Implement the cancan filters for diary entries
authorChris Flipse <cflipse@gmail.com>
Sat, 9 Jun 2018 20:35:17 +0000 (16:35 -0400)
committerChris Flipse <cflipse@gmail.com>
Sun, 17 Jun 2018 17:57:06 +0000 (13:57 -0400)
commit523291442766e7cd4adbad6d2bc7c6803cdd3811
tree39dd1ba2fafd1f29594c2f066bc571c196cb809c
parent6b44a1976cf07ba50ba8aed8b34434e69a45e62d
Implement the cancan filters for diary entries

Access logic is not _entirely_ exported from the controller,
unfortunately.  For interface reasons, some actions which require admin
have to be listed within the controller's deny_access method.

This is required because, being a default-deny system, cancancan
_cannot_ tell you the reason you were denied access; and so
the "nice" feedback presenting next steps can't be gleaned from
the exception
app/controllers/diary_entry_controller.rb
app/models/ability.rb
test/models/abilities_test.rb