|
@@ -28,13 +28,13 @@ class Ability
|
|
|
# can :create, :all
|
|
# can :create, :all
|
|
|
# can :update, :all
|
|
# can :update, :all
|
|
|
else
|
|
else
|
|
|
|
|
+ D_ENUM.clear
|
|
|
|
|
+ departs = AdminDepart.find_by_sql("select depart_record_id from admin_departs where admin_user_id = #{user.id}")
|
|
|
|
|
+ departs.each do |dep|
|
|
|
|
|
+ D_ENUM.push(dep.depart_record_id)
|
|
|
|
|
+ end
|
|
|
user.permissions.each do |permission|
|
|
user.permissions.each do |permission|
|
|
|
if ['Order', 'WxUser','ShopApplication','BalanceOrder'].include?(permission.model)
|
|
if ['Order', 'WxUser','ShopApplication','BalanceOrder'].include?(permission.model)
|
|
|
- D_ENUM.clear
|
|
|
|
|
- departs = AdminDepart.find_by_sql("select depart_record_id from admin_departs where admin_user_id = #{user.id}")
|
|
|
|
|
- departs.each do |dep|
|
|
|
|
|
- D_ENUM.push(dep.depart_record_id)
|
|
|
|
|
- end
|
|
|
|
|
if D_ENUM.length==0
|
|
if D_ENUM.length==0
|
|
|
eval "can :#{permission.can}, #{permission.model}"
|
|
eval "can :#{permission.can}, #{permission.model}"
|
|
|
else
|
|
else
|
