tap/app/models/ability.rb

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)

    if user.admin?
      can :manage, :all
    elsif user.koelkast?
      can :manage, Order
    elsif user[:id]
      can :read, :all
      can :manage, User, id: user.id
      can :manage, Order do |order|
        order.try(:user) == user
      end
    end
  end
end
Add cancan, fix header, add admins 2014-12-09 19:44:58 +01:00			`class Ability`
			`include CanCan::Ability`

			`def initialize(user)`
			`user \|\|= User.new # guest user (not logged in)`
Remove debt from tab and refactor some code 2015-08-31 14:33:15 +02:00
Add cancan, fix header, add admins 2014-12-09 19:44:58 +01:00			`if user.admin?`
			`can :manage, :all`
Add koelkast to users 2015-01-06 20:18:01 +01:00			`elsif user.koelkast?`
			`can :manage, Order`
Add db/seeds and fix two minor bugs 2015-02-10 07:15:25 +01:00			`elsif user[:id]`
Add cancan, fix header, add admins 2014-12-09 19:44:58 +01:00			`can :read, :all`
Remove debt from tab and refactor some code 2015-08-31 14:33:15 +02:00			`can :manage, User, id: user.id`
Fix authorization for orders using cancancan 2015-08-31 15:10:13 +02:00			`can :manage, Order do \|order\|`
			`order.try(:user) == user`
			`end`
Add cancan, fix header, add admins 2014-12-09 19:44:58 +01:00			`end`
			`end`
			`end`