bike
/
BikeShed-1
mirror of https://github.com/fspc/BikeShed-1.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Initial work on permissions with cancan

denney-disable-on-select
John N. Milner 12 years ago
parent
6a29eda8d9
commit
59e45fa4d3
8 changed files with 64 additions and 39 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      app/components/bike_brands.rb
  2. 3
      app/components/bike_logs.rb
  3. 11
      app/components/bike_models.rb
  4. 11
      app/components/transaction_logs.rb
  5. 14
      app/components/user_logs.rb
  6. 14
      app/components/user_profiles.rb
  7. 11
      app/components/user_transactions.rb
  8. 28
      app/models/ability.rb

11
app/components/bike_brands.rb
View File

@ -4,17 +4,16 @@ class BikeBrands < Netzke::Basepack::Grid
c.model = "BikeBrand" c.model = "BikeBrand"
c.title = "Brands" c.title = "Brands"
if controller.current_user.user? c.prohibit_update = true if cannot? :update, BikeBrand
c.prohibit_update = true c.prohibit_create = true if cannot? :create, BikeBrand
c.prohibit_create = true c.prohibit_delete = true if cannot? :delete, BikeBrand
c.prohibit_delete = true
end
end end
#override with nil to remove actions #override with nil to remove actions
def default_bbar def default_bbar
bbar = [ :search ] bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user? bbar.concat [ :apply ] if can? :update, BikeBrand
bbar.concat [ :add_in_form ] if can? :create, BikeBrand
bbar bbar
end end
end end

3
app/components/bike_logs.rb
View File

@ -54,7 +54,8 @@ class BikeLogs < Netzke::Basepack::Grid
#override with nil to remove actions #override with nil to remove actions
def default_bbar def default_bbar
bbar = [ :search ] bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user? bbar.concat [ :apply ] if can? :update, ::ActsAsLoggable::Log
bbar.concat [ :add_in_form ] if can? :create, ::ActsAsLoggable::Log
bbar bbar
end end
=end =end

11
app/components/bike_models.rb
View File

@ -14,17 +14,16 @@ class BikeModels < Netzke::Basepack::Grid
{ :name => :model } { :name => :model }
] ]
if controller.current_user.user? c.prohibit_update = true if cannot? :update, BikeModel
c.prohibit_update = true c.prohibit_create = true if cannot? :create, BikeModel
c.prohibit_create = true c.prohibit_delete = true if cannot? :delete, BikeModel
c.prohibit_delete = true
end
end end
#override with nil to remove actions #override with nil to remove actions
def default_bbar def default_bbar
bbar = [ :search ] bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user? bbar.concat [ :apply ] if can? :update, BikeModel
bbar.concat [ :add_in_form ] if can? :create, BikeModel
bbar bbar
end end
end end

11
app/components/transaction_logs.rb
View File

@ -29,11 +29,9 @@ class TransactionLogs < Netzke::Basepack::Grid
} }
] ]
if controller.current_user.user? c.prohibit_update = true if cannot? :update, ::ActsAsLoggable::Log
c.prohibit_update = true c.prohibit_create = true if cannot? :create, ::ActsAsLoggable::Log
c.prohibit_create = true c.prohibit_delete = true if cannot? :delete, ::ActsAsLoggable::Log
c.prohibit_delete = true
end
end end
@ -60,7 +58,8 @@ class TransactionLogs < Netzke::Basepack::Grid
#override with nil to remove actions #override with nil to remove actions
def default_bbar def default_bbar
bbar = [ :search ] bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user? bbar.concat [ :apply ] if can? :update, ::ActsAsLoggable::Log
bbar.concat [:add_in_form ] if can? :create, ::ActsAsLoggable::Log
bbar bbar
end end

14
app/components/user_logs.rb
View File

@ -14,16 +14,16 @@ class UserLogs < Netzke::Basepack::Grid
:copy_action_id => 4 :copy_action_id => 4
} }
#just users if can? :manage, ::ActsAsLoggable::Log
if controller.current_user.user? #admins and staff
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => controller.current_user.id)}
user_log_strong_default_attrs.merge!( { :loggable_id => controller.current_user.id } )
user_log_data_store = {auto_load: true }
#admins and staff
else
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => session[:selected_user_id]);} user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => session[:selected_user_id]);}
user_log_strong_default_attrs.merge!( { :loggable_id => session[:selected_user_id] } ) user_log_strong_default_attrs.merge!( { :loggable_id => session[:selected_user_id] } )
user_log_data_store = {auto_load: true } user_log_data_store = {auto_load: true }
else
#just users
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => controller.current_user.id)}
user_log_strong_default_attrs.merge!( { :loggable_id => controller.current_user.id } )
user_log_data_store = {auto_load: true }
end end
c.model = "ActsAsLoggable::Log" c.model = "ActsAsLoggable::Log"

14
app/components/user_profiles.rb
View File

@ -3,18 +3,18 @@ class UserProfiles < Netzke::Basepack::Grid
def configure(c) def configure(c)
super super
if controller.current_user.user? if can? :manage, UserProfile
user_profiles_scope = lambda { |rel| rel.where(:user_id => controller.current_user.id);}
user_profiles_data_store = { auto_load: true }
user_profile_strong_default_attrs = {
:user_id => controller.current_user.id
}
else
user_profiles_scope = lambda { |rel| rel.where(:user_id => session[:selected_user_id]);} user_profiles_scope = lambda { |rel| rel.where(:user_id => session[:selected_user_id]);}
user_profiles_data_store = { auto_load: false} user_profiles_data_store = { auto_load: false}
user_profile_strong_default_attrs = { user_profile_strong_default_attrs = {
:user_id => session[:selected_user_id] :user_id => session[:selected_user_id]
} }
else
user_profiles_scope = lambda { |rel| rel.where(:user_id => controller.current_user.id);}
user_profiles_data_store = { auto_load: true }
user_profile_strong_default_attrs = {
:user_id => controller.current_user.id
}
end end
c.model = "UserProfile" c.model = "UserProfile"

11
app/components/user_transactions.rb
View File

@ -24,17 +24,16 @@ class UserTransactions < Netzke::Basepack::Grid
:created_at :created_at
] ]
if controller.current_user.user? c.prohibit_update = true if cannot? :update, Transaction
c.prohibit_update = true c.prohibit_create = true if cannot? :create, Transaction
c.prohibit_create = true c.prohibit_delete = true if cannot? :delete, Transaction
c.prohibit_delete = true
end
end end
#override with nil to remove actions #override with nil to remove actions
def default_bbar def default_bbar
bbar = [ :search ] bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user? bbar.concat [ :apply ] if can? :update, Transaction
bbar.concat [ :add_in_form ] if can? :create, Transaction
bbar bbar
end end
end end

28
app/models/ability.rb
View File

@ -0,0 +1,28 @@
class Ability
include CanCan::Ability
def initialize(current_user)
@current_user = current_user
self.send(current_user.role.to_sym)
end
def admin
can :manage, :all
end
def staff
can :manage, :all
end
def bike_admin
can :manage, Bike
can :manage, ::ActsAsLoggable::Log, :loggable_type => "Bike"
end
def user
can :read, :all
can :update, Bike, :id => @current_user.bike_id unless @current_user.bike.nil?
can :manage, ::ActsAsLoggable::Log, { :loggable_type => "Bike", :loggable_id => @current_user.bike_id }
can :manage, ::ActsAsLoggable::Log, { :loggable_type => "User", :loggable_id => @current_user.id }
end
end
Write Preview
Loading…
Cancel
Save