Class: Locomotive::Ability

Inherits:
Object
  • Object
show all
Includes:
CanCan::Ability
Defined in:
app/models/locomotive/ability.rb

Constant Summary collapse

ROLES =
%w(admin designer author)

Instance Method Summary collapse

Constructor Details

#initialize(account, site) ⇒ Ability

Returns a new instance of Ability.



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# File 'app/models/locomotive/ability.rb', line 7

def initialize(, site)
  @account, @site = , site

  alias_action :index, :show, :edit, :update, to: :touch

  if @site
    @membership = @site.memberships.where(account_id: @account.id).first
  elsif @account.admin?
    @membership = Membership.new(account: @account, role: 'admin')
  end

  return false if @membership.nil?

  if @membership.admin?
    setup_admin_permissions!
  else
    setup_default_permissions!

    setup_designer_permissions! if @membership.designer?

    setup_author_permissions!  if @membership.author?
  end
end

Instance Method Details

#setup_admin_permissions!Object



80
81
82
83
84
85
86
# File 'app/models/locomotive/ability.rb', line 80

def setup_admin_permissions!
  can :manage, :all

  cannot [:update, :destroy], Membership do |membership|
    @membership. == membership. # can not edit myself
  end
end

#setup_author_permissions!Object



35
36
37
38
39
40
41
42
43
44
45
46
47
# File 'app/models/locomotive/ability.rb', line 35

def setup_author_permissions!
  can :touch, ThemeAsset

  can [:read, :create, :update], Page
  cannot :destroy, Page
  cannot :customize, Page

  can :manage, [ContentEntry, ContentAsset, Translation]

  can :touch, Site, _id: @site._id

  can :read, ContentType
end

#setup_default_permissions!Object



31
32
33
# File 'app/models/locomotive/ability.rb', line 31

def setup_default_permissions!
  cannot :manage, :all
end

#setup_designer_permissions!Object



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# File 'app/models/locomotive/ability.rb', line 49

def setup_designer_permissions!
  can :manage, Page

  can :manage, ContentEntry

  can :manage, ContentType

  can :manage, Snippet

  can :manage, ThemeAsset

  can :manage, ContentAsset

  can :manage, Translation

  can :manage, Site, _id: @site._id

  can :point, Site

  cannot :create, Site

  can :manage, Membership

  cannot :grant_admin, Membership

  cannot [:update, :destroy], Membership do |membership|
    @membership. == membership. || # can not edit myself
    membership.admin? # can not modify an administrator
  end
end