wethu
8/18/2014 - 6:03 AM
ability.rb
class TrashController < ApplicationController
authorize_resource :job
authorize_resource :client
def index
@items = model.only_deleted.order(:deleted_at => :desc).paginate(:page => params[:page], :per_page => 15)
end
def show
@item = item
end
def destroy
if item.destroyed?
item.really_destroy!
redirect_to :back, notice: "#{model.to_s} deleted."
end
end
def restore
model.restore(item)
redirect_to :back, notice: "#{model.to_s} restored."
end
private
def item
model.with_deleted.find(params[:id])
end
def model
params[:model].classify.constantize if accepted_models.include? params[:model].capitalize
end
def accepted_models
["Client", "Job"]
end
end
class Ability
include CanCan::Ability
def initialize(user)
# Define abilities for the passed in user here. For example:
#
# user ||= User.new # guest user (not logged in)
# if user.admin?
# can :manage, :all
# else
# can :read, :all
# end
user ||= User.new
if user.role == 'admin'
can :manage, :all
else
can :manage, Job
cannot :destroy, Job
can :manage, Client
cannot :destroy, Client
end
# The first argument to `can` is the action you are giving the user
# permission to do.
# If you pass :manage it will apply to every action. Other common actions
# here are :read, :create, :update and :destroy.
#
# The second argument is the resource the user can perform the action on.
# If you pass :all it will apply to every resource. Otherwise pass a Ruby
# class of the resource.
#
# The third argument is an optional hash of conditions to further filter the
# objects.
# For example, here the user can only update published articles.
#
# can :update, Article, :published => true
#
# See the wiki for details:
# https://github.com/bryanrite/cancancan/wiki/Defining-Abilities
end
end