Module: Authorizable::ModelMethods::UserInstanceMethods

Defined in:
lib/authorizable.rb

Instance Method Summary collapse

Instance Method Details

#accepting_action(user, action, container, spe_cond = false, sys_cond = false, ws_cond = true) ⇒ Object



152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# File 'lib/authorizable.rb', line 152

def accepting_action(user, action, container, spe_cond=false, sys_cond=false, ws_cond=true)
  # Special access
#        if user.has_system_role('superadmin') || (self.id && ['show','edit'].include?(action)) || spe_cond
#          return true
#        end
  # System access
  if user.has_system_permission(self.class.to_s.underscore, action) || sys_cond
    return true
  end
  
  
  # Workspace access
  # The only permission linked to an user in a workspace is 'show'
  if action == 'show'
    self.send(container.pluralize).each do |ws|
      if ws.users.include?(user)
        if user.has_container_permission(ws.id, self.class.to_s.underscore, action, container) && ws_cond
          return true
        end
      end
    end
  end
  
  # Check if the user is the current_user
  if self.id == user.id
    return true
  end
  false
end