2014-12-09 19:44:58 +01:00
|
|
|
class Ability
|
|
|
|
include CanCan::Ability
|
|
|
|
|
|
|
|
def initialize(user)
|
2015-09-14 20:26:16 +02:00
|
|
|
return unless user
|
2015-08-31 14:33:15 +02:00
|
|
|
|
2015-12-31 17:30:57 +01:00
|
|
|
initialize_admin if user.admin?
|
2015-10-29 14:09:52 +01:00
|
|
|
initialize_koelkast if user.koelkast?
|
2015-10-29 14:27:06 +01:00
|
|
|
initialize_user(user)
|
2015-10-29 14:09:52 +01:00
|
|
|
|
2015-10-07 15:52:05 +02:00
|
|
|
can :read, Barcode
|
2015-10-29 14:09:52 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def initialize_admin
|
|
|
|
can :manage, :all
|
|
|
|
end
|
2015-09-20 21:21:18 +02:00
|
|
|
|
2015-10-29 14:09:52 +01:00
|
|
|
def initialize_koelkast
|
|
|
|
can :manage, Order do |order|
|
|
|
|
!order.try(:user).try(:private)
|
|
|
|
end
|
|
|
|
can :quickpay, User
|
|
|
|
end
|
|
|
|
|
2015-10-29 14:27:06 +01:00
|
|
|
def initialize_user(user)
|
2015-10-29 14:09:52 +01:00
|
|
|
can :read, :all
|
|
|
|
can :manage, User, id: user.id
|
2016-02-04 21:03:03 +01:00
|
|
|
can :create, Order do |order|
|
|
|
|
order.user == user
|
|
|
|
end
|
2015-10-29 14:09:52 +01:00
|
|
|
can :destroy, Order do |order|
|
|
|
|
order.try(:user) == user && order.deletable
|
2014-12-09 19:44:58 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|