stalniy/abilities.js

## abilities.js
const { AbilityBuilder, Ability } = require('casl')

function defineAbilitiesFor(user) {
  const { rules, can } = AbilityBuilder.extract()

  can('read', ['Post', 'Comment'])
  can('create', 'User')

  if (user) {
    can('manage', ['Post', 'Comment'], { author: user._id })
    can(['read', 'update'], 'User', { _id: user._id })
  }

  return new Ability(rules)
}

const ANONYMOUS_ABILITY = defineAbilitiesFor(null)

module.exports = function createAbilities(req, res, next) {
  req.ability = req.user.email ? defineAbilitiesFor(req.user) : ANONYMOUS_ABILITY
  next()
}
	const { AbilityBuilder, Ability } = require('casl')

	function defineAbilitiesFor(user) {
	const { rules, can } = AbilityBuilder.extract()

	can('read', ['Post', 'Comment'])
	can('create', 'User')

	if (user) {
	can('manage', ['Post', 'Comment'], { author: user._id })
	can(['read', 'update'], 'User', { _id: user._id })
	}

	return new Ability(rules)
	}

	const ANONYMOUS_ABILITY = defineAbilitiesFor(null)

	module.exports = function createAbilities(req, res, next) {
	req.ability = req.user.email ? defineAbilitiesFor(req.user) : ANONYMOUS_ABILITY
	next()
	}