28 |
|
|
29 |
=head2 current_user_can ACTION |
=head2 current_user_can ACTION |
30 |
|
|
31 |
Let everybody create, read and update, but not delete. |
admin and import can everything, users with permission on landscape can read. |
32 |
|
|
33 |
=cut |
=cut |
34 |
|
|
36 |
my $self = shift; |
my $self = shift; |
37 |
my $type = shift; |
my $type = shift; |
38 |
|
|
39 |
# We probably want something like this eventually: |
return 1 if ($self->current_user->admin || $self->current_user->can_import); |
40 |
if ($type =~ /(?:create|read|update)/i) { |
|
41 |
return 1; |
if ($type eq 'read') { |
42 |
} else { |
|
43 |
return $self->SUPER::current_user_can($type, @_); |
my $l = Transports::Model::UserOnLandscape->new(); |
44 |
} |
$l->load_by_cols( |
45 |
|
user_on => $self->current_user->id, |
46 |
|
landscape => $self->landscape->id, |
47 |
|
); |
48 |
|
|
49 |
|
if ($l->id) { |
50 |
|
return 1; |
51 |
|
} else { |
52 |
|
return undef; |
53 |
|
} |
54 |
|
} |
55 |
|
|
56 |
} |
} |
57 |
|
|
58 |
1; |
1; |