe407b4498c996c7fd0474e34e41henning mueller
bb5854b327e8d509b4539b8e94fc499d03cbe76bEugen Kuksa can :read, Project
bb5854b327e8d509b4539b8e94fc499d03cbe76bEugen Kuksa can :read, Task
bb5854b327e8d509b4539b8e94fc499d03cbe76bEugen Kuksa can :read, LicenseModel
bb5854b327e8d509b4539b8e94fc499d03cbe76bEugen Kuksa can :read, FormalityLevel
17e3eda463c5fe407b4498c996c7fd0474e34e41henning mueller can :read, Category
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornberger end
7b025f9d9726413eb3f50ca2b39826e7eed816fbJulian Kornbergerend