From 6da3ece68354f77f626de8963770c0217048e19d Mon Sep 17 00:00:00 2001 From: Chris Flipse Date: Fri, 8 Jun 2018 16:58:49 -0400 Subject: [PATCH 1/1] use token in ability checks --- app/controllers/application_controller.rb | 4 ++++ app/models/ability.rb | 8 +++++++- test/models/abilities_test.rb | 7 +++++++ 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 test/models/abilities_test.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 5f88eb983..84adc1a32 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -473,6 +473,10 @@ class ApplicationController < ActionController::Base # ... end + def current_ability + @current_ability ||= Ability.new(current_user, current_token) + end + private # extract authorisation credentials from headers, returns user = nil if none diff --git a/app/models/ability.rb b/app/models/ability.rb index 864225e8e..897316691 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -1,7 +1,9 @@ +# frozen_string_literal: true + class Ability include CanCan::Ability - def initialize(user) + def initialize(user, token) can :index, :site can [:permalink, :edit, :help, :fixthemap, :offline, :export, :about, :preview, :copyright, :key, :id, :welcome], :site @@ -35,4 +37,8 @@ class Ability # See the wiki for details: # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities end + + def has_capability?(token, cap) + token && token.read_attribute(cap) + end end diff --git a/test/models/abilities_test.rb b/test/models/abilities_test.rb new file mode 100644 index 000000000..ab8458531 --- /dev/null +++ b/test/models/abilities_test.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +require "test_helper" + +class AbilityTest < ActiveSupport::TestCase + +end -- 2.43.2