Class: Ability
- Inherits:
-
Object
- Object
- Ability
- Includes:
- CanCan::Ability
- Defined in:
- app/models/ability.rb
Overview
Default abilities of CMS users. This class needs to be overrided in host app if customization required
Instance Method Summary collapse
-
#initialize(user) ⇒ Ability
constructor
A new instance of Ability.
- #restricted_features_for_admin(user) ⇒ Object
- #restricted_features_for_contributors(user) ⇒ Object
- #restricted_features_for_editors(user) ⇒ Object
Constructor Details
#initialize(user) ⇒ Ability
Returns a new instance of Ability.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
# File 'app/models/ability.rb', line 5 def initialize(user) user ||= User.new # guest user (not logged in) can :manage, :all can :manage_object, :all can :manage_model, :all if user.super_admin? elsif user.admin? restricted_features_for_admin(user) elsif user.editor? restricted_features_for_editors(user) else restricted_features_for_contributors(user) end end |
Instance Method Details
#restricted_features_for_admin(user) ⇒ Object
20 21 22 23 |
# File 'app/models/ability.rb', line 20 def restricted_features_for_admin(user) cannot :manage, Gluttonberg::Locale cannot :create_or_destroy, Gluttonberg::Setting end |
#restricted_features_for_contributors(user) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
# File 'app/models/ability.rb', line 32 def restricted_features_for_contributors(user) restricted_features_for_editors(user) cannot :publish, :all cannot :destroy, :all do |object| if object.respond_to?(:user_id) (object.respond_to?(:state) && ["published", "archived"].include?(object.state)) || object.user_id != user.id else true end end cannot :edit, Gluttonberg::Asset do |object| object.user_id != user.id end cannot :moderate, :all cannot :reorder, :all # cannot manage unauthorized objects cannot :manage_object, :all do |object| !user.(object) end # cannot manage unauthorized custom models (make sure pass custom model name (only for manage_model) as string.) cannot :manage_model, :all do |object| !user.(object) end end |
#restricted_features_for_editors(user) ⇒ Object
25 26 27 28 29 30 |
# File 'app/models/ability.rb', line 25 def restricted_features_for_editors(user) restricted_features_for_admin(user) cannot :manage, User cannot :manage, Gluttonberg::Member cannot :manage, Gluttonberg::Setting end |