X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/b16aa11f65ed1120ee546712150ad6f57ec50102..523291442766e7cd4adbad6d2bc7c6803cdd3811:/app/models/ability.rb

diff --git a/app/models/ability.rb b/app/models/ability.rb
index 864225e8e..59b1c5ec3 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -1,12 +1,22 @@
+# frozen_string_literal: true
+
 class Ability
   include CanCan::Ability
 
-  def initialize(user)
+  def initialize(user, token)
     can :index, :site
     can [:permalink, :edit, :help, :fixthemap, :offline, :export, :about, :preview, :copyright, :key, :id, :welcome], :site
 
+    can [:list, :rss, :view, :comments], DiaryEntry
+
     if user
       can :weclome, :site
+
+      can [:create, :edit, :comment, :subscribe, :unsubscribe], DiaryEntry
+
+      if user.administrator?
+        can [:hide, :hidecomment], [DiaryEntry, DiaryComment]
+      end
     end
     # Define abilities for the passed in user here. For example:
     #
@@ -35,4 +45,8 @@ class Ability
     # See the wiki for details:
     # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
   end
+
+  def has_capability?(token, cap)
+    token && token.read_attribute(cap)
+  end
 end