Refactor for authorization sanity
This commit is contained in:
+19
-3
@@ -1,11 +1,27 @@
|
||||
class Ability
|
||||
attr_reader :resource
|
||||
include CanCan::Ability
|
||||
def initialize(settings)
|
||||
settings ||= SupplierEmployeesSettings.new(Supplier.new).for_employee(nil)
|
||||
if settings.manager?
|
||||
def initialize(resource)
|
||||
@resource = resource
|
||||
case resource
|
||||
when Employee then supplier_authorization
|
||||
end
|
||||
end
|
||||
|
||||
def supplier_authorization
|
||||
if resource.settings.manager?
|
||||
can :manage, :all
|
||||
#cam :mark_as_open, Supplier
|
||||
else
|
||||
can :read, :all
|
||||
can :qr_codes, Table
|
||||
can :home, Supplier
|
||||
can :current, :all
|
||||
can :close, List
|
||||
can :mark_helped, List
|
||||
can :mark_in_process, Order
|
||||
can :mark_delivered, Order
|
||||
can :cancel, Order
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user