Created
February 1, 2012 08:34
-
-
Save mokevnin/1715959 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
YaAcl::Builder.build do | |
roles do | |
role :admin, :name => 'Администратор' | |
role :remote_operator, :name => 'Удаленный Оператор' | |
role :editor, :name => 'Редактор' | |
role :taxonom, :name => 'Таксоном' | |
role :operator, :name => 'Оператор' | |
role :solo_operator, :name => 'Соло Оператор' | |
role :transcripter, :name => 'Транскриптер' | |
role :transcripts_editor, :name => 'Редактор транскриптов' | |
role :temer, :name => 'Темер' | |
role :boosted, :name => 'Распознаватель дубликат-сюжетов' | |
role :guest, :name => 'Гость' | |
end | |
asserts do | |
assert :owner, [:user_id, :another_user_id] do | |
user_id == another_user_id | |
end | |
assert :owner_type, [:owner_type] do | |
owner_type == 'Episode' | |
end | |
assert :not_clone, [:episode] do | |
episode.editable? | |
end | |
assert :format_json, [:format] do | |
format == 'json' | |
end | |
assert :episode_deleted, [:episode] do | |
!episode.deleted? | |
end | |
assert :episode_lock, [:episode, :user_id] do | |
episode.episode_lock && episode.episode_lock.owner_id == user_id | |
end | |
assert :episode_user, [:episode, :user_id] do | |
episode.user_id == user_id | |
end | |
assert :episode_editor, [:episode] do | |
statuses = [Episode::UNAPPROVED, Episode::NEED_TITLE, Episode::NEED_TAGS, Episode::NEED_APPROVE, Episode::APPROVED] | |
statuses.include? episode.workflow_status | |
end | |
assert :episode_operators, [:episode] do | |
statuses = [Episode::UNAPPROVED, Episode::NEED_TITLE, Episode::NEED_TAGS, Episode::NEED_APPROVE] | |
statuses.include? episode.workflow_status | |
end | |
assert :not_root_dvag, [:dvag] do | |
dvag.parent_id != nil | |
end | |
end | |
resources :admin do | |
resource 'ProfilesController', [:operator, :solo_operator, :remote_operator] do | |
privilege :edit | |
privilege :update | |
end | |
resource 'UsersController' do | |
privilege :autocomplete, [:editor] | |
privilege :permissions, [:taxonom, :operator, :solo_operator, :editor, :remote_operator, :transcripter] | |
privilege :block | |
privilege :index, [:editor] do | |
assert :format_json, [:editor] | |
end | |
privilege :show | |
privilege :edit | |
privilege :list | |
privilege :new | |
privilege :create | |
privilege :update | |
privilege :destroy | |
end | |
resource 'TaxonomsController' do | |
privilege :show, [:operator, :solo_operator, :remote_operator, :editor, :taxonom] | |
privilege :trash | |
privilege :search, [:operator, :solo_operator, :editor, :remote_operator, :taxonom] | |
privilege :new, [:taxonom] | |
privilege :label, [:taxonom] | |
privilege :load_new_episodes, [:operator, :solo_operator, :editor, :taxonom] | |
end | |
resource 'TranscriptsController' do | |
privilege :new_orders, [:transcripter] | |
privilege :partial, [:transcripter] | |
privilege :for_approve, [:transcripts_editor] | |
privilege :partially_approved, [:transcripts_editor] | |
privilege :ready | |
privilege :deleted | |
privilege :unprocessed, [:transcripter, :transcripts_editor] | |
privilege :editor, [:transcripts_editor] | |
privilege :show, [:transcripter, :transcripts_editor] | |
privilege :diff, [:transcripts_editor] | |
privilege :my | |
privilege :my_approve | |
privilege :index, [:transcripter, :transcripts_editor] | |
privilege :update, [:transcripter, :transcripts_editor] | |
privilege :bans | |
privilege :unban | |
privilege :ban_transcripter, [:transcripts_editor] | |
privilege :destroy | |
privilege :undestroy | |
privilege :reset | |
privilege :touch, [:transcripter, :transcripts_editor] | |
privilege :all_user_stats | |
privilege :user_stats, [:transcripter, :transcripts_editor] do # current_user_id, stat_user_id | |
assert :owner, [:transcripter, :transcripts_editor] | |
end | |
privilege :edit, [:transcripter, :transcripts_editor] | |
end | |
resource 'EditorsController' do | |
privilege :show, [:editor] | |
privilege :remote, [:editor] | |
privilege :approve, [:editor] | |
privilege :resurrect, [:editor] | |
privilege :bury | |
privilege :rename, [:editor] | |
privilege :end, [:editor] | |
privilege :elevate_priority, [:editor] | |
privilege :destroy, [:editor] | |
privilege :replace_name_and_tags, [:editor] | |
privilege :new_dvags, [:editor] | |
privilege :anchors, [:editor] | |
privilege :player_anchors, [:editor] | |
privilege :users_rating, [:editor] | |
privilege :users_stat | |
privilege :remoters_stat | |
privilege :list_report_users | |
privilege :show_report_params | |
privilege :generate_reports | |
privilege :delayed_episodes | |
privilege :my_approved, [:editor] | |
privilege :shifts_stat | |
privilege :episodes_stat, [:editor] | |
privilege :editors_stat | |
privilege :stats, [:editor] | |
privilege :rename, [:editor] | |
privilege :player_anchors, [:editor] | |
privilege :new_dvags, [:editor] | |
privilege :isolated, [:editor] | |
end | |
resource 'AirBlocksController' do | |
privilege :get_unprocessed | |
privilege :view | |
privilege :show | |
privilege :update | |
privilege :edit | |
privilege :destroy | |
privilege :touch | |
privilege :processed | |
end | |
resource 'AnchorDvagsController', [:editor] do | |
privilege :update do | |
assert :not_clone | |
assert :episode_deleted | |
assert :episode_editor | |
end | |
privilege :destroy do | |
assert :not_clone | |
assert :episode_deleted | |
assert :episode_editor | |
end | |
end | |
resource 'AnchorTagsController', [:taxonom, :editor] do | |
privilege :create | |
privilege :update | |
privilege :destroy | |
end | |
resource 'AnchorsController' do | |
privilege :index, [:editor, :operator, :solo_operator, :remote_operator] | |
privilege :show, [:guest, :transcripter, :transcripts_editor, :temer, :taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :create, [:editor, :operator] do | |
assert :episode_deleted | |
assert :not_clone | |
assert :episode_editor, [:editor] | |
assert :episode_operators, [:operator] | |
assert :episode_lock, [:operator] | |
end | |
privilege :update, [:editor, :operator, :solo_operator] do | |
assert :episode_deleted | |
assert :not_clone | |
assert :episode_editor, [:editor] | |
assert :episode_operators, [:operator, :solo_operator] | |
assert :episode_lock, [:operator, :solo_operator] | |
end | |
privilege :destroy, [:editor, :operator, :solo_operator, :remote_operator] do | |
assert :episode_deleted | |
assert :not_clone | |
assert :episode_editor, [:editor] | |
assert :episode_operators, [:operator, :solo_operator, :remote_operator] | |
assert :episode_lock, [:operator, :solo_operator, :remote_operator] | |
end | |
end | |
resource 'ChannelsController', [:taxonom, :editor, :operator, :solo_operator, :remote_operator] do | |
privilege :index | |
end | |
resource 'DupesController', [:editor] do | |
privilege :show | |
privilege :approve | |
end | |
resource 'DvagsController' do | |
privilege :index, [:editor, :solo_operator, :operator, :taxonom] | |
privilege :create, [:taxonom] | |
privilege :by_type, [:editor, :solo_operator, :operator] | |
privilege :roots, [:editor, :solo_operator, :operator, :taxonom] | |
privilege :show, [:editor, :solo_operator, :operator, :taxonom] | |
privilege :reexport, [:editor, :solo_operator, :operator, :taxonom] | |
privilege :to_trash, [:taxonom] | |
privilege :destroy | |
privilege :move_to, [:taxonom] | |
privilege :move_trashed | |
privilege :make_synonym_to, [:taxonom] | |
privilege :autocomplete, [:editor, :solo_operator, :operator, :taxonom] | |
privilege :change_name, [:taxonom] | |
privilege :restore | |
end | |
resource 'EpisodeDvagsController', [:editor] do | |
privilege :update do | |
assert :not_clone | |
assert :episode_deleted | |
assert :episode_editor, [:editor] | |
assert :episode_operators, [:remote_operator, :solo_operator, :operator] | |
assert :episode_lock, [:remote_operator, :solo_operator, :operator] | |
end | |
privilege :destroy do | |
assert :not_clone | |
assert :episode_deleted | |
assert :episode_editor, [:editor] | |
assert :episode_operators, [:remote_operator, :solo_operator, :operator] | |
assert :episode_lock, [:remote_operator, :solo_operator, :operator] | |
end | |
end | |
resource 'EpisodeTagsController', [:editor] do | |
privilege :create | |
privilege :update, [:taxonom] | |
privilege :destroy | |
end | |
resource 'EpisodesController' do | |
privilege :index, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :my_marked | |
privilege :my, [:remote_operator] | |
privilege :my_training, [:remote_operator] | |
privilege :raw_feed, [:boosted, :taxonom, :editor, :operator, :solo_operator, :remote_operator] # дергается ботами | |
privilege :incomplete_feed, [:boosted, :taxonom, :editor, :operator, :solo_operator, :remote_operator] # дергается ботами | |
privilege :list, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :first_unapproved, [:operator, :solo_operator, :remote_operator] | |
privilege :create, [:operator, :solo_operator] | |
privilege :show, [:transcripter, :transcripts_editor, :temer, :taxonom, :editor, :operator, :solo_operator, :remote_operator] do | |
assert :episode_deleted, [:transcripter, :transcripts_editor, :temer, :taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
end | |
privilege :edit, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :slice, [:editor, :operator, :solo_operator] do | |
assert :episode_deleted, [:editor, :solo_operator, :operator] | |
assert :episode_user, [:operator, :solo_operator] | |
end | |
privilege :update, [:editor, :operator, :solo_operator, :remote_operator, :temer] do | |
assert :not_clone | |
assert :episode_deleted | |
assert :episode_editor, [:editor] | |
assert :episode_operators, [:remote_operator, :solo_operator, :operator] | |
assert :episode_lock, [:remote_operator, :solo_operator, :operator] | |
end | |
privilege :reexport, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :destroy, [:editor, :operator, :solo_operator] | |
privilege :by_tag, [:taxonom] | |
privilege :touch, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :unqueue, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :editor, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :approve, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
privilege :topic, [:temer] | |
privilege :sub_titles, [:taxonom, :editor, :operator, :solo_operator, :remote_operator] | |
end | |
resource 'HomeController' do | |
privilege :index, [:transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] | |
privilege :sanity, [:guest] | |
end | |
resource 'PaymentsController' do | |
privilege :index, [:remote_operator] | |
end | |
resource 'PlayersController', [:remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor, :transcripter] do | |
privilege :show | |
end | |
resource 'SessionsController' do | |
privilege :new, [:guest] | |
privilege :show, [:guest] | |
privilege :create, [:guest] | |
privilege :destroy, [:transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] | |
end | |
resource 'SubTitlesController' do | |
privilege :create | |
end | |
resource 'SynonymsController', [:taxonom] do | |
privilege :destroy | |
end | |
resource 'TagsController', [:operator, :solo_operator, :remote_operator, :editor, :taxonom] do | |
privilege :index | |
privilege :update | |
privilege :destroy | |
privilege :approve | |
end | |
resource 'TagsDvagsController', [:taxonom] do | |
privilege :show | |
privilege :create | |
privilege :destroy | |
end | |
resource 'TopicsController', [:temer] do | |
privilege :index | |
privilege :autocomplete | |
end | |
resource 'Backend::BackendController', [:guest] do | |
privilege :show | |
end | |
resource 'Backend::DvagsController', [:guest] do | |
privilege :show | |
end | |
resource 'Backend::EpisodesController', [:guest] do | |
privilege :show | |
end | |
resource 'Remotes::DescriptionsController' do | |
privilege :show, [:guest, :boosted, :transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] | |
privilege :edit | |
privilege :update | |
end | |
resource 'Remotes::GrammarTasksController' do | |
privilege :index | |
privilege :new | |
privilege :create | |
privilege :show | |
privilege :edit | |
privilege :update | |
privilege :destroy | |
end | |
resource 'Remotes::GrammarTestsController' do | |
privilege :index | |
privilege :new, [:guest, :boosted, :transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] | |
privilege :show | |
privilege :create, [:guest, :boosted, :transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] | |
privilege :destroy | |
end | |
resource 'Remotes::UsersController', [:guest, :boosted, :transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] do | |
privilege :new | |
privilege :create | |
privilege :success | |
end | |
resource 'Admin::AuditLogsController' do | |
privilege :short | |
privilege :raw | |
privilege :raw_short | |
privilege :raw_short, [:remote_operator] do | |
assert :owner_type, [:remote_operator] | |
end | |
end | |
resource 'Admin::ChannelsController' do | |
privilege :index | |
privilege :edit | |
privilege :list | |
privilege :full_stats | |
privilege :stats | |
privilege :update | |
privilege :master | |
privilege :destroy | |
privilege :update_master | |
privilege :publish | |
privilege :update_from_master | |
privilege :download | |
end | |
resource 'Admin::EpisodesController' do | |
privilege :index, [:temer, :taxonom, :editor] | |
privilege :show, [:taxonom, :editor] | |
privilege :filter, [:temer, :taxonom, :editor] | |
privilege :deleted | |
privilege :queue, [:editor] | |
privilege :last_hundred | |
privilege :last_day, [:temer, :taxonom, :editor] | |
privilege :titles, [:editor] | |
privilege :by_user | |
privilege :channel, [:taxonom, :editor] | |
privilege :spot_info, [:taxonom, :editor] | |
privilege :dashboard, [:editor] | |
privilege :search, [:temer, :taxonom, :editor] | |
privilege :training, [:editor] | |
privilege :isolated, [:editor] | |
privilege :endless, [:editor] | |
privilege :unresolved_dupes, [:editor] | |
end | |
resource 'Admin::MonitoringController' do | |
privilege :index | |
privilege :channels | |
end | |
resource 'Admin::PaymentsController' do | |
privilege :index | |
end | |
resource 'Admin::StopWordsController' do | |
privilege :index | |
privilege :create | |
privilege :update | |
privilege :destroy | |
end | |
resource 'Admin::TagsController', [:taxonom] do | |
privilege :index | |
privilege :by_letter | |
privilege :by_query | |
privilege :new | |
privilege :edit | |
privilege :unbind | |
privilege :update, [:editor] | |
privilege :create_dvag | |
privilege :bind_dvag | |
privilege :dvag_tree | |
privilege :destroy | |
privilege :dvag | |
privilege :unapproved | |
end | |
resource 'Admin::TopicsController', [:temer] do | |
privilege :index | |
privilege :autocomplete | |
privilege :last_24_hours | |
privilege :active | |
privilege :sort | |
privilege :create | |
privilege :update | |
privilege :destroy | |
end | |
resource 'Admin::AirBlocksController' do | |
privilege :index | |
end | |
resource 'Remotes::TextPagesController' do | |
privilege :edit | |
privilege :create | |
privilege :update | |
privilege :show, [:remote_operator] | |
end | |
resource 'SprocketsController', [:transcripter, :remote_operator, :temer, :taxonom, :solo_operator, :transcripts_editor, :operator, :editor] do | |
privilege :show | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment