snippet.rb

class Ability 
  include CanCan::Ability
  
  # alias_action :index, :show, :to => :read
  # alias_action :new, :to => :create
  # alias_action :edit, :to => :update
  
  def initialize(user)
    if user.role? :admin
      can :manage, :all
    end
    
    if user.role? :moderator
      can :manage, :all
    end
    
    if user.role? :user
      can :update, User
      can :destroy, UserSession
      can :destroy, User
      can :create, List
      can :edit, List do |list_class, current_list|
        current_list.try(:owner) == user
      end
      can :destroy, List do |list_class, current_list|
        current_list.try(:owner) == user
      end
      can :index, List do |list_class, current_list|
        current_list.try(:owner) == user || current_list.try(:public) == true
      end
      can :show, List do |list_class, current_list|
        current_list.try(:owner) == user || current_list.try(:public) == true
      end
    end
    
    if user.role? :guest
      can :create, UserSession
      can :create, User
      can :update, User
      can :create, List do |list_class, current_list|
        user.try(:lists).try(:count) == 1
        current_list.try(:public) = true
        current_list.try(:limiti) = 10
      end
      can :index, List do |list_class, current_list|
        current_list.try(:owner) == user || current_list.try(:public) == true
      end
      can :show, List do |list_class, current_list|
        current_list.try(:owner) == user || current_list.try(:public) == true
      end
      can :destroy, List do |list_class, current_list|
        current_list.try(:owner) == user
      end
    end
  end
end