Skip to content

Instantly share code, notes, and snippets.

@eduardordm

eduardordm/Ability.rb

Created April 11, 2011 18:03
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save eduardordm/913950 to your computer and use it in GitHub Desktop.
Save eduardordm/913950 to your computer and use it in GitHub Desktop.
Download ZIP
Ability Class, from ActiveRecord
Raw
_item.html.erb
<!-- CUT TO _banco.html.erb -->
<tr>
<td><%= bank.code %></td>
<td><%= bank.name %></td>
<td><%= bank.cnpj8 %></td>
<td id="td_action">
<% if can? :read, Bank %> <%= link_to (row_link 'show'), bank %><% end %>
<% if can? :update, Bank %> <%= link_to (row_link 'edit'), edit_bank_path(bank) %><% end %>
<% if can? :destroy, Bank %><%= link_to (row_link 'delete'), bank, :confirm => 'Sure?', :method => :delete %><% end %>
</td>
</tr>
<!-- END CUT TO -->
Raw
Ability.rb
# encoding: utf-8
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest
user.roles.each do |role|
role.permissions.each do |permission|
if permission.subject_class == 'all'
v_class = :all
else
v_class = permission.subject_class.constantize
end
if permission.subject_id.nil?
can permission.action.to_sym, v_class
else
can permission.action.to_sym, v_class, :id => permission.subject_id
end
end
end
end
end
Raw
BanksController.rb
...
helper_method :permission
def self.permission
return Bank.name, "Nice Banks Caption"
end
Raw
wherever_you_want.rb
def setup_actions_controllers_db
write_permission("all", "manage", "Everything", "Every Action", true)
controllers = Dir.new("#{RAILS_ROOT}/app/controllers").entries
controllers.each do |controller|
if controller =~ /_controller/
c_instance = controller.camelize.gsub(".rb","").constantize.new
end
end
RestrictController.subclasses.each do |controller|
is_rest = controller.respond_to?(:index) && controller.respond_to?(:new) && controller.respond_to?(:create) && controller.respond_to?(:update) && controller.respond_to?(:edit) && controller.respond_to?(:show) && controller.respond_to?(:delete)
if controller.respond_to?(:permission)
clazz, description = controller.permission
write_permission(clazz, "manage", description, "Every Action")
controller.action_methods.each do |action|
if action.to_s.index("_callback").nil?
action_desc, cancan_action = eval_cancan_action(action)
write_permission(clazz, cancan_action, description, action_desc)
end
end
end
end
end
# This looks DAMN ugly, needs fixing.
def eval_cancan_action(action)
case action.to_s
when "index", "show", "search"
cancan_action = "read"
action_desc = "Read-only"
when "create", "new"
cancan_action = "create"
action_desc = "Insert only"
when "edit", "update"
cancan_action = "update"
action_desc = "Update Only"
when "delete", "destroy"
cancan_action = "delete"
action_desc = "Delete Only"
else
cancan_action = action.to_s
action_desc = "Others: " << cancan_action
end
return action_desc, cancan_action
end
def write_permission(class_name, cancan_action, name, description, force_id_1 = false)
permission = Permission.find(:first, :conditions => ["subject_class = ? and action = ?", class_name, cancan_action])
if not permission
permission = Permission.new
permission.id = 1 unless not force_id_1
permission.subject_class = class_name
permission.action = cancan_action
permission.name = name
permission.description = description
permission.save
else
permission.name = name
permission.description = description
permission.save
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment