20 lines
385 B
Ruby
20 lines
385 B
Ruby
class Ability
|
|
include CanCan::Ability
|
|
|
|
def initialize(user)
|
|
user ||= User.new # guest user (not logged in)
|
|
|
|
if user.admin?
|
|
can :manage, :all
|
|
elsif user.koelkast?
|
|
can :manage, Order
|
|
elsif user[:id]
|
|
can :read, :all
|
|
can :manage, User, id: user.id
|
|
can :manage, Order do |order|
|
|
order.try(:user) == user
|
|
end
|
|
end
|
|
end
|
|
end
|