diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 23d8b4bec9ac7c1e78b14394bf7747d11b99db30..6b668bc7371d0108d2459933469068b08fde5f06 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -13,6 +13,10 @@ class ApplicationController < ActionController::Base
private
+ def current_ability
+ @current_ability ||= Ability.for(current_user)
+ end
+
def ensure_university
render_forbidden unless current_university
end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index d7fc3e5a9adbfbe564bc42c62570817a93a9c492..e98457ce2a9838b4c08ca234d3e33e732da40dbd 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -3,183 +3,17 @@
class Ability
include CanCan::Ability
+ def self.for(user)
+ "Ability::#{user.role.classify}".constantize.new user
+ end
+
def initialize(user)
@user = user ||= User.new # guest user (not logged in)
- send @user.role.to_sym
end
protected
- def visitor
- end
-
- def contributor
- author
- cannot :publish, Communication::Website::Post
- cannot :publish, Communication::Website::Agenda::Event
- end
-
- def author
- managed_websites_ids = @user.websites_to_manage.pluck(:communication_website_id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
- can :create, Communication::Block
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
- can :create, Communication::Block::Heading
- can :read, Communication::Website, university_id: @user.university_id, id: managed_websites_ids
- can :manage, Communication::Website::Post, university_id: @user.university_id, communication_website_id: managed_websites_ids, author_id: @user.person&.id
- end
-
- def teacher
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Education::Program', about_id: Education::Program.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id, user_id: @user.id).pluck(:id)
- can :create, Communication::Block
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Education::Program', about_id: Education::Program.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id, user_id: @user.id).pluck(:id)
- can :create, Communication::Block::Heading
- can [:read, :children], Education::Program, university_id: @user.university_id
- can :manage, University::Person, user_id: @user.id
- cannot :create, University::Person
- can :manage, University::Person::Involvement, person_id: @user.person&.id
- can :read, University::Person::Involvement, university_id: @user.university_id
- can :read, University::Role, university_id: @user.university_id
- end
-
- def program_manager
- managed_programs_ids = @user.programs_to_manage.pluck(:education_program_id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Education::Program', about_id: managed_programs_ids
- can :create, Communication::Block
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Education::Program', about_id: managed_programs_ids
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
- can :create, Communication::Block::Heading
- can :read, Communication::Website, university_id: @user.university_id
- can :manage, Communication::Website::Post, university_id: @user.university_id
- can :manage, Communication::Website::Agenda::Event, university_id: @user.university_id
- can :manage, Education::Program, id: managed_programs_ids
- can [:read, :children], Education::Program, university_id: @user.university_id
- cannot :create, Education::Program
- can :manage, University::Person, university_id: @user.university_id
- can :manage, University::Person::Involvement, target_type: "Education::Program", target_id: managed_programs_ids
- can :manage, University::Role, target_type: "Education::Program", target_id: managed_programs_ids
- end
-
- def website_manager
- managed_websites_ids = @user.websites_to_manage.pluck(:communication_website_id)
- managed_pages_ids = Communication::Website::Page.where(communication_website_id: managed_websites_ids).pluck(:id)
- managed_posts_ids = Communication::Website::Post.where(communication_website_id: managed_websites_ids).pluck(:id)
- managed_events_ids = Communication::Website::Agenda::Event.where(communication_website_id: managed_websites_ids).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Page', about_id: managed_pages_ids
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: managed_posts_ids
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: managed_events_ids
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Organization', about_id: University::Organization.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
- can :create, Communication::Block
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Page', about_id: managed_pages_ids
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: managed_posts_ids
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: managed_events_ids
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Organization', about_id: University::Organization.where(university_id: @user.university_id).pluck(:id)
- can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
- can :create, Communication::Block::Heading
- can [:read, :analytics], Communication::Website, university_id: @user.university_id, id: managed_websites_ids
- can :manage, Communication::Website::Category, university_id: @user.university_id, communication_website_id: managed_websites_ids
- can [:read, :update, :reorder], Communication::Website::Menu, university_id: @user.university_id, communication_website_id: managed_websites_ids
- can :manage, Communication::Website::Menu::Item, university_id: @user.university_id, website_id: managed_websites_ids
- can :create, Communication::Website::Menu::Item, university_id: @user.university_id
- can :manage, Communication::Website::Page, university_id: @user.university_id, communication_website_id: managed_websites_ids
- can :manage, Communication::Website::Post, university_id: @user.university_id, communication_website_id: managed_websites_ids
- can :manage, University::Organization, university_id: @user.university_id
- can :manage, University::Person, university_id: @user.university_id
- can :manage, University::Person::Category, university_id: @user.university_id
- can :manage, University::Person::Experience, university_id: @user.university_id
- can :manage, University::Person::Involvement, university_id: @user.university_id
- end
-
- def admin
- admin_university
- admin_education
- admin_research
- admin_communication
- admin_communication_extranet
- admin_administration
- can :manage, Import, university_id: @user.university_id
- end
-
- def admin_university
- can :manage, University::Organization, university_id: @user.university_id
- can :manage, University::Organization::Category, university_id: @user.university_id
- can :manage, University::Person, university_id: @user.university_id
- can :manage, University::Person::Category, university_id: @user.university_id
- can :manage, University::Person::Experience, university_id: @user.university_id
- can :manage, University::Person::Involvement, university_id: @user.university_id
- can :manage, University::Role, university_id: @user.university_id
- can :read, User, university_id: @user.university_id
- can :manage, User, university_id: @user.university_id, role: @user.managed_roles
- end
-
- def admin_education
- can :manage, Education::AcademicYear, university_id: @user.university_id
- can :manage, Education::Cohort, university_id: @user.university_id
- can :manage, Education::Diploma, university_id: @user.university_id
- can :manage, Education::Program, university_id: @user.university_id
- can :manage, Education::School, university_id: @user.university_id
- can :manage, :all_programs # needed to prevent program_manager to access specific global screens
- end
-
- def admin_research
- can :manage, Research::Hal::Author
- can :manage, Research::Hal::Publication
- can :manage, Research::Journal, university_id: @user.university_id
- can :manage, Research::Journal::Paper, university_id: @user.university_id
- can :manage, Research::Journal::Paper::Kind, university_id: @user.university_id
- can :manage, Research::Journal::Volume, university_id: @user.university_id
- can :manage, Research::Laboratory, university_id: @user.university_id
- can :manage, Research::Laboratory::Axis, university_id: @user.university_id
- can :manage, Research::Thesis, university_id: @user.university_id
- end
-
- def admin_communication
- can :manage, Communication::Block, university_id: @user.university_id
- can :create, Communication::Block
- can :manage, Communication::Block::Heading, university_id: @user.university_id
- can :create, Communication::Block::Heading
- can :manage, Communication::Website, university_id: @user.university_id
- # Est-ce bien raisonnable de laisser supprimer un site ?
- # Le risque de faussse manip est grand.
- cannot :destroy, Communication::Website, university_id: @user.university_id
- can :manage, Communication::Website::Category, university_id: @user.university_id
- can :manage, Communication::Website::Imported::Website, university_id: @user.university_id
- can :manage, Communication::Website::Imported::Page, university_id: @user.university_id
- can :manage, Communication::Website::Imported::Post, university_id: @user.university_id
- can :manage, Communication::Website::Menu, university_id: @user.university_id
- can :manage, Communication::Website::Menu::Item, university_id: @user.university_id
- can :manage, Communication::Website::Page, university_id: @user.university_id
- can :manage, Communication::Website::Post, university_id: @user.university_id
- can :manage, Communication::Website::Agenda::Event, university_id: @user.university_id
- end
-
- def admin_communication_extranet
- can [:read, :update], Communication::Extranet, university_id: @user.university_id
- can :manage, Communication::Extranet::Connection, university_id: @user.university_id
- can :manage, Communication::Extranet::Document, university_id: @user.university_id
- can :manage, Communication::Extranet::Document::Category, university_id: @user.university_id
- can :manage, Communication::Extranet::Document::Kind, university_id: @user.university_id
- can :manage, Communication::Extranet::Post, university_id: @user.university_id
- can :manage, Communication::Extranet::Post::Category, university_id: @user.university_id
- end
-
- def admin_administration
- can :read, Administration::Qualiopi
- can :read, Administration::Qualiopi::Criterion
- can :read, Administration::Qualiopi::Indicator
- end
-
- def server_admin
- can :manage, :all
+ def managed_websites_ids
+ @managed_websites_ids ||= @user.websites_to_manage.pluck(:communication_website_id)
end
end
diff --git a/app/models/ability/admin.rb b/app/models/ability/admin.rb
new file mode 100644
index 0000000000000000000000000000000000000000..f6692c611cb18f7a4c4723f9316bc7bd865e1afa
--- /dev/null
+++ b/app/models/ability/admin.rb
@@ -0,0 +1,84 @@
+class Ability::Admin < Ability
+
+ def initialize(user)
+ super
+ admin_university
+ admin_education
+ admin_research
+ admin_communication
+ admin_communication_extranet
+ admin_administration
+ can :manage, Import, university_id: @user.university_id
+ end
+
+ protected
+
+ def admin_university
+ can :manage, University::Organization, university_id: @user.university_id
+ can :manage, University::Organization::Category, university_id: @user.university_id
+ can :manage, University::Person, university_id: @user.university_id
+ can :manage, University::Person::Category, university_id: @user.university_id
+ can :manage, University::Person::Experience, university_id: @user.university_id
+ can :manage, University::Person::Involvement, university_id: @user.university_id
+ can :manage, University::Role, university_id: @user.university_id
+ can :read, User, university_id: @user.university_id
+ can :manage, User, university_id: @user.university_id, role: @user.managed_roles
+ end
+
+ def admin_education
+ can :manage, Education::AcademicYear, university_id: @user.university_id
+ can :manage, Education::Cohort, university_id: @user.university_id
+ can :manage, Education::Diploma, university_id: @user.university_id
+ can :manage, Education::Program, university_id: @user.university_id
+ can :manage, Education::School, university_id: @user.university_id
+ can :manage, :all_programs # needed to prevent program_manager to access specific global screens
+ end
+
+ def admin_research
+ can :manage, Research::Hal::Author
+ can :manage, Research::Hal::Publication
+ can :manage, Research::Journal, university_id: @user.university_id
+ can :manage, Research::Journal::Paper, university_id: @user.university_id
+ can :manage, Research::Journal::Paper::Kind, university_id: @user.university_id
+ can :manage, Research::Journal::Volume, university_id: @user.university_id
+ can :manage, Research::Laboratory, university_id: @user.university_id
+ can :manage, Research::Laboratory::Axis, university_id: @user.university_id
+ can :manage, Research::Thesis, university_id: @user.university_id
+ end
+
+ def admin_communication
+ can :manage, Communication::Block, university_id: @user.university_id
+ can :create, Communication::Block
+ can :manage, Communication::Block::Heading, university_id: @user.university_id
+ can :create, Communication::Block::Heading
+ can :manage, Communication::Website, university_id: @user.university_id
+ # Est-ce bien raisonnable de laisser supprimer un site ?
+ # Le risque de faussse manip est grand.
+ cannot :destroy, Communication::Website, university_id: @user.university_id
+ can :manage, Communication::Website::Category, university_id: @user.university_id
+ can :manage, Communication::Website::Imported::Website, university_id: @user.university_id
+ can :manage, Communication::Website::Imported::Page, university_id: @user.university_id
+ can :manage, Communication::Website::Imported::Post, university_id: @user.university_id
+ can :manage, Communication::Website::Menu, university_id: @user.university_id
+ can :manage, Communication::Website::Menu::Item, university_id: @user.university_id
+ can :manage, Communication::Website::Page, university_id: @user.university_id
+ can :manage, Communication::Website::Post, university_id: @user.university_id
+ can :manage, Communication::Website::Agenda::Event, university_id: @user.university_id
+ end
+
+ def admin_communication_extranet
+ can [:read, :update], Communication::Extranet, university_id: @user.university_id
+ can :manage, Communication::Extranet::Connection, university_id: @user.university_id
+ can :manage, Communication::Extranet::Document, university_id: @user.university_id
+ can :manage, Communication::Extranet::Document::Category, university_id: @user.university_id
+ can :manage, Communication::Extranet::Document::Kind, university_id: @user.university_id
+ can :manage, Communication::Extranet::Post, university_id: @user.university_id
+ can :manage, Communication::Extranet::Post::Category, university_id: @user.university_id
+ end
+
+ def admin_administration
+ can :read, Administration::Qualiopi
+ can :read, Administration::Qualiopi::Criterion
+ can :read, Administration::Qualiopi::Indicator
+ end
+end
\ No newline at end of file
diff --git a/app/models/ability/contributor.rb b/app/models/ability/contributor.rb
new file mode 100644
index 0000000000000000000000000000000000000000..26b690dc162858d7e61129361ee23954411cd126
--- /dev/null
+++ b/app/models/ability/contributor.rb
@@ -0,0 +1,15 @@
+class Ability::Contributor < Ability
+
+ def initialize(user)
+ super
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
+ can :create, Communication::Block
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id, author_id: @user.person&.id).pluck(:id)
+ can :create, Communication::Block::Heading
+ can :read, Communication::Website, university_id: @user.university_id, id: managed_websites_ids
+ can :manage, Communication::Website::Post, university_id: @user.university_id, communication_website_id: managed_websites_ids, author_id: @user.person&.id
+ cannot :publish, Communication::Website::Post
+ end
+end
\ No newline at end of file
diff --git a/app/models/ability/program_manager.rb b/app/models/ability/program_manager.rb
new file mode 100644
index 0000000000000000000000000000000000000000..04d64c0be92766825b96309ef1f1b421d80ed7aa
--- /dev/null
+++ b/app/models/ability/program_manager.rb
@@ -0,0 +1,30 @@
+class Ability::ProgramManager < Ability
+
+ def initialize(user)
+ super
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Education::Program', about_id: managed_programs_ids
+ can :create, Communication::Block
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: Communication::Website::Post.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: Communication::Website::Agenda::Event.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Education::Program', about_id: managed_programs_ids
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
+ can :create, Communication::Block::Heading
+ can :read, Communication::Website, university_id: @user.university_id
+ can :manage, Communication::Website::Post, university_id: @user.university_id
+ can :manage, Communication::Website::Agenda::Event, university_id: @user.university_id
+ can :manage, Education::Program, id: managed_programs_ids
+ can [:read, :children], Education::Program, university_id: @user.university_id
+ cannot :create, Education::Program
+ can :manage, University::Person, university_id: @user.university_id
+ can :manage, University::Person::Involvement, target_type: "Education::Program", target_id: managed_programs_ids
+ can :manage, University::Role, target_type: "Education::Program", target_id: managed_programs_ids end
+
+ protected
+
+ def managed_programs_ids
+ @managed_programs_ids ||= @user.programs_to_manage.pluck(:education_program_id)
+ end
+end
\ No newline at end of file
diff --git a/app/models/ability/server_admin.rb b/app/models/ability/server_admin.rb
new file mode 100644
index 0000000000000000000000000000000000000000..ba1e7f835a3991fc3ea43f9720929e00c2704d47
--- /dev/null
+++ b/app/models/ability/server_admin.rb
@@ -0,0 +1,7 @@
+class Ability::ServerAdmin < Ability
+
+ def initialize(user)
+ super
+ can :manage, :all
+ end
+end
\ No newline at end of file
diff --git a/app/models/ability/teacher.rb b/app/models/ability/teacher.rb
new file mode 100644
index 0000000000000000000000000000000000000000..db0816822859e031fc4f8550ddea8381ed4e92f1
--- /dev/null
+++ b/app/models/ability/teacher.rb
@@ -0,0 +1,18 @@
+class Ability::Teacher < Ability
+
+ def initialize(user)
+ super
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Education::Program', about_id: Education::Program.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id, user_id: @user.id).pluck(:id)
+ can :create, Communication::Block
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Education::Program', about_id: Education::Program.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id, user_id: @user.id).pluck(:id)
+ can :create, Communication::Block::Heading
+ can [:read, :children], Education::Program, university_id: @user.university_id
+ can :manage, University::Person, user_id: @user.id
+ cannot :create, University::Person
+ can :manage, University::Person::Involvement, person_id: @user.person&.id
+ can :read, University::Person::Involvement, university_id: @user.university_id
+ can :read, University::Role, university_id: @user.university_id
+ end
+end
\ No newline at end of file
diff --git a/app/models/ability/visitor.rb b/app/models/ability/visitor.rb
new file mode 100644
index 0000000000000000000000000000000000000000..0784040545b0ce67dd09f96d0d75f09488f8f5d7
--- /dev/null
+++ b/app/models/ability/visitor.rb
@@ -0,0 +1,2 @@
+class Ability::Visitor < Ability
+end
\ No newline at end of file
diff --git a/app/models/ability/website_manager.rb b/app/models/ability/website_manager.rb
new file mode 100644
index 0000000000000000000000000000000000000000..593b9fdca0988c9389b947d3d406da6c18a3119c
--- /dev/null
+++ b/app/models/ability/website_manager.rb
@@ -0,0 +1,45 @@
+class Ability::WebsiteManager < Ability
+
+ def initialize(user)
+ super
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Page', about_id: managed_pages_ids
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: managed_posts_ids
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: managed_events_ids
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Organization', about_id: University::Organization.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
+ can :create, Communication::Block
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Page', about_id: managed_pages_ids
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Post', about_id: managed_posts_ids
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'Communication::Website::Agenda::Event', about_id: managed_events_ids
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Organization', about_id: University::Organization.where(university_id: @user.university_id).pluck(:id)
+ can :manage, Communication::Block::Heading, university_id: @user.university_id, about_type: 'University::Person', about_id: University::Person.where(university_id: @user.university_id).pluck(:id)
+ can :create, Communication::Block::Heading
+ can [:read, :analytics], Communication::Website, university_id: @user.university_id, id: managed_websites_ids
+ can :manage, Communication::Website::Category, university_id: @user.university_id, communication_website_id: managed_websites_ids
+ can [:read, :update, :reorder], Communication::Website::Menu, university_id: @user.university_id, communication_website_id: managed_websites_ids
+ can :manage, Communication::Website::Menu::Item, university_id: @user.university_id, website_id: managed_websites_ids
+ can :create, Communication::Website::Menu::Item, university_id: @user.university_id
+ can :manage, Communication::Website::Page, university_id: @user.university_id, communication_website_id: managed_websites_ids
+ can :manage, Communication::Website::Post, university_id: @user.university_id, communication_website_id: managed_websites_ids
+ can :manage, University::Organization, university_id: @user.university_id
+ can :manage, University::Person, university_id: @user.university_id
+ can :manage, University::Person::Category, university_id: @user.university_id
+ can :manage, University::Person::Experience, university_id: @user.university_id
+ can :manage, University::Person::Involvement, university_id: @user.university_id
+ end
+
+ protected
+
+ def managed_pages_ids
+ @managed_pages_ids ||= Communication::Website::Page.where(communication_website_id: managed_websites_ids).pluck(:id)
+ end
+
+ def managed_posts_ids
+ @managed_posts_ids ||= Communication::Website::Post.where(communication_website_id: managed_websites_ids).pluck(:id)
+ end
+
+ def managed_events_ids
+ @managed_events_ids ||= Communication::Website::Agenda::Event.where(communication_website_id: managed_websites_ids).pluck(:id)
+ end
+
+end
\ No newline at end of file
diff --git a/cron.json b/cron.json
index 5003dcc2da2e14129d8b41d0bcde800bdfe4c23d..b4df0f56cab3ce7f32d203e567b592b28677cce2 100644
--- a/cron.json
+++ b/cron.json
@@ -1,10 +1,12 @@
{
"jobs": [
{
- "command": "0 1 * * * rails auto:update_publications_from_hal"
+ "command": "0 1 * * * rails auto:update_publications_from_hal",
+ "size": "L"
},
{
- "command": "0 3 * * * rails auto:clean_and_rebuild_websites"
+ "command": "0 3 * * * rails auto:clean_and_rebuild_websites",
+ "size": "XL"
}
]
}
\ No newline at end of file