X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/a66c34991acfff398fbc83c921dfce18a835ee26..b95a8d03e32a86838d99ded814a08cb7aac44772:/app/abilities/api_ability.rb diff --git a/app/abilities/api_ability.rb b/app/abilities/api_ability.rb index 80245eeaa..36cfee0bb 100644 --- a/app/abilities/api_ability.rb +++ b/app/abilities/api_ability.rb @@ -4,56 +4,36 @@ class ApiAbility include CanCan::Ability def initialize(user) - can :show, :capability - can :index, :change - can :index, :map - can :show, :permission - can [:search_all, :search_nodes, :search_ways, :search_relations], :search - can :show, :version + can :read, [:version, :capability, :permission, :map] if Settings.status != "database_offline" - can [:show, :download, :query], Changeset - can [:index, :create, :comment, :feed, :show, :search], Note - can :index, Tracepoint - can [:index, :show], User - can [:index, :show], Node - can [:index, :show, :full, :ways_for_node], Way - can [:index, :show, :full, :relations_for_node, :relations_for_way, :relations_for_relation], Relation - can [:history, :version], OldNode - can [:history, :version], OldWay - can [:history, :version], OldRelation - end - - if user - can :welcome, :site - can [:revoke, :authorize], :oauth + can [:read, :download], Changeset + can [:read, :create, :feed, :search], Note + can :read, Tracepoint + can :read, User + can :read, Node + can [:read, :full, :ways_for_node], Way + can [:read, :full, :relations_for_node, :relations_for_way, :relations_for_relation], Relation + can [:history, :read], [OldNode, OldWay, OldRelation] + can :read, UserBlock - if Settings.status != "database_offline" - can [:index, :new, :create, :show, :edit, :update, :destroy], ClientApplication - can [:new, :create, :reply, :show, :inbox, :outbox, :mark, :destroy], Message - can [:close, :reopen], Note - can [:new, :create], Report - can [:create, :show, :update, :destroy, :data], Trace + if user&.active? + can [:comment, :close, :reopen], Note + can [:read, :create, :update, :destroy], Trace can [:details, :gpx_files], User - can [:read, :read_one, :update, :update_one, :delete_one], UserPreference + can [:read, :update, :update_all, :destroy], UserPreference if user.terms_agreed? - can [:create, :update, :upload, :close, :subscribe, :unsubscribe, :expand_bbox], Changeset + can [:create, :update, :upload, :close, :subscribe, :unsubscribe], Changeset can :create, ChangesetComment - can [:create, :update, :delete], Node - can [:create, :update, :delete], Way - can [:create, :update, :delete], Relation + can [:create, :update, :delete], [Node, Way, Relation] end if user.moderator? can [:destroy, :restore], ChangesetComment can :destroy, Note - if user.terms_agreed? - can :redact, OldNode - can :redact, OldWay - can :redact, OldRelation - end + can :redact, [OldNode, OldWay, OldRelation] if user.terms_agreed? end end end