Class: Kaui::Ability
- Inherits:
-
Object
- Object
- Kaui::Ability
- Includes:
- CanCan::Ability
- Defined in:
- app/models/kaui/ability.rb
Instance Method Summary collapse
-
#initialize(user) ⇒ Ability
constructor
A new instance of Ability.
- #permission_to_model_action(permission) ⇒ Object
Constructor Details
#initialize(user) ⇒ Ability
Returns a new instance of Ability.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'app/models/kaui/ability.rb', line 5 def initialize(user) if Kaui.demo_mode # Show the links, the server will enforce permissions can :manage, :all return end # user is a Kaui::User object (from Devise) user..each do || # permission is something like invoice:item_adjust or payment:refund # We rely on a naming convention where the left part refers to a Kaui model model, action = () if model == '*' and action == '*' # All permissions! can :manage, :all elsif model == '*' and action != '*' # TODO elsif action == '*' # TODO Not sure the :all is really working (but we don't use it) can :all, ('Kaui::' + model.camelize).constantize rescue nil else can action.to_sym, ('Kaui::' + model.camelize).constantize rescue nil end end rescue KillBillClient::API::Unauthorized => _ end |
Instance Method Details
#permission_to_model_action(permission) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'app/models/kaui/ability.rb', line 32 def () # # Permissions are defined in Kill Kill apis (https://github.com/killbill/killbill-api/blob/master/src/main/java/org/killbill/billing/security/Permission.java) # and they look something like 'invoice:item_adjust' or 'payment:refund', where the first part is the Kill Bill module and the second the action. # # For most of those the Kill Bill module maps to the Kaui model, but for a few, the naming convention breaks, so in order to keep the API clean, we do the fix up # in KAUI itself: # to_be_model, action = .split(':') # Currently the only actions implemented for overdue and catalog (upload_config) are those implemented at the tenant level: if %w(tenant overdue catalog).include?(to_be_model) to_be_model = 'admin_tenant' end if to_be_model == 'entitlement' to_be_model = 'subscription' end [to_be_model, action] end |