CodeOfficer (owner)

Revisions

gist: 174378 Download_button fork
public
Public Clone URL: git://gist.github.com/174378.git
Embed All Files: show embed
Ruby #
raw 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

class JobsController < ApplicationController
 
  before_filter :require_user, :except => [ :index, :show ]
  
  def index    
    @listings = Job.find_by_complex_search(current_user, params).paginate({ :page => params[:page], :per_page => CONFIG['per_page'] })
    flash.now[:notice] = "Sorry, there were no records found." if @listings.blank?
    
    respond_to do |format|
      format.html # index.html.erb
    end
  end
 
  def show
    @listing = Job.find(params[:id])
    raise ResourceNotFound unless @listing.is_showable_by?(current_user)
    @listing.record_impression!(current_user)
    
    respond_to do |format|
      format.html # show.html.erb
    end
  end
 
  def create
    @listing = Job.new(params[:job])
    raise NoPermission unless @listing.is_createable_by?(current_user)
    
    respond_to do |format|
      if @listing.save
        flash[:notice] = flash_for_created_resource(@listing)
        format.html { redirect_to(@listing) }
      else
        format.html { render :action => "new" }
      end
    end
  end
 
  def update
    @listing = Job.find(params[:id])
    raise NoPermission unless @listing.is_editable_by?(current_user)   
    @listing.current_user = current_user
     
    respond_to do |format|
      if @listing.update_attributes(params[:job])
        flash[:notice] = 'Job was successfully updated.'
        format.html { redirect_to(@listing) }
      else
        format.html { render :action => "edit" }
      end
    end
  end
  
  # etc ...
 
end
 
 
class Job < ActiveRecord::Base
  
  default_scope :order => 'jobs.created_at DESC'
  
  include Listable
  include Categorizable
  include Statusable
  include Impressionable
  include Attachable
  include Mappable
  include Fulltextable # must come last
  
  # access rules -------------------------------------------------------------
 
  def is_createable_by?(current_user)
    return true if current_user.try(:has_role?, 'admin')
    return true if current_user.active? 
    return false
  end
 
  def is_showable_by?(current_user)
    return true if current_user.try(:has_role?, 'admin')
    return true if owner.is_a?(User) and owner.eql?(current_user) and !destroyed?
    return true if owner.is_a?(Affiliate) and owner.users.include?(current_user) and !destroyed?
    return true if approved?
    return false 
  end
 
  def is_editable_by?(current_user)
    return true if current_user.try(:has_role?, 'admin')
    return true if owner.is_a?(User) and owner.eql?(current_user) and !destroyed?
    return true if owner.is_a?(Affiliate) and owner.users.include?(current_user) and !destroyed?
    return false 
  end
 
  def is_destroyable_by?(current_user)
    return true if current_user.try(:has_role?, 'admin')
    return false 
  end
  
end