f8e6e98d3a
When defining abilities, scopes cover more cases because they can be used to check permissions for a record and to filter a collection. Ruby blocks can only be used to check permissions for a record. Note the `Budget::Phase.kind_or_later` name sounds funny, probably because we use the word "phase" for both an an attribute in the budgets table and an object associated with the budget, and so naming methods for a budget phase is a bit tricky.
31 lines
1.2 KiB
Ruby
31 lines
1.2 KiB
Ruby
module Abilities
|
|
class Everyone
|
|
include CanCan::Ability
|
|
|
|
def initialize(user)
|
|
can [:read, :map], Debate
|
|
can [:read, :map, :summary, :share], Proposal
|
|
can :read, Comment
|
|
can :read, Poll
|
|
can :results, Poll, id: Poll.expired.results_enabled.ids
|
|
can :stats, Poll, id: Poll.expired.stats_enabled.ids
|
|
can :read, Poll::Question
|
|
can :read, User
|
|
can [:read, :welcome], Budget
|
|
can [:read], Budget
|
|
can [:read], Budget::Group
|
|
can [:read, :print, :json_data], Budget::Investment
|
|
can :read_results, Budget, id: Budget.finished.results_enabled.ids
|
|
can :read_stats, Budget, id: Budget.valuating_or_later.stats_enabled.ids
|
|
can :read_executions, Budget, phase: "finished"
|
|
can :new, DirectMessage
|
|
can [:read, :debate, :draft_publication, :allegations, :result_publication,
|
|
:proposals, :milestones], Legislation::Process, published: true
|
|
can [:read, :changes, :go_to_version], Legislation::DraftVersion
|
|
can [:read], Legislation::Question
|
|
can [:read, :map, :share], Legislation::Proposal
|
|
can [:search, :comments, :read, :create, :new_comment], Legislation::Annotation
|
|
end
|
|
end
|
|
end
|