Class: Locomotive::Ability

Inherits:
Object
  • Object
show all
Includes:
CanCan::Ability
Defined in:
app/models/locomotive/ability.rb

Constant Summary collapse

ROLES =
%w(admin designer author)

Instance Method Summary collapse

Constructor Details

#initialize(account, site) ⇒ Ability

Returns a new instance of Ability.



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# File 'app/models/locomotive/ability.rb', line 7

def initialize(, site)
  @account, @site = , site

  alias_action :index, :show, :edit, :update, to: :touch

  if @site
    @membership = @site.memberships.where(account_id: @account.id).first
  elsif @account.admin?
    @membership = Membership.new(account: @account, role: 'admin')
  end

  if @membership.nil?
    
  elsif @membership.admin?
    setup_admin_permissions!
  else
    setup_default_permissions!

    setup_designer_permissions! if @membership.designer?

    setup_author_permissions!  if @membership.author?
  end
end

Instance Method Details

#setup_account_without_a_siteObject



31
32
33
34
35
# File 'app/models/locomotive/ability.rb', line 31

def 
  cannot :manage, :all

  can :create, Site
end

#setup_admin_permissions!Object



86
87
88
89
90
91
92
# File 'app/models/locomotive/ability.rb', line 86

def setup_admin_permissions!
  can :manage, :all

  cannot [:update, :destroy], Membership do |membership|
    @membership. == membership. # can not edit myself
  end
end

#setup_author_permissions!Object



41
42
43
44
45
46
47
48
49
50
51
52
53
# File 'app/models/locomotive/ability.rb', line 41

def setup_author_permissions!
  can :touch, ThemeAsset

  can [:read, :create, :update], Page
  cannot :destroy, Page
  cannot :customize, Page

  can :manage, [ContentEntry, ContentAsset, Translation]

  can :touch, Site, _id: @site._id

  can :read, ContentType
end

#setup_default_permissions!Object



37
38
39
# File 'app/models/locomotive/ability.rb', line 37

def setup_default_permissions!
  cannot :manage, :all
end

#setup_designer_permissions!Object



55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# File 'app/models/locomotive/ability.rb', line 55

def setup_designer_permissions!
  can :manage, Page

  can :manage, ContentEntry

  can :manage, ContentType

  can :manage, Snippet

  can :manage, ThemeAsset

  can :manage, ContentAsset

  can :manage, Translation

  can :manage, Site, _id: @site._id

  can :point, Site

  cannot :create, Site

  can :manage, Membership

  cannot :grant_admin, Membership

  cannot [:update, :destroy], Membership do |membership|
    @membership. == membership. || # can not edit myself
    membership.admin? # can not modify an administrator
  end
end