Browse Source

Merge pull request #14 from spacemunkay/jnm-cancan

cancan
denney-disable-on-select
jnm 12 years ago
parent
commit
ac9e5718c7
  1. 10
      Gemfile
  2. 6
      Gemfile.lock
  3. 4
      app/components/app_tab_panel.rb
  4. 11
      app/components/bike_brands.rb
  5. 12
      app/components/bike_logs.rb
  6. 11
      app/components/bike_models.rb
  7. 11
      app/components/transaction_logs.rb
  8. 12
      app/components/user_logs.rb
  9. 14
      app/components/user_profiles.rb
  10. 11
      app/components/user_transactions.rb
  11. 28
      app/models/ability.rb
  12. 12
      app/models/user.rb

10
Gemfile

@ -2,18 +2,20 @@ source 'https://rubygems.org'
gem 'rails', '3.2.13'
gem 'netzke-cancan'
gem 'netzke-core', '~>0.8.0'
gem 'netzke-basepack', '~>0.8.0'
gem 'sqlite3', '~> 1.3.5'
gem 'acts_as_loggable', :git => 'https://github.com/spacemunkay/acts_as_loggable.git'
gem 'bootstrap-will_paginate', '~> 0.0.6'
gem 'cancan'
gem 'decent_exposure', '~> 1.0.1'
gem 'devise', '~> 2.0.4'
gem 'haml-rails', '~> 0.3.4'
gem 'jquery-rails', '~> 2.0'
gem 'decent_exposure', '~> 1.0.1'
gem 'sqlite3', '~> 1.3.5'
gem 'will_paginate', '~> 3.0.3'
gem 'bootstrap-will_paginate', '~> 0.0.6'
gem 'acts_as_loggable', :git => 'https://github.com/spacemunkay/acts_as_loggable.git'
# Gems used only for assets and not required
# in production environments by default.

6
Gemfile.lock

@ -42,6 +42,7 @@ GEM
bootstrap-will_paginate (0.0.9)
will_paginate
builder (3.0.4)
cancan (1.6.9)
capybara (1.1.4)
mime-types (>= 1.16)
nokogiri (>= 1.3.3)
@ -124,6 +125,9 @@ GEM
multi_json (1.7.2)
netzke-basepack (0.8.2)
netzke-core (~> 0.8.2)
netzke-cancan (0.8.2)
cancan
netzke-core
netzke-core (0.8.3)
execjs
uglifier
@ -224,6 +228,7 @@ PLATFORMS
DEPENDENCIES
acts_as_loggable!
bootstrap-will_paginate (~> 0.0.6)
cancan
capybara (~> 1.1.2)
coffee-rails (~> 3.2.1)
database_cleaner
@ -236,6 +241,7 @@ DEPENDENCIES
jquery-rails (~> 2.0)
launchy
netzke-basepack (~> 0.8.0)
netzke-cancan
netzke-core (~> 0.8.0)
pry (~> 0.9.8)
rails (= 3.2.13)

4
app/components/app_tab_panel.rb

@ -17,7 +17,7 @@ class AppTabPanel < Netzke::Basepack::TabPanel
]
#for users
if controller.current_user.user?
if controller.current_user.role?(:user)
# (had to use hash for borders to get the title to display properly)
@@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :user_profile_border,
@ -28,7 +28,7 @@ class AppTabPanel < Netzke::Basepack::TabPanel
]
end
#for admins
if controller.current_user.admin?
if controller.current_user.role?(:admin)
# (had to use hash for borders to get the title to display properly)
@@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :users_and_profiles_border,

11
app/components/bike_brands.rb

@ -4,17 +4,16 @@ class BikeBrands < Netzke::Basepack::Grid
c.model = "BikeBrand"
c.title = "Brands"
if controller.current_user.user?
c.prohibit_update = true
c.prohibit_create = true
c.prohibit_delete = true
end
c.prohibit_update = true if cannot? :update, BikeBrand
c.prohibit_create = true if cannot? :create, BikeBrand
c.prohibit_delete = true if cannot? :delete, BikeBrand
end
#override with nil to remove actions
def default_bbar
bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
bbar.concat [ :apply ] if can? :update, BikeBrand
bbar.concat [ :add_in_form ] if can? :create, BikeBrand
bbar
end
end

12
app/components/bike_logs.rb

@ -31,10 +31,11 @@ class BikeLogs < Netzke::Basepack::Grid
}
]
if controller.current_user.user?
c.prohibit_update = true
c.prohibit_create = true
c.prohibit_delete = true
#TODO: fix GUI so it actually respects this
current_bike = Bike.find_by_id(session[:selected_bike_id])
if cannot? :update, current_bike
# if you can't update the bike, you can't do anything to the log
c.prohibit_update = c.prohibit_create = c.prohibit_delete = true
end
end
@ -53,7 +54,8 @@ class BikeLogs < Netzke::Basepack::Grid
#override with nil to remove actions
def default_bbar
bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
bbar.concat [ :apply ] if can? :update, ::ActsAsLoggable::Log
bbar.concat [ :add_in_form ] if can? :create, ::ActsAsLoggable::Log
bbar
end
=end

11
app/components/bike_models.rb

@ -14,17 +14,16 @@ class BikeModels < Netzke::Basepack::Grid
{ :name => :model }
]
if controller.current_user.user?
c.prohibit_update = true
c.prohibit_create = true
c.prohibit_delete = true
end
c.prohibit_update = true if cannot? :update, BikeModel
c.prohibit_create = true if cannot? :create, BikeModel
c.prohibit_delete = true if cannot? :delete, BikeModel
end
#override with nil to remove actions
def default_bbar
bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
bbar.concat [ :apply ] if can? :update, BikeModel
bbar.concat [ :add_in_form ] if can? :create, BikeModel
bbar
end
end

11
app/components/transaction_logs.rb

@ -29,11 +29,9 @@ class TransactionLogs < Netzke::Basepack::Grid
}
]
if controller.current_user.user?
c.prohibit_update = true
c.prohibit_create = true
c.prohibit_delete = true
end
c.prohibit_update = true if cannot? :update, ::ActsAsLoggable::Log
c.prohibit_create = true if cannot? :create, ::ActsAsLoggable::Log
c.prohibit_delete = true if cannot? :delete, ::ActsAsLoggable::Log
end
@ -60,7 +58,8 @@ class TransactionLogs < Netzke::Basepack::Grid
#override with nil to remove actions
def default_bbar
bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
bbar.concat [ :apply ] if can? :update, ::ActsAsLoggable::Log
bbar.concat [:add_in_form ] if can? :create, ::ActsAsLoggable::Log
bbar
end

12
app/components/user_logs.rb

@ -14,16 +14,16 @@ class UserLogs < Netzke::Basepack::Grid
:copy_action_id => 4
}
#just users
if controller.current_user.user?
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => controller.current_user.id)}
user_log_strong_default_attrs.merge!( { :loggable_id => controller.current_user.id } )
user_log_data_store = {auto_load: true }
if can? :manage, ::ActsAsLoggable::Log
#admins and staff
else
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => session[:selected_user_id]);}
user_log_strong_default_attrs.merge!( { :loggable_id => session[:selected_user_id] } )
user_log_data_store = {auto_load: true }
else
#just users
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => controller.current_user.id)}
user_log_strong_default_attrs.merge!( { :loggable_id => controller.current_user.id } )
user_log_data_store = {auto_load: true }
end
c.model = "ActsAsLoggable::Log"

14
app/components/user_profiles.rb

@ -3,18 +3,18 @@ class UserProfiles < Netzke::Basepack::Grid
def configure(c)
super
if controller.current_user.user?
user_profiles_scope = lambda { |rel| rel.where(:user_id => controller.current_user.id);}
user_profiles_data_store = { auto_load: true }
user_profile_strong_default_attrs = {
:user_id => controller.current_user.id
}
else
if can? :manage, UserProfile
user_profiles_scope = lambda { |rel| rel.where(:user_id => session[:selected_user_id]);}
user_profiles_data_store = { auto_load: false}
user_profile_strong_default_attrs = {
:user_id => session[:selected_user_id]
}
else
user_profiles_scope = lambda { |rel| rel.where(:user_id => controller.current_user.id);}
user_profiles_data_store = { auto_load: true }
user_profile_strong_default_attrs = {
:user_id => controller.current_user.id
}
end
c.model = "UserProfile"

11
app/components/user_transactions.rb

@ -24,17 +24,16 @@ class UserTransactions < Netzke::Basepack::Grid
:created_at
]
if controller.current_user.user?
c.prohibit_update = true
c.prohibit_create = true
c.prohibit_delete = true
end
c.prohibit_update = true if cannot? :update, Transaction
c.prohibit_create = true if cannot? :create, Transaction
c.prohibit_delete = true if cannot? :delete, Transaction
end
#override with nil to remove actions
def default_bbar
bbar = [ :search ]
bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
bbar.concat [ :apply ] if can? :update, Transaction
bbar.concat [ :add_in_form ] if can? :create, Transaction
bbar
end
end

28
app/models/ability.rb

@ -0,0 +1,28 @@
class Ability
include CanCan::Ability
def initialize(current_user)
@current_user = current_user
self.send(current_user.role.to_sym)
end
def admin
can :manage, :all
end
def staff
can :manage, :all
end
def bike_admin
can :manage, Bike
can :manage, ::ActsAsLoggable::Log, :loggable_type => "Bike"
end
def user
can :read, :all
can :update, Bike, :id => @current_user.bike_id unless @current_user.bike.nil?
can :manage, ::ActsAsLoggable::Log, { :loggable_type => "Bike", :loggable_id => @current_user.bike_id }
can :manage, ::ActsAsLoggable::Log, { :loggable_type => "User", :loggable_id => @current_user.id }
end
end

12
app/models/user.rb

@ -24,16 +24,12 @@ class User < ActiveRecord::Base
"#{first_name} #{last_name}"
end
def user?
user_role.to_s == "user"
def role
user_role.role
end
def staff?
user_role.to_s == "staff"
end
def admin?
user_role.to_s == "admin"
def role?(role)
user_role.to_s == role.to_s
end
def total_hours

Loading…
Cancel
Save