From b748382df434a15dba1b304332f0a9c2e27b8686 Mon Sep 17 00:00:00 2001 From: Andreas Stephanides Date: Sun, 18 Aug 2013 17:56:54 +0200 Subject: [PATCH] =?UTF-8?q?Abilities=20f=C3=BCr=20Rollenvergabe?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/users_controller.rb | 6 ++++++ app/models/ability.rb | 3 +++ 2 files changed, 9 insertions(+) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 0a1b2db..67e02a0 100755 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -4,7 +4,13 @@ class UsersController < ApplicationController end def add_role @user= User.find(params[:id]) + if (params[:role]=="fetuser" && can?(:addfetuser,User)) @user.add_role(params[:role]) + end + if (params[:role]=="fetadmin" && can?(:addfetadmin,User)) + @user.add_role(params[:role]) + end + end def do_confirm @user= User.find(params[:id]) diff --git a/app/models/ability.rb b/app/models/ability.rb index 97c1a45..285bcba 100755 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -28,6 +28,8 @@ class Ability # For Debug allow everything # Remove this line in production environment and for testing user management can :manage, :all + can :addfetuser, User + can :addfetadmin, User can [:show, :index], Studium can [:show, :index], Modulgruppe can [:show, :index], Modul @@ -39,6 +41,7 @@ class Ability # Rechteverwaltung Kalender can [:show, :index], Calendar, :public => true + can [:showics], Calendar can [:show], Calentry if( user.has_role?("fetuser") || user.has_role?("fetadmin"))