Browse Source

WIP: cancan permissions; it breaks stuff!

denney-disable-on-select
John N. Milner 12 years ago
parent
commit
6a29eda8d9
  1. 10
      Gemfile
  2. 6
      Gemfile.lock
  3. 4
      app/components/app_tab_panel.rb
  4. 11
      app/components/bike_logs.rb
  5. 12
      app/models/user.rb

10
Gemfile

@ -2,18 +2,20 @@ source 'https://rubygems.org'
gem 'rails', '3.2.13' gem 'rails', '3.2.13'
gem 'netzke-cancan'
gem 'netzke-core', '~>0.8.0' gem 'netzke-core', '~>0.8.0'
gem 'netzke-basepack', '~>0.8.0' gem 'netzke-basepack', '~>0.8.0'
gem 'sqlite3', '~> 1.3.5' gem 'acts_as_loggable', :git => 'https://github.com/spacemunkay/acts_as_loggable.git'
gem 'bootstrap-will_paginate', '~> 0.0.6'
gem 'cancan'
gem 'decent_exposure', '~> 1.0.1'
gem 'devise', '~> 2.0.4' gem 'devise', '~> 2.0.4'
gem 'haml-rails', '~> 0.3.4' gem 'haml-rails', '~> 0.3.4'
gem 'jquery-rails', '~> 2.0' gem 'jquery-rails', '~> 2.0'
gem 'decent_exposure', '~> 1.0.1' gem 'sqlite3', '~> 1.3.5'
gem 'will_paginate', '~> 3.0.3' gem 'will_paginate', '~> 3.0.3'
gem 'bootstrap-will_paginate', '~> 0.0.6'
gem 'acts_as_loggable', :git => 'https://github.com/spacemunkay/acts_as_loggable.git'
# Gems used only for assets and not required # Gems used only for assets and not required
# in production environments by default. # in production environments by default.

6
Gemfile.lock

@ -42,6 +42,7 @@ GEM
bootstrap-will_paginate (0.0.9) bootstrap-will_paginate (0.0.9)
will_paginate will_paginate
builder (3.0.4) builder (3.0.4)
cancan (1.6.9)
capybara (1.1.4) capybara (1.1.4)
mime-types (>= 1.16) mime-types (>= 1.16)
nokogiri (>= 1.3.3) nokogiri (>= 1.3.3)
@ -124,6 +125,9 @@ GEM
multi_json (1.7.2) multi_json (1.7.2)
netzke-basepack (0.8.2) netzke-basepack (0.8.2)
netzke-core (~> 0.8.2) netzke-core (~> 0.8.2)
netzke-cancan (0.8.2)
cancan
netzke-core
netzke-core (0.8.3) netzke-core (0.8.3)
execjs execjs
uglifier uglifier
@ -224,6 +228,7 @@ PLATFORMS
DEPENDENCIES DEPENDENCIES
acts_as_loggable! acts_as_loggable!
bootstrap-will_paginate (~> 0.0.6) bootstrap-will_paginate (~> 0.0.6)
cancan
capybara (~> 1.1.2) capybara (~> 1.1.2)
coffee-rails (~> 3.2.1) coffee-rails (~> 3.2.1)
database_cleaner database_cleaner
@ -236,6 +241,7 @@ DEPENDENCIES
jquery-rails (~> 2.0) jquery-rails (~> 2.0)
launchy launchy
netzke-basepack (~> 0.8.0) netzke-basepack (~> 0.8.0)
netzke-cancan
netzke-core (~> 0.8.0) netzke-core (~> 0.8.0)
pry (~> 0.9.8) pry (~> 0.9.8)
rails (= 3.2.13) rails (= 3.2.13)

4
app/components/app_tab_panel.rb

@ -17,7 +17,7 @@ class AppTabPanel < Netzke::Basepack::TabPanel
] ]
#for users #for users
if controller.current_user.user? if controller.current_user.role?(:user)
# (had to use hash for borders to get the title to display properly) # (had to use hash for borders to get the title to display properly)
@@app_tab_panel_items.concat [{ layout: :fit, @@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :user_profile_border, wrappedComponent: :user_profile_border,
@ -28,7 +28,7 @@ class AppTabPanel < Netzke::Basepack::TabPanel
] ]
end end
#for admins #for admins
if controller.current_user.admin? if controller.current_user.role?(:admin)
# (had to use hash for borders to get the title to display properly) # (had to use hash for borders to get the title to display properly)
@@app_tab_panel_items.concat [{ layout: :fit, @@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :users_and_profiles_border, wrappedComponent: :users_and_profiles_border,

11
app/components/bike_logs.rb

@ -30,11 +30,12 @@ class BikeLogs < Netzke::Basepack::Grid
} }
} }
] ]
if controller.current_user.user? #TODO: fix GUI so it actually respects this
c.prohibit_update = true current_bike = Bike.find_by_id(session[:selected_bike_id])
c.prohibit_create = true if cannot? :update, current_bike
c.prohibit_delete = true # if you can't update the bike, you can't do anything to the log
c.prohibit_update = c.prohibit_create = c.prohibit_delete = true
end end
end end

12
app/models/user.rb

@ -24,16 +24,12 @@ class User < ActiveRecord::Base
"#{first_name} #{last_name}" "#{first_name} #{last_name}"
end end
def user? def role
user_role.to_s == "user" user_role.role
end end
def staff? def role?(role)
user_role.to_s == "staff" user_role.to_s == role.to_s
end
def admin?
user_role.to_s == "admin"
end end
def total_hours def total_hours

Loading…
Cancel
Save