Skip to content

Commit

Permalink
fix cancan abilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@mfaerevaag
mfaerevaag committed Jan 30, 2015
1 parent b2d0e82 commit db1b5a9
Show file tree
Hide file tree
Showing 3 changed files with 90 additions and 84 deletions.
20 changes: 9 additions & 11 deletions app/models/ability.rb
View file
Expand Up @@ -9,32 +9,30 @@ def initialize(user)
can :create, User

if user
if user.role == 'super'
if user.admin?
can :manage, :all
else
can :create, [Favourite, Route, Comment, Issue, ReportedIssue, Vote]
can [:vote, :unvote], Issue
can :destroy, [Follow, Favourite, Route] do |t|
t.user.id == user.id
end
if user.role == 'staff'
can :manage, [BlogEntry, Issue, Comment, Vote]
if user.staff?
can :manage, [BlogEntry, Issue, ReportedIssue, Comment, Vote]
end
can [:update, :create], [Favourite, Route] do |t|
t.user.id == user.id
can [:update], [Favourite, Route] do |t|
t.user_id == user.id
end
can [:reorder], Favourite do |t|
t.user.id == user.id
t.user_id == user.id
end
end
end

can :destroy, User do |t|
t.id == user.id
# cannot :delete, User
can :destroy, User do |t|
t.id == user.id
end
end

# cannot :delete, User
end

end
8 changes: 8 additions & 0 deletions app/models/user.rb
View file
Expand Up @@ -227,6 +227,14 @@ def ensure_authentication_token
end
end

def admin?
self.role == 'super'
end

def staff?
self.role == 'staff'
end

private

def generate_authentication_token
Expand Down
146 changes: 73 additions & 73 deletions db/schema.rb
View file
Expand Up @@ -17,108 +17,108 @@
enable_extension "plpgsql"

create_table "blog_entries", force: :cascade do |t|
t.string "title", limit: 255
t.string "title"
t.text "body"
t.string "image", limit: 255
t.string "image"
t.integer "sticky"
t.integer "comments_count"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at"
t.datetime "updated_at"
t.integer "user_id"
end

create_table "comments", force: :cascade do |t|
t.integer "user_id"
t.integer "commentable_id"
t.string "commentable_type", limit: 255
t.string "title", limit: 255
t.string "commentable_type"
t.string "title"
t.text "body"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at"
t.datetime "updated_at"
end

create_table "delayed_jobs", force: :cascade do |t|
t.string "queue", limit: 255
t.integer "priority", default: 0
t.integer "attempts", default: 0
t.string "queue"
t.integer "priority", default: 0
t.integer "attempts", default: 0
t.text "handler"
t.text "last_error"
t.datetime "run_at"
t.datetime "locked_at"
t.datetime "failed_at"
t.string "locked_by", limit: 255
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "locked_by"
t.datetime "created_at"
t.datetime "updated_at"
end

add_index "delayed_jobs", ["priority", "run_at"], name: "delayed_jobs_priority", using: :btree

create_table "favourites", force: :cascade do |t|
t.integer "user_id"
t.string "name", limit: 255
t.string "name"
t.text "address"
t.string "latitude", limit: 255
t.string "longitude", limit: 255
t.string "source", limit: 255
t.string "sub_source", limit: 255
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.integer "position", default: 0
t.string "latitude"
t.string "longitude"
t.string "source"
t.string "sub_source"
t.datetime "created_at"
t.datetime "updated_at"
t.integer "position", default: 0
end

create_table "follows", force: :cascade do |t|
t.integer "user_id"
t.integer "followable_id"
t.string "followable_type", limit: 255
t.boolean "active", default: true
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "followable_type"
t.boolean "active", default: true
t.datetime "created_at"
t.datetime "updated_at"
end

create_table "issues", force: :cascade do |t|
t.integer "user_id"
t.string "title", limit: 255
t.string "title"
t.text "body"
t.string "status", limit: 255
t.integer "comments_count", default: 0
t.integer "votes_count", default: 0
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "image", limit: 255
t.string "status"
t.integer "comments_count", default: 0
t.integer "votes_count", default: 0
t.datetime "created_at"
t.datetime "updated_at"
t.string "image"
end

create_table "reported_issues", force: :cascade do |t|
t.string "error_type", limit: 255
t.string "error_type"
t.text "comment"
t.boolean "is_open", default: true
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.boolean "is_open", default: true
t.datetime "created_at"
t.datetime "updated_at"
t.integer "user_id"
t.string "route_segment", limit: 255
t.string "route_segment"
end

create_table "routes", force: :cascade do |t|
t.integer "user_id"
t.string "from_name", limit: 255
t.string "from_latitude", limit: 255
t.string "from_longitude", limit: 255
t.string "to_name", limit: 255
t.string "to_latitude", limit: 255
t.string "to_longitude", limit: 255
t.string "from_name"
t.string "from_latitude"
t.string "from_longitude"
t.string "to_name"
t.string "to_latitude"
t.string "to_longitude"
t.datetime "start_date"
t.datetime "end_date"
t.text "route_visited_locations"
t.boolean "is_finished", default: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.boolean "is_finished", default: false
t.datetime "created_at"
t.datetime "updated_at"
end

create_table "taggings", force: :cascade do |t|
t.integer "tag_id"
t.integer "taggable_id"
t.string "taggable_type", limit: 255
t.string "taggable_type"
t.integer "tagger_id"
t.string "tagger_type", limit: 255
t.string "tagger_type"
t.string "context", limit: 128
t.datetime "created_at"
end
Expand All @@ -127,59 +127,59 @@
add_index "taggings", ["taggable_id", "taggable_type", "context"], name: "index_taggings_on_taggable_id_and_taggable_type_and_context", using: :btree

create_table "tags", force: :cascade do |t|
t.string "name", limit: 255
t.integer "taggings_count", default: 0
t.string "name"
t.integer "taggings_count", default: 0
end

add_index "tags", ["name"], name: "index_tags_on_name", unique: true, using: :btree

create_table "themes", force: :cascade do |t|
t.integer "user_id"
t.string "title", limit: 255
t.string "title"
t.text "body"
t.integer "sticky"
t.string "image", limit: 255
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "image"
t.datetime "created_at"
t.datetime "updated_at"
end

create_table "themings", force: :cascade do |t|
t.integer "issue_id"
t.integer "theme_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at"
t.datetime "updated_at"
end

create_table "users", force: :cascade do |t|
t.string "name", limit: 255
t.string "email", limit: 255
t.string "name"
t.string "email"
t.text "about"
t.string "image", limit: 255
t.string "authentication_token", limit: 255
t.string "image"
t.string "authentication_token"
t.string "encrypted_password", limit: 128, default: "", null: false
t.string "password_salt", limit: 255, default: "", null: false
t.string "reset_password_token", limit: 255
t.string "password_salt", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "role", limit: 255
t.datetime "created_at"
t.datetime "updated_at"
t.string "role"
t.boolean "notify_by_email", default: true
t.boolean "tester", default: false
t.string "provider", limit: 255
t.string "uid", limit: 255
t.string "confirmation_token", limit: 255
t.string "provider"
t.string "uid"
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.string "account_source", limit: 255, default: "ibikecph"
t.string "unconfirmed_email", limit: 255
t.string "account_source", default: "ibikecph"
t.string "unconfirmed_email"
end

create_table "votes", force: :cascade do |t|
t.integer "user_id"
t.integer "issue_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at"
t.datetime "updated_at"
end

end

0 comments on commit db1b5a9

Please sign in to comment.