Created
April 11, 2013 20:12
-
-
Save kelso/5366782 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Ability | |
| include CanCan::Ability | |
| def initialize(user) | |
| alias_action [:index, :show, :new, :create, :edit, :update, :destroy, :finalize], :to => :manage_crud | |
| alias_action [:update_state], :to => :manage_status | |
| user ||= User.new # guest user (not logged in) | |
| case user.role.name.to_sym | |
| when :admin | |
| can :manage, :all | |
| when :central | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| can :read, KeyAccount, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :read, Shop, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :read, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :read, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :read, Site, :floor => { :shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :read, Branding, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| #TODO change to read after creating show action for Forecasts | |
| can [:read, :update, :destroy], Forecast, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| can :read, Budget, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Export data | |
| # | |
| can :create, :data_export | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :read, Order | |
| can :see_price, Order | |
| #==================================================================================== | |
| # User | |
| # | |
| can :manage, User do |u| | |
| #u.role.nil? allows enter to the new action | |
| u.role.nil? || (user.has_same_country?(u) && same_and_lower_roles_in_same_group_for(user).include?(u.role)) | |
| end | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :show, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :show, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :read, Country, :id => user.country_ids | |
| cannot :index, Country | |
| when :tmm | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| #can :new, KeyAccount | |
| can :manage, KeyAccount, :country_id => [user.country_ids, nil].flatten | |
| can :new, KeyAccount | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :manage, Shop, :country_id => [user.country_ids, nil].flatten | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :manage, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :manage, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :manage, Site, :floor => {:shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :manage, Branding, :shop => {:country_id => user.country_ids} | |
| can :new, [Shop, Survey, Site, Floor, Branding] | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| can :manage, Forecast, :country_id => [user.country_ids, nil].flatten | |
| can :new, Forecast | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| can [:read, :update], Budget, :country_id => [user.country_ids, nil].flatten | |
| #==================================================================================== | |
| # Export data | |
| # | |
| can :create, :data_export | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :see_price, Order | |
| can :create, Order | |
| can :order_for_warehouse, Order | |
| #TODO refactor | |
| can :read, Order, Order.within_countries(user.countries) do |o| | |
| user.countries.where(:id => o.country.id).any? | |
| end | |
| can [:update, :destroy], Order, :current_state => ["new", "rejected"] | |
| can [:finalize, :terms], Order, :current_state => ["new", "installed", "pending_approval", "rejected"] | |
| can :manage_status, Order, :current_state => ["new", "pending_approval", "rejected", "installation_approved", "installed"] | |
| #==================================================================================== | |
| # Constellation | |
| # | |
| can_manage_constellation(user) | |
| #==================================================================================== | |
| # User | |
| # | |
| can :manage, User do |u| | |
| #u.role.nil? allows enter to the new action | |
| u.role.nil? || (user.has_same_country?(u) && same_and_lower_roles_in_same_group_for(user).include?(u.role)) | |
| end | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :show, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :show, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :read, Country, :id => user.country_ids | |
| cannot :index, Country | |
| when :kam | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| can :read, KeyAccount, :kam_id => user.id | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :manage, Shop, :key_account => {:kam_id => user.id} | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :manage, Survey, :shop => {:key_account => {:kam_id => user.id}} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :manage, Floor, :shop => {:key_account => {:kam_id => user.id}} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :manage, Site, :floor => { :shop => {:key_account => {:kam_id => user.id}}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :manage, Branding, :shop => {:key_account => {:kam_id => user.id}} | |
| can :new, [Shop,Survey, Floor, Branding, Site] | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| can :manage, Forecast, :key_account => {:kam_id => user.id} | |
| can :new, Forecast | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| # not access | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :see_price, Order | |
| can :create, Order | |
| can :read, Order, :user_id => user.id | |
| can [:update, :destroy], Order, {:user_id => user.id, :current_state => ["new", "rejected"]} | |
| can [:finalize, :terms], Order, :current_state => ["new", "installed", "pending_approval", "rejected"] | |
| can :manage_status, Order, :current_state => ["new", "rejected", "installed"] | |
| #==================================================================================== | |
| # Constellation | |
| # | |
| can_manage_constellation(user) | |
| #==================================================================================== | |
| # User | |
| # | |
| can [:read, :update], User, :id => user.id | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :show, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :show, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :read, Country, :id => user.country_ids | |
| cannot :index, Country | |
| when :"3070_admin" | |
| #==================================================================================== | |
| # ProductionAdmin | |
| # | |
| can :manage, :'3070_admin' | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| can :manage, KeyAccount, :country_id => [user.country_ids, nil].flatten | |
| can :new, KeyAccount | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :manage, Shop, :country_id => [user.country_ids, nil].flatten | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :manage, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :manage, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :manage, Site, :floor => {:shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :manage, Branding, :shop => {:country_id => user.country_ids} | |
| can :new, [Shop, Survey, Site, Floor, Branding] | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| can :manage, Forecast, :country_id => [user.country_ids, nil].flatten | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| can [:read, :update], Budget | |
| #==================================================================================== | |
| # Export data | |
| # | |
| can :create, :data_export | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :manage, Order | |
| #==================================================================================== | |
| # User | |
| # | |
| can :manage, User do |u| | |
| u.role.nil? || (u.role.weight >= user.role.weight) | |
| end | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :manage, KeyAccountGroup, :country_id => [user.country_ids, nil].flatten | |
| can :new, KeyAccountGroup | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :manage, Warehouse, :country_id => [user.country_ids, nil].flatten | |
| can :new, Warehouse | |
| #==================================================================================== | |
| # Product | |
| # | |
| can :manage, Product | |
| #==================================================================================== | |
| # KitchenettePreset | |
| # | |
| can :manage, KitchenettePreset | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :manage, Country, :id => [user.country_ids, nil].flatten | |
| can :new, Country | |
| when :logistics | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :read, Shop, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :read, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :read, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :read, Site, :floor => {:shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :read, Branding, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :read, Order | |
| can :see_price, Order | |
| #TODO refactor | |
| can :manage_status, Order, :current_state => ["ready_for_dispatch", "in_transit", "at_customs"] | |
| #==================================================================================== | |
| # User | |
| # | |
| can [:read, :update], User, :id => user.id | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :show, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :read, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :show, Country, :id => user.country_ids | |
| when :order_processing_supervisor | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| can :read, KeyAccount, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :read, Shop, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :read, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :read, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :read, Site, :floor => {:shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :read, Branding, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| can :read, Forecast, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| can :read, Budget, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :read, Order | |
| can :see_price, Order | |
| can :create, Order | |
| can :order_for_warehouse, Order | |
| can [:update, :destroy], Order, {:user_id => user.id, :current_state => ["new", "pending_approval", "rejected"]} | |
| can :manage_status, Order, :current_state => "approved" | |
| #==================================================================================== | |
| # User | |
| # | |
| can :manage, User do |u| | |
| #u.role.nil? allows enter to the new action | |
| u.role.nil? || (user.has_same_country?(u) && same_and_lower_roles_in_same_group_for(user).include?(u.role)) | |
| end | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :read, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :manage, Warehouse, :country_id => [user.country_ids, nil].flatten | |
| can :new, Warehouse | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| #================================================================================== | |
| # Country | |
| # | |
| can :read, Country, :id => user.country_ids | |
| when :order_observer | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :read, Shop, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :read, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :read, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :read, Site, :floor => {:shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :read, Branding, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :read, Order | |
| can :see_price, Order | |
| #==================================================================================== | |
| # User | |
| # | |
| can [:read, :update], User, :id => user.id | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :show, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :show, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :show, Country, :id => user.country_ids | |
| when :production_supervisor | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :read, Shop, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :read, Survey, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :read, Floor, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Shop Sites | |
| # | |
| can :read, Site, :floor => {:shop => {:country_id => user.country_ids}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :read, Branding, :shop => {:country_id => user.country_ids} | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :read, Order | |
| can :see_price, Order | |
| can :see_cost, Order | |
| #==================================================================================== | |
| # User | |
| # | |
| can :manage, User do |u| | |
| #u.role.nil? allows enter to the new action | |
| u.role.nil? || (user.has_same_country?(u) && same_and_lower_roles_in_same_group_for(user).include?(u.role)) | |
| end | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| # not access | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :read, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| can :see_cost, Product | |
| can :manage, Product | |
| #==================================================================================== | |
| # Kitchenette Preset | |
| # | |
| can :manage, KitchenettePreset | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :read, Country, :id => user.country_ids | |
| when :factory | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Site | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :read, Order, :current_state => ["notice_to_proceed", "in_production", "ready_for_dispatch", "in_transit", "at_customs", "at_warehouse", "installed", "installation_approved"] | |
| can :see_cost, Order | |
| can :manage_status, Order, :current_state => ["notice_to_proceed", "in_production"] | |
| #==================================================================================== | |
| # User | |
| # | |
| can [:read, :update], User, :id => user.id | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| # not access | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| # not access | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_cost, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :show, Country, :id => user.country_ids | |
| when :installation_partner | |
| #==================================================================================== | |
| # KeyAccount | |
| # | |
| can :read, KeyAccount, :installation_partner_id => user.id | |
| #==================================================================================== | |
| # Shop Info | |
| # | |
| can :manage, Shop, :key_account => {:installation_partner_id => user.id} | |
| #==================================================================================== | |
| # Shop Survey | |
| # | |
| can :manage, Survey, :shop => {:key_account => {:installation_partner_id => user.id}} | |
| #==================================================================================== | |
| # Shop Floor | |
| # | |
| can :manage, Floor, :shop => {:key_account => {:installation_partner_id => user.id}} | |
| #==================================================================================== | |
| # Shop Site | |
| # | |
| can :manage, Site, :floor => {:shop => {:key_account => {:installation_partner_id => user.id}}} | |
| #==================================================================================== | |
| # Shop Brands | |
| # | |
| can :manage, Branding, :shop => {:key_account => {:installation_partner_id => user.id}} | |
| can :new, [Shop, Survey, Site, Floor, Branding] | |
| #==================================================================================== | |
| # Forecast | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Budgets | |
| # | |
| # no access | |
| #==================================================================================== | |
| # Order | |
| # | |
| can :create, Order | |
| can :read, Order, ["orders.user_id = ? OR orders.current_state = 'at_warehouse'", user.id] do |o| | |
| o.user_id == user.id or o.current_state == "at_warehouse" | |
| end | |
| can :see_price, Order | |
| can [:update, :destroy], Order, {:user_id => user.id, :current_state => ["new", "rejected"]} | |
| can [:finalize, :terms], Order do |order| | |
| ["new", "rejected","installed", "pending_approval"].include?(order.current_state) | |
| end | |
| can :manage_status, Order do |order| | |
| ["new", "rejected", "at_warehouse"].include?(order.current_state) | |
| end | |
| #==================================================================================== | |
| # User | |
| # | |
| can [:read, :update], User, :id => user.id | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| can :show, KeyAccountGroup, :country_id => user.country_ids | |
| #==================================================================================== | |
| # KeyAccountGroup | |
| # | |
| # not access | |
| #==================================================================================== | |
| # Warehouse | |
| # | |
| can :show, Warehouse, :country_id => user.country_ids | |
| #==================================================================================== | |
| # Product | |
| # | |
| can [:lightbox, :read], Product | |
| can :see_price, Product | |
| cannot :index, Product | |
| #==================================================================================== | |
| # Country | |
| # | |
| can :show, Country, :id => user.country_ids | |
| end | |
| end | |
| private | |
| def can_manage_forecasts(user) | |
| can :create, Forecast | |
| can :manage, Forecast, :country_id => user.country_ids | |
| end | |
| def can_manage_constellation(user) | |
| #TODO restrict on user | |
| can :manage_crud, Constellation, :order => {:current_state => ["new", "pending_approval"]} | |
| end | |
| def same_and_lower_roles_in_same_group_for(user) | |
| Role.same_and_lower_roles(user.role.weight).within_same_groups(user.role.role_group_ids) | |
| end | |
| end | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment