Class: Fiona7::ScrivitoUser

Inherits:
Object
  • Object
show all
Defined in:
lib/fiona7/scrivito_user.rb

Class Method Summary collapse

Class Method Details

.define(rsession_user) ⇒ Object 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/fiona7/scrivito_user.rb', line 3

def self.define(rsession_user)
  Scrivito::User.define(rsession_user.user_name) do |user_definition|
    #
    # Define how this user should be presented in the UI.
    #
    user_definition.description { "#{rsession_user.user_name}" }

    # :-)
    user_definition.can_always(:read, :workspace)

    # workspaces can only be selected
    user_definition.can_never(:create, :workspace)

    # any write operation
    user_definition.can_always(:write, :workspace)

    # Below, we define the publishing restrictions related to 'Obj's for this user.
    # The restriction callbacks should either return nothing (the 'Obj' may be published),
    # or a string describing why the 'Obj' cannot be published by this user.
    #
    # Here, the '_path' attribute of a changed 'Obj' is used to determine
    # whether the user is trying to publish changes made to a particular website
    # section, here "investor relations", which requires a special permission.
    #
    user_definition.restrict_obj_publish(using: :_id) do |id|
      obj  = Fiona7::WriteObj.find(id)
      path = obj.path
      if !obj || !obj.permission.release?(rsession_user.user_name)
        I18n.t(:"fiona7.publish_permission_resticted", path: path)
      elsif obj && !obj.valid?(:release)
        obj.errors.full_messages.join("\n")
      end
    end

    # only root can publish rtc
    #if rsession_user.superuser?
    #  user_definition.can_always(:publish, :workspace) 
    #else
      user_definition.can_never(:publish, :workspace) 
    #end
  end
end