diff options
Diffstat (limited to 'app/models/ability.rb')
| -rw-r--r-- | app/models/ability.rb | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb index fcd7740d79f..622f481a4fc 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -1,7 +1,23 @@ class Ability class << self + + end + + def allowed?(user, action, subject) + allowed(user, subject).include?(action) + end + def allowed(user, subject) - return anonymous_abilities(user, subject) if user.nil? + return uncached_allowed(user, subject) unless RequestStore.active? + + user_key = user ? user.id : 'anonymous' + subject_key = subject ? "#{subject.class.name}/#{subject.id}" : 'global' + key = "/ability/#{user_key}/#{subject_key}" + RequestStore[key] ||= Set.new(uncached_allowed(user, subject)).freeze + end + + def uncached_allowed(user, subject) + return anonymous_abilities(subject) if user.nil? return [] unless user.is_a?(User) return [] if user.blocked? @@ -586,11 +602,8 @@ class Ability end def abilities - @abilities ||= begin - abilities = Six.new - abilities << self - abilities - end + warn 'Ability.abilities is deprecated, use Ability.allowed?(user, action, subject) instead' + self end private |