-
-
Notifications
You must be signed in to change notification settings - Fork 725
Permissions
David Cook edited this page Jan 12, 2024
·
2 revisions
Users have permission to view and update resources based on certain rules.
Generally, these rules are defined in the Permissions
class, which provides methods to retrieve data based on the current user's permissions.
An additional layer is provided by the gem CanCanCan, which has rules defined in the Ability
class. Many of these rules use Permissions
or other scopes to check access.
The ResourceController
automatically checks for permission on each action, and can be called directly for a class or instance, for example:
can?(:admin, EnterpriseFee) && can?(:manage_enterprise_fees, enterprise)
See the CanCanCan readme for more details.
Permissions are described in the user guide:
Development environment setup
- Pipeline development process
- Bug severity
- Feature template (epic)
- Internationalisation (i18n)
- Dependency updates
Development
- Developer Guidelines
- The process of review, test, merge and deploy
- Making a great commit
- Making a great pull request
- Code Conventions
- Database migrations
- Testing and Rspec Tips
- Automated Testing Gotchas
- Rubocop
- Angular and OFN
- Feature toggles
- Stimulus and Turbo
Testing
- Testing process
- OFN Testing Documentation (Handbooks)
- Continuous Integration
- Parallelized test suite with knapsack
- Karma
Releasing
Specific features
Data and APIs
Instance-specific configuration
External services
Design