Class: Ability
- Inherits:
-
Object
- Object
- Ability
- Includes:
- CanCan::Ability
- Defined in:
- app/models/ability.rb
Instance Method Summary collapse
-
#initialize(user) ⇒ Ability
constructor
A new instance of Ability.
Constructor Details
#initialize(user) ⇒ Ability
Returns a new instance of Ability.
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'app/models/ability.rb', line 6 def initialize(user) # Define abilities for the passed in user here. For example: # # user ||= User.new # guest user (not logged in) # if user.admin? # can :manage, :all # else # can :read, :all # end # # The first argument to `can` is the action you are giving the user # permission to do. # If you pass :manage it will apply to every action. Other common actions # here are :read, :create, :update and :destroy. # # The second argument is the resource the user can perform the action on. # If you pass :all it will apply to every resource. Otherwise pass a Ruby # class of the resource. # # The third argument is an optional hash of conditions to further filter the # objects. # For example, here the user can only update published articles. # # can :update, Article, :published => true # # See the wiki for details: # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities # This will always be the first Ability, since the abilities are "last wins" self.merge Abilities::ThecoreAuthCommons.new user # Other Abilities Abilities.constants(false).each do |ability| unless ability.to_s == "ThecoreAuthCommons" const = Abilities.const_get(ability) self.merge const.new(user) if const.is_a? Class end end # Overrides from the database defined permissions ::Permission.joins(roles: :users).where(users: {id: user.id}).order(:id).each do || # E.g. can :manage, :all self.send(.predicate.name.to_sym, .action.name.to_sym, (.target.name.classify.constantize rescue .target.name.to_sym)) end end |