diff options
author | Luke Shumaker <shumakl@purdue.edu> | 2014-04-04 20:35:16 -0400 |
---|---|---|
committer | Luke Shumaker <shumakl@purdue.edu> | 2014-04-04 20:35:16 -0400 |
commit | bcfa571b0328a4b3e94479a31c027621ceb86ad5 (patch) | |
tree | ac662a6e8e6be36b311652520b8bcc2a1511741d /app/models/user.rb | |
parent | d6009eddd6f67a9414ff7d707ae82c053e6653ad (diff) |
Implement the new security mechanism
Diffstat (limited to 'app/models/user.rb')
-rw-r--r-- | app/models/user.rb | 71 |
1 files changed, 35 insertions, 36 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 016c155..1d0879b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -11,44 +11,36 @@ class User < ActiveRecord::Base self.permissions = 0 end - def in_group?(group) - case group - when :admin - return ((groups & 2) != 0) - when :host - return true #((groups & 1) != 0) - when :player - return true - when :specator - return true - else + def can?(action) + case action + when :create_tournament + when :edit_tournament + when :join_tournament + when :delete_tournament + + when :create_game + when :edit_game + when :delete_game + + when :create_user return false - end - end + when :edit_user + when :delete_user - def join_groups(join=[]) - # FIXME: race condition - join.each do |group| - case group - when :admin - groups |= 2 - when :host - groups |= 1 - else - end - end - end + when :create_alert + when :edit_alert + when :delete_alert - def leave_groups(leave=[]) - # FIXME: race condition - leave.each do |group| - case group - when :admin - groups &= ~ 2 - when :host - groups &= ~ 1 - else - end + when :create_pm + when :edit_pm + when :delete_pm + + when :create_session + return false + when :delete_session + + else + return false end end @@ -96,7 +88,14 @@ class NilUser return true end def can?(action) - return false + case action + when :create_user + return true + when :create_session + return true + else + return false + end end def method_missing(name, *args) # Throw an error if User doesn't have this method |