|
|
@@ -1,6 +1,6 @@
|
|
|
class Ability
|
|
|
include CanCan::Ability
|
|
|
-
|
|
|
+ D_ENUM = []
|
|
|
def initialize(user)
|
|
|
# Define abilities for the passed in user here. For example:
|
|
|
#
|
|
|
@@ -11,6 +11,10 @@ class Ability
|
|
|
# can :read, :all
|
|
|
# end
|
|
|
if user
|
|
|
+ departs = DepartRecord.find_by_sql("select id from depart_records ")
|
|
|
+ departs.each do |dep|
|
|
|
+ D_ENUM.push(dep.id)
|
|
|
+ end
|
|
|
can :dashboard # allow access to dashboard
|
|
|
can :access, :rails_admin # only allow admin users to access Rails Admin
|
|
|
cannot :history, :all
|
|
|
@@ -28,8 +32,8 @@ class Ability
|
|
|
else
|
|
|
user.permissions.each do |permission|
|
|
|
if permission.model=="Order"
|
|
|
- can :update, Order, :depart => [1,2]
|
|
|
- can :read, Order, :depart => [1,2]
|
|
|
+ can :update, Order, :depart => D_ENUM
|
|
|
+ can :read, Order, :depart => D_ENUM
|
|
|
else
|
|
|
eval "can :#{permission.can}, #{permission.model}"
|
|
|
end
|
