class Ability

Public Class Methods

new(user) click to toggle source
# File lib/generators/chaltron/templates/app/models/ability.rb, line 4
def initialize(user)
  # Define abilities for the passed in user here. For example:
  #
  #   user ||= User.new # guest user (not logged in)
  #   if user.admin?
  #     can :manage, :all
  #   else
  #     can :read, :all
  #   end
  #
  # The first argument to `can` is the action you are giving the user
  # permission to do.
  # If you pass :manage it will apply to every action. Other common actions
  # here are :read, :create, :update and :destroy.
  #
  # The second argument is the resource the user can perform the action on.
  # If you pass :all it will apply to every resource. Otherwise pass a Ruby
  # class of the resource.
  #
  # The third argument is an optional hash of conditions to further filter the
  # objects.
  # For example, here the user can only update published articles.
  #
  #   can :update, Article, :published => true
  #
  # See the wiki for details:
  # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
  user ||= User.new
  if user.is?(:user_admin)
    can :manage, User
    if Chaltron.ldap_allow_all
      cannot :edit, User, { provider: 'ldap' }
      cannot :destroy, User, { provider: 'ldap' }
    end
    can :read, Log, category: 'user_admin'
  end
  if user.is?(:admin)
    can :read, Log
  end
end