consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
245594f32b8f4ca8408a6ff61d099df5dcfbe84e
grecia/app/models/abilities/common.rb
Julian Herrero 245594f32b Don't allow to modify answer's images for started polls 
Note that the `create` action doesn't create an image but updates an
answer instead. We're removing the references to `:create` in the
abilities since it isn't used.

In the future we might change the form to add an image to an answer
because it's been broken for ages since it shows all the attached
images.
2022-09-20 17:50:49 +02:00

126 lines
3.8 KiB
Ruby
Raw Blame History

module Abilities
class Common
include CanCan::Ability
def initialize(user)
merge Abilities::Everyone.new(user)
can [:read, :update], User, id: user.id
can :read, Debate
can :update, Debate do |debate|
debate.editable_by?(user)
end
can :read, Proposal
can :update, Proposal do |proposal|
proposal.editable_by?(user)
end
can :publish, Proposal do |proposal|
proposal.draft? && proposal.author.id == user.id && !proposal.retired?
end
can :dashboard, Proposal do |proposal|
proposal.author.id == user.id
end
can :manage_polls, Proposal do |proposal|
proposal.author.id == user.id
end
can :manage_mailing, Proposal do |proposal|
proposal.author.id == user.id
end
can :manage_poster, Proposal do |proposal|
proposal.author.id == user.id
end
can :results, Poll do |poll|
poll.related&.author&.id == user.id
end
can [:retire_form, :retire], Proposal, author_id: user.id
can :read, Legislation::Proposal
can [:retire_form, :retire], Legislation::Proposal, author_id: user.id
can :create, Comment
can :create, Debate
can [:create, :created], Proposal
can :create, Legislation::Proposal
can :hide, Comment, user_id: user.id
can :suggest, Debate
can :suggest, Proposal
can :suggest, Legislation::Proposal
can :suggest, Tag
can [:flag, :unflag], Comment
cannot [:flag, :unflag], Comment, user_id: user.id
can [:flag, :unflag], Debate
cannot [:flag, :unflag], Debate, author_id: user.id
can [:flag, :unflag], Proposal
cannot [:flag, :unflag], Proposal, author_id: user.id
can [:flag, :unflag], Legislation::Proposal
cannot [:flag, :unflag], Legislation::Proposal, author_id: user.id
can [:flag, :unflag], Budget::Investment
cannot [:flag, :unflag], Budget::Investment, author_id: user.id
can [:create, :destroy], Follow, user_id: user.id
can [:destroy], Document do |document|
document.documentable&.author_id == user.id
end
can [:destroy], Image do |image|
image.imageable_type != "Poll::Question::Answer" && image.imageable&.author_id == user.id
end
can [:create, :destroy], DirectUpload
unless user.organization?
can :vote, Debate
can :vote, Comment
end
if user.level_two_or_three_verified?
can :vote, Proposal, &:published?
can :vote, Legislation::Proposal
can :create, Legislation::Answer
can :create, Budget::Investment, budget: { phase: "accepting" }
can :update, Budget::Investment, budget: { phase: "accepting" }, author_id: user.id
can :suggest, Budget::Investment, budget: { phase: "accepting" }
can :destroy, Budget::Investment, budget: { phase: ["accepting", "reviewing"] }, author_id: user.id
can [:create, :destroy], ActsAsVotable::Vote,
voter_id: user.id,
votable_type: "Budget::Investment",
votable: { budget: { phase: "selecting" }}
can [:show, :create], Budget::Ballot, budget: { phase: "balloting" }
can [:create, :destroy], Budget::Ballot::Line, budget: { phase: "balloting" }
can :create, DirectMessage
can :show, DirectMessage, sender_id: user.id
can :answer, Poll do |poll|
poll.answerable_by?(user)
end
can :answer, Poll::Question do |question|
question.answerable_by?(user)
end
end
can [:create, :show], ProposalNotification, proposal: { author_id: user.id }
can [:create], Topic
can [:update, :destroy], Topic, author_id: user.id
can :disable_recommendations, [Debate, Proposal]
end
end
end
Reference in New Issue View Git Blame Copy Permalink