82af488ce3
I'm doing this in preparation for the "Manager" ability, which will require even more refactors of the abilities (for example, manager can not modify their own account)
45 lines
967 B
Ruby
45 lines
967 B
Ruby
module Abilities
|
|
class Common
|
|
include CanCan::Ability
|
|
|
|
def initialize(user)
|
|
self.merge Abilities::Everyone.new(user)
|
|
|
|
can [:read, :update], User, id: user.id
|
|
|
|
can :read, Debate
|
|
can :update, Debate do |debate|
|
|
debate.editable_by?(user)
|
|
end
|
|
|
|
can :read, Proposal
|
|
can :update, Proposal do |proposal|
|
|
proposal.editable_by?(user)
|
|
end
|
|
|
|
can :create, Comment
|
|
can :create, Debate
|
|
can :create, Proposal
|
|
|
|
can [:flag, :unflag], Comment
|
|
cannot [:flag, :unflag], Comment, user_id: user.id
|
|
|
|
can [:flag, :unflag], Debate
|
|
cannot [:flag, :unflag], Debate, author_id: user.id
|
|
|
|
can [:flag, :unflag], Proposal
|
|
cannot [:flag, :unflag], Proposal, author_id: user.id
|
|
|
|
unless user.organization?
|
|
can :vote, Debate
|
|
can :vote, Comment
|
|
end
|
|
|
|
if user.level_two_or_three_verified?
|
|
can :vote, Proposal
|
|
end
|
|
|
|
end
|
|
end
|
|
end
|