Set desired access for Alerts

2013-04-07 06:08:05 -04:00 · 2013-04-07 06:08:05 -04:00 · d6df7be6f7
commit d6df7be6f7
parent d1da33abec
1 changed files with 6 additions and 26 deletions
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@ -2,31 +2,11 @@ class Ability
  include CanCan::Ability

  def initialize(user)
-    # Define abilities for the passed in user here. For example:
-    #
-    #   user ||= User.new # guest user (not logged in)
-    #   if user.admin?
-    #     can :manage, :all
-    #   else
-    #     can :read, :all
-    #   end
-    #
-    # The first argument to `can` is the action you are giving the user 
-    # permission to do.
-    # If you pass :manage it will apply to every action. Other common actions
-    # here are :read, :create, :update and :destroy.
-    #
-    # The second argument is the resource the user can perform the action on. 
-    # If you pass :all it will apply to every resource. Otherwise pass a Ruby
-    # class of the resource.
-    #
-    # The third argument is an optional hash of conditions to further filter the
-    # objects.
-    # For example, here the user can only update published articles.
-    #
-    #   can :update, Article, :published => true
-    #
-    # See the wiki for details:
-    # https://github.com/ryanb/cancan/wiki/Defining-Abilities
+    user ||= User.new
+
+    can :read, Alert,       :user_id => user.id
+    can :create, Alert
+    can :update, Alert,     :user_id => user.id
+    can :destroy, Alert,    :user_id => user.id
  end
 end