WIP: cancan permissions; it breaks stuff!

Gemfile

@@ -2,18 +2,20 @@ source 'https://rubygems.org'
 
 gem 'rails', '3.2.13'
 
+gem 'netzke-cancan'
 gem 'netzke-core', '~>0.8.0'
 gem 'netzke-basepack', '~>0.8.0'
 
 
-gem 'sqlite3', '~> 1.3.5'
+gem 'acts_as_loggable', :git => 'https://github.com/spacemunkay/acts_as_loggable.git'
+gem 'bootstrap-will_paginate', '~> 0.0.6'
+gem 'cancan'
+gem 'decent_exposure', '~> 1.0.1'
 gem 'devise', '~> 2.0.4'
 gem 'haml-rails', '~> 0.3.4'
 gem 'jquery-rails', '~> 2.0'
-gem 'decent_exposure', '~> 1.0.1'
+gem 'sqlite3', '~> 1.3.5'
 gem 'will_paginate', '~> 3.0.3'
-gem 'bootstrap-will_paginate', '~> 0.0.6'
-gem 'acts_as_loggable', :git => 'https://github.com/spacemunkay/acts_as_loggable.git'
 
 # Gems used only for assets and not required
 # in production environments by default.

Gemfile.lock

@@ -42,6 +42,7 @@ GEM
     bootstrap-will_paginate (0.0.9)
       will_paginate
     builder (3.0.4)
+    cancan (1.6.9)
     capybara (1.1.4)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -124,6 +125,9 @@ GEM
     multi_json (1.7.2)
     netzke-basepack (0.8.2)
       netzke-core (~> 0.8.2)
+    netzke-cancan (0.8.2)
+      cancan
+      netzke-core
     netzke-core (0.8.3)
       execjs
       uglifier
@@ -224,6 +228,7 @@ PLATFORMS
 DEPENDENCIES
   acts_as_loggable!
   bootstrap-will_paginate (~> 0.0.6)
+  cancan
   capybara (~> 1.1.2)
   coffee-rails (~> 3.2.1)
   database_cleaner
@@ -236,6 +241,7 @@ DEPENDENCIES
   jquery-rails (~> 2.0)
   launchy
   netzke-basepack (~> 0.8.0)
+  netzke-cancan
   netzke-core (~> 0.8.0)
   pry (~> 0.9.8)
   rails (= 3.2.13)

app/components/app_tab_panel.rb

@@ -17,7 +17,7 @@ class AppTabPanel < Netzke::Basepack::TabPanel
                               ]
 
     #for users
-    if controller.current_user.user?
+    if controller.current_user.role?(:user)
       # (had to use hash for borders to get the title to display properly)
       @@app_tab_panel_items.concat [{ layout: :fit,
                                       wrappedComponent: :user_profile_border,
@@ -28,7 +28,7 @@ class AppTabPanel < Netzke::Basepack::TabPanel
                                     ]
     end
     #for admins
-    if controller.current_user.admin?
+    if controller.current_user.role?(:admin)
       # (had to use hash for borders to get the title to display properly)
       @@app_tab_panel_items.concat [{ layout: :fit,
                                       wrappedComponent: :users_and_profiles_border,

app/components/bike_logs.rb

@@ -30,11 +30,12 @@ class BikeLogs < Netzke::Basepack::Grid
                                               }
       }
     ]
-    
+
-    if controller.current_user.user?
+    #TODO: fix GUI so it actually respects this
-      c.prohibit_update = true
+    current_bike = Bike.find_by_id(session[:selected_bike_id]) 
-      c.prohibit_create = true
+    if cannot? :update, current_bike
-      c.prohibit_delete = true
+      # if you can't update the bike, you can't do anything to the log
+      c.prohibit_update = c.prohibit_create = c.prohibit_delete = true
     end
 
   end

app/models/user.rb

@@ -24,16 +24,12 @@ class User < ActiveRecord::Base
     "#{first_name} #{last_name}"
   end
 
-  def user?
+  def role
-    user_role.to_s == "user"
+    user_role.role
   end
 
-  def staff?
+  def role?(role)
-    user_role.to_s == "staff"
+    user_role.to_s == role.to_s
-  end
-
-  def admin?
-    user_role.to_s == "admin"
   end
 
   def total_hours