thomsbg/permissions.txt

## permissions.txt
can user u perform operation o in scope s?

1. scopes = [s].concat(s.parents)
2. roles = RoleAssignment.where(user: u, scope: scopes).pluck(:role)
3. roles.any? { |role| ROLE_OPERATIONS_MAPPING[role].operations.include?(o) }


## or perhaps

1. scopes = [s].concat(s.parents)
3. roles = ROLES.select { |role| role.operations.include?(o) }
2. RoleAssignment.exist?(user: u, scope: scopes, role: roles)
	can user u perform operation o in scope s?

	1. scopes = [s].concat(s.parents)
	2. roles = RoleAssignment.where(user: u, scope: scopes).pluck(:role)
	3. roles.any? { \|role\| ROLE_OPERATIONS_MAPPING[role].operations.include?(o) }


	## or perhaps

	1. scopes = [s].concat(s.parents)
	3. roles = ROLES.select { \|role\| role.operations.include?(o) }
	2. RoleAssignment.exist?(user: u, scope: scopes, role: roles)