Home

kristianmandrup edited this page Apr 15, 2012 · 5 revisions

cantango-roles is an extension to CanTango Permits which adds:

Permit system

The permit system iterates over all the registered types of permits and executes all registered permits of each type. The result is a set of Ability rules that work with the CanCan Ability mechanism.

Defining Permits in your app

The app/permits folder will be added to Rails autoloading. The directory layout should be the following:

- /app
  - /permits
    - /permit
      - /role
         - editor.rb
      - /role_group
         - publishers.rb
      -/admin (account)
         - /role
           - editor.rb

Default :editor Role permit (scope less):

module Permit::Role
  class Editor < CanTango::Permit::Role
    def calc_rules
      can :edit, Post
    end

    module Cache
      def calc_rules
        can :edit, Post
      end
    end
  end
end

The :editor Role permit applicable for the Admin scope. Typically the scope is linked to the account (but doesn't have to be).

module Permit::Admin::Role
  class Editor < CanTango::Permit::Role
    def calc_rules
      can :edit, Post if session[:edit_mode]
    end

    modes :no_cache
  end
end

Here the #modes macro is used to indicate that this Permit should only be executed for the :no_cache mode.

Similarly we can define a permit for a publishers role group.

module Permit::Admin::RoleGroup
  class Publishers < CanTango::Permit::RoleGroup
    def calc_rules
      can :edit, Post if session[:edit_mode]
    end

    modes :no_cache
  end
end