use token in ability checks
authorChris Flipse <cflipse@gmail.com>
Fri, 8 Jun 2018 20:58:49 +0000 (16:58 -0400)
committerChris Flipse <cflipse@gmail.com>
Sun, 17 Jun 2018 17:56:23 +0000 (13:56 -0400)
app/controllers/application_controller.rb
app/models/ability.rb
test/models/abilities_test.rb [new file with mode: 0644]

index 5f88eb9..84adc1a 100644 (file)
@@ -473,6 +473,10 @@ class ApplicationController < ActionController::Base
     # ...
   end
 
+  def current_ability
+    @current_ability ||= Ability.new(current_user, current_token)
+  end
+
   private
 
   # extract authorisation credentials from headers, returns user = nil if none
index 864225e..8973166 100644 (file)
@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 class Ability
   include CanCan::Ability
 
-  def initialize(user)
+  def initialize(user, token)
     can :index, :site
     can [:permalink, :edit, :help, :fixthemap, :offline, :export, :about, :preview, :copyright, :key, :id, :welcome], :site
 
@@ -35,4 +37,8 @@ class Ability
     # See the wiki for details:
     # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
   end
+
+  def has_capability?(token, cap)
+    token && token.read_attribute(cap)
+  end
 end
diff --git a/test/models/abilities_test.rb b/test/models/abilities_test.rb
new file mode 100644 (file)
index 0000000..ab84585
--- /dev/null
@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class AbilityTest < ActiveSupport::TestCase
+
+end