013_access_control_migration.rb
1.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
class AccessControlMigration < ActiveRecord::Migration
def self.up
create_table :roles do |t|
t.column :name, :string
t.column :permissions, :string
t.column :key, :string
t.column :system, :boolean, :default => false
end
create_table :role_assignments do |t|
t.column :accessor_id, :integer
t.column :accessor_type, :string
t.column :resource_id, :integer
t.column :resource_type, :string
t.column :role_id, :integer
t.column :is_global, :boolean
end
# create system-defined roles
Role.with_scope(:create => { :system => true }) do
# Environment administrator!
Role.create!(:key => 'environment_administrator', :name => N_('Environment Administrator'), :permissions => [
'view_environment_admin_panel',
'edit_environment_features',
'edit_environment_design',
'manage_environment_categories',
'manage_environment_roles',
'manage_environment_validators'
])
Role.create!(:key => 'profile_admin', :name => N_('Profile Administrator'), :permissions => [
'edit_profile',
'destroy_profile',
'manage_memberships',
'post_content',
'edit_profile_design',
'manage_products',
])
# members for enterprises, communities etc
Role.create!(:key => "profile_member", :name => N_('Member'), :permissions => [
'edit_profile',
'post_content',
'manage_products'
])
# moderators for enterprises, communities etc
Role.create!(:key => 'profile_moderator', :name => N_('Moderator'), :permissions => [
'manage_memberships',
'edit_profile_design',
'manage_products'
])
end
end
def self.down
drop_table :roles
drop_table :role_assignments
end
end