Orbit/lib/orbit_core_lib.rb

module  OrbitCoreLib
  module Preview
    def self.included(base)

      # base.instance_eval("field :is_preview,type: Boolean,:default => false")
      # base.instance_eval("scope :not_preview,where(:is_preview=>false)")
      base.class_eval ("
        def to_preview
          raise 'Developer,please override to_preview method'  
        end
      ")
    end
  end

  module ObjectDisable
     def self.included(base)

      base.instance_eval("field :disable,type: Boolean,:default => false")
      base.instance_eval("scope :all, where(:disable.in => [false, nil, ''])")
      base.instance_eval("scope :admin_manager_all,find(:all)")
      
      base.define_singleton_method :find do |*args|
        if args ==[:all]
          unscoped
        else
          res = unscoped.find(args) 
          res.count == 1 ? res[0] : res
        end
      end

      base.define_singleton_method :first do |*args|
        all.first
      end

      base.define_singleton_method :last do |*args|
        all.last
      end

    end
  end
  module  ObjectAuthable
    def self.included(base)
      base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
      
      base.define_singleton_method :authed_for_user do |user,title = nil|
        sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
        if title.nil?
          auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
        else
          auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
        end
        query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
        query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id}).excludes(blocked_user_ids: user.id)
        # query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role_ids}).excludes(blocked_user_ids: user.id) #save for backup if something went wrong (0626 Matt)

        result = (query1 + query2).uniq
        result.collect{|t| t.obj_authable}.delete_if{|val| val==nil}
      end
        
    end
    
    def cur_user_is_sub_manager_of(title)
       authed_users(title).include?(User.current)
    end 

    def module_app
       ModuleApp.first(conditions: {:title => self.class::APP_NAME} )
    end

    def pp_object
      "Object Auth method 'pp_object' need to be defined for class #{self.class}"
    end
    
    def get_object_auth_by_title(title)
      oa = self.object_auths.where({title: title }).first
      if oa.nil? #&& (self.class::ObjectAuthTitlesOptions.include? title)
        oa =  self.object_auths.create title: title
      end
      oa
    end
    
    def authed_users(title=nil)
      users = []
      users = case title
      when :all
         ary = self.object_auths.collect{|t| t.auth_users}
         ary.flatten!
      when nil
        if self.object_auths.count ==1 
          self.object_auths.first.auth_users_after_block_list rescue []
          else
            logger.info "Warning calling a auth commend without specificed value( has multi-auths ), return empty"
            []
          end
      else
        get_object_auth_by_title(title).auth_users rescue []
      end
      users
    end
    
  end
  module  ObjectTokenUtility
    def self.included(base)
      base.instance_eval("field :s_token")
      base.instance_eval("after_create :generate_token")
    end
    
    def token
      return self.s_token
    end
    
    protected
     def generate_token
       self.s_token = SecureRandom.hex(16)
       self.save!
     end
  end
  
  module PermissionUtility
  private
    def check_permission(type = :use)
      permission_grant =  current_or_guest_user.admin?? true : false
      module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
      unless permission_grant
        permission_grant = case type
        when :use
          users_ary = module_app.app_auth.auth_users rescue nil
          users_ary = [] if users_ary.nil?
          (users_ary.include?(current_or_guest_user) || module_app.is_manager?(current_or_guest_user) || module_app.is_sub_manager?(current_or_guest_user))
        when :manager
          module_app.is_manager?(current_or_guest_user)
        when :sub_manager  
          module_app.is_manager?(current_or_guest_user) || module_app.is_sub_manager?(current_or_guest_user)
        end  
      end
      permission_grant
    end
    def find_module_app_by_token(token)
      ModuleApp.first(conditions: {s_token: token})
    end
  end

  module Authorization
    def self.included(base)
      base.class_eval do
        before_filter :can_use
        send :include, InstanceMethods
      end
      base.extend(ClassMethods)
    end

    module ClassMethods
      protected

      def open_for_admin(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.open_for :admin}
        else
          prepend_before_filter {|f| f.open_for :admin}
        end
      end

      def open_for_manager(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.open_for :manager}
        else
          prepend_before_filter {|f| f.open_for :manager}
        end
      end

      def open_for_sub_manager(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.open_for :sub_manager}
        else
          prepend_before_filter {|f| f.open_for :sub_manager}
        end
      end

      def open_for_approver(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.open_for :approver}
        else
          prepend_before_filter {|f| f.open_for :approver}
        end
      end

      def open_for_user(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.open_for :user}
        else
          prepend_before_filter {|f| f.open_for :user}
        end
      end

      def open_for_visitor(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.open_for :visitor}
        else
          prepend_before_filter {|f| f.open_for :visitor}
        end
      end

      def skip_authorization(arg = nil)
        if arg
          key = arg.shift
          prepend_before_filter key[0] => key[1] {|f| f.no_authorization}
        else
          prepend_before_filter {|f| f.no_authorization}
        end
      end

    end

    module InstanceMethods
      protected
      def can_use
        setup_vars
        unless @no_authorization
          if @user_type
            @open = false
            @visitor = false
            @user_type.each do |user_type|
              case user_type
              when :admin
                @open ||= check_admin
              when :manager
                @open ||= check_manager
              when :sub_manager
                @open ||= check_sub_manager
              when :approver
                @open ||= check_sub_manager
              when :user
                @open ||= true
              when :visitor
                set_current_user
                @open ||= true
                @visitor ||= true
              end
            end
            check_backend_openness if @visitor
            authenticate_user! unless @visitor
            redirect_to root_url unless @open
          else
            authenticate_user!
            check_user_can_use
          end
        end
      end

      def check_admin
        current_or_guest_user.admin?
      end

      def check_manager
        check_admin || @module_app.is_manager?(current_or_guest_user)
      end

      def check_sub_manager
        check_admin || check_manager || @module_app.is_sub_manager?(current_or_guest_user)
      end

      def check_approver
        check_admin || check_manager || @module_app.can_approve?(current_or_guest_user)
      end

      def open_for(var)
        @user_type ||= []
        @user_type << var
      end

      def no_authorization
        @no_authorization = true
      end

      def check_user_can_use
        unless current_or_guest_user.admin? || (@module_app.is_manager?(current_or_guest_user) if @module_app.present?) || (@module_app.is_sub_manager?(current_or_guest_user) if @module_app.present?) || (@module_app.can_approve?(current_or_guest_user) if @module_app.present?)
          redirect_to admin_dashboards_url
        end
      end

      def setup_vars
        @app_title ||= controller_path.split('/')[1].singularize rescue nil
        @module_app ||= ModuleApp.first(conditions: {:key => @app_title} ) rescue nil
      end
    end
  end

end
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`module OrbitCoreLib`
First version of new preview. Only plain text 2012-09-04 04:31:27 +00:00			`module Preview`
			`def self.included(base)`
complete preview for both new and announcement 2012-09-07 09:55:59 +00:00
			`# base.instance_eval("field :is_preview,type: Boolean,:default => false")`
			`# base.instance_eval("scope :not_preview,where(:is_preview=>false)")`
			`base.class_eval ("`
			`def to_preview`
			`raise 'Developer,please override to_preview method'`
			`end`
			`")`
First version of new preview. Only plain text 2012-09-04 04:31:27 +00:00			`end`
			`end`

orbit disable object for categories 2012-07-05 08:00:45 +00:00			`module ObjectDisable`
			`def self.included(base)`

			`base.instance_eval("field :disable,type: Boolean,:default => false")`
Fix typo in core lib Change i18n for more link in announcement init 2013-03-20 09:45:08 +00:00			`base.instance_eval("scope :all, where(:disable.in => [false, nil, ''])")`
orbit disable object for categories 2012-07-05 08:00:45 +00:00			`base.instance_eval("scope :admin_manager_all,find(:all)")`
category disable for backend 2012-07-06 10:11:55 +00:00
orbit disable object for categories 2012-07-05 08:00:45 +00:00			`base.define_singleton_method :find do \|*args\|`
			`if args ==[:all]`
			`unscoped`
			`else`
category disable for backend 2012-07-06 10:11:55 +00:00			`res = unscoped.find(args)`
			`res.count == 1 ? res[0] : res`
orbit disable object for categories 2012-07-05 08:00:45 +00:00			`end`
			`end`
category disable for backend 2012-07-06 10:11:55 +00:00
			`base.define_singleton_method :first do \|*args\|`
			`all.first`
			`end`

			`base.define_singleton_method :last do \|*args\|`
			`all.last`
			`end`

orbit disable object for categories 2012-07-05 08:00:45 +00:00			`end`
			`end`
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`module ObjectAuthable`
			`def self.included(base)`
			`base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")`

			`base.define_singleton_method :authed_for_user do \|user,title = nil\|`
			`sub_role_ids_ary=user.sub_roles.collect{\|t\| t.id}`
			`if title.nil?`
			`auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)`
			`else`
			`auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)`
			`end`
			`query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)`
fix query for un-permitted category use 2013-06-26 02:46:50 +00:00			`query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id}).excludes(blocked_user_ids: user.id)`
			`# query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role_ids}).excludes(blocked_user_ids: user.id) #save for backup if something went wrong (0626 Matt)`

Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`result = (query1 + query2).uniq`
archive for announcement 2012-07-04 09:36:51 +00:00			`result.collect{\|t\| t.obj_authable}.delete_if{\|val\| val==nil}`
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`end`

			`end`

First version of app and object auth for web_resource module. Basic fund is ok. backend need to be secued 2012-05-15 10:55:16 +00:00			`def cur_user_is_sub_manager_of(title)`
			`authed_users(title).include?(User.current)`
			`end`

fix object auth without app_auth 2012-10-16 06:23:44 +00:00			`def module_app`
Change to apply page to had object_auth 2012-05-14 04:34:15 +00:00			`ModuleApp.first(conditions: {:title => self.class::APP_NAME} )`
			`end`

New Interface for App Auth and Object Auth 2012-05-11 08:44:40 +00:00			`def pp_object`
			`"Object Auth method 'pp_object' need to be defined for class #{self.class}"`
			`end`

Integrate App & Object Auth to announcement with i18n variables. Also changed Role and SubRole i18n var. Checked with Allen 2012-04-27 10:38:21 +00:00			`def get_object_auth_by_title(title)`
fix orbit core to adopt current user behavior 2012-05-22 03:17:50 +00:00			`oa = self.object_auths.where({title: title }).first`
New UI changes(tags, categories, authorisations, module index…) To run: - ruby lib/remove_old_tags.rb DB_NAME - rake new_ui:migrate_tags - rake new_ui:migrate_categories['APP_KEY,''MODEL_NAME'] (check new_ui.rake for more details) 2013-07-02 08:46:44 +00:00			`if oa.nil? #&& (self.class::ObjectAuthTitlesOptions.include? title)`
Fix bug when object_auth was only built but not created 2012-05-22 08:52:12 +00:00			`oa = self.object_auths.create title: title`
fix orbit core to adopt current user behavior 2012-05-22 03:17:50 +00:00			`end`
			`oa`
Integrate App & Object Auth to announcement with i18n variables. Also changed Role and SubRole i18n var. Checked with Allen 2012-04-27 10:38:21 +00:00			`end`

Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`def authed_users(title=nil)`
			`users = []`
Fact check program completed,Lin checked 2012-03-22 06:33:59 +00:00			`users = case title`
			`when :all`
			`ary = self.object_auths.collect{\|t\| t.auth_users}`
			`ary.flatten!`
			`when nil`
			`if self.object_auths.count ==1`
			`self.object_auths.first.auth_users_after_block_list rescue []`
			`else`
			`logger.info "Warning calling a auth commend without specificed value( has multi-auths ), return empty"`
			`[]`
			`end`
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`else`
Integrate App & Object Auth to announcement with i18n variables. Also changed Role and SubRole i18n var. Checked with Allen 2012-04-27 10:38:21 +00:00			`get_object_auth_by_title(title).auth_users rescue []`
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`end`
			`users`
			`end`

			`end`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00			`module ObjectTokenUtility`
fix bugs with token 2012-02-16 05:57:28 +00:00			`def self.included(base)`
			`base.instance_eval("field :s_token")`
			`base.instance_eval("after_create :generate_token")`
			`end`

			`def token`
			`return self.s_token`
			`end`

			`protected`
			`def generate_token`
change ActiveSupport::SecureRandom to SecureRandom in orbit core 2012-12-27 04:14:59 +00:00			`self.s_token = SecureRandom.hex(16)`
fix bugs with token 2012-02-16 05:57:28 +00:00			`self.save!`
			`end`
			`end`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00
default widgets and sidebar. 2012-12-03 10:52:36 +00:00			`module PermissionUtility`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00			`private`
			`def check_permission(type = :use)`
guest user 2012-08-23 08:05:14 +00:00			`permission_grant = current_or_guest_user.admin?? true : false`
fix bugs with token 2012-02-16 05:57:28 +00:00			`module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00			`unless permission_grant`
			`permission_grant = case type`
			`when :use`
			`users_ary = module_app.app_auth.auth_users rescue nil`
			`users_ary = [] if users_ary.nil?`
guest user 2012-08-23 08:05:14 +00:00			`(users_ary.include?(current_or_guest_user) \|\| module_app.is_manager?(current_or_guest_user) \|\| module_app.is_sub_manager?(current_or_guest_user))`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00			`when :manager`
guest user 2012-08-23 08:05:14 +00:00			`module_app.is_manager?(current_or_guest_user)`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00			`when :sub_manager`
guest user 2012-08-23 08:05:14 +00:00			`module_app.is_manager?(current_or_guest_user) \|\| module_app.is_sub_manager?(current_or_guest_user)`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00			`end`
			`end`
			`permission_grant`
			`end`
fix bugs with token 2012-02-16 05:57:28 +00:00			`def find_module_app_by_token(token)`
			`ModuleApp.first(conditions: {s_token: token})`
			`end`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00			`end`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00
New authorization 2013-08-19 10:54:35 +00:00			`module Authorization`
			`def self.included(base)`
			`base.class_eval do`
			`before_filter :can_use`
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`send :include, InstanceMethods`
New authorization 2013-08-19 10:54:35 +00:00			`end`
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`base.extend(ClassMethods)`
New authorization 2013-08-19 10:54:35 +00:00			`end`

Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`module ClassMethods`
			`protected`

			`def open_for_admin(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.open_for :admin}`
			`else`
			`prepend_before_filter {\|f\| f.open_for :admin}`
			`end`
			`end`

			`def open_for_manager(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.open_for :manager}`
			`else`
			`prepend_before_filter {\|f\| f.open_for :manager}`
			`end`
			`end`

			`def open_for_sub_manager(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.open_for :sub_manager}`
			`else`
			`prepend_before_filter {\|f\| f.open_for :sub_manager}`
			`end`
			`end`

			`def open_for_approver(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.open_for :approver}`
			`else`
			`prepend_before_filter {\|f\| f.open_for :approver}`
			`end`
			`end`

Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`def open_for_user(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.open_for :user}`
			`else`
			`prepend_before_filter {\|f\| f.open_for :user}`
			`end`
			`end`

Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`def open_for_visitor(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.open_for :visitor}`
			`else`
			`prepend_before_filter {\|f\| f.open_for :visitor}`
			`end`
			`end`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`def skip_authorization(arg = nil)`
			`if arg`
			`key = arg.shift`
			`prepend_before_filter key[0] => key[1] {\|f\| f.no_authorization}`
			`else`
			`prepend_before_filter {\|f\| f.no_authorization}`
			`end`
			`end`

Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`end`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`module InstanceMethods`
			`protected`
			`def can_use`
Fix for authorization Dashboard and page authorisation 2013-08-23 04:08:33 +00:00			`setup_vars`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`unless @no_authorization`
			`if @user_type`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`@open = false`
			`@visitor = false`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`@user_type.each do \|user_type\|`
			`case user_type`
			`when :admin`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`@open \|\|= check_admin`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`when :manager`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`@open \|\|= check_manager`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`when :sub_manager`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`@open \|\|= check_sub_manager`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`when :approver`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`@open \|\|= check_sub_manager`
			`when :user`
			`@open \|\|= true`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`when :visitor`
			`set_current_user`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`@open \|\|= true`
			`@visitor \|\|= true`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`end`
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`end`
Fix bug in open_for, it now takes all the open_for into account Add open_for_user 2013-10-17 06:20:49 +00:00			`check_backend_openness if @visitor`
			`authenticate_user! unless @visitor`
			`redirect_to root_url unless @open`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`else`
			`authenticate_user!`
			`check_user_can_use`
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`end`
New authorization 2013-08-19 10:54:35 +00:00			`end`
			`end`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`def check_admin`
			`current_or_guest_user.admin?`
			`end`

			`def check_manager`
			`check_admin \|\| @module_app.is_manager?(current_or_guest_user)`
			`end`

			`def check_sub_manager`
			`check_admin \|\| check_manager \|\| @module_app.is_sub_manager?(current_or_guest_user)`
			`end`

			`def check_approver`
			`check_admin \|\| check_manager \|\| @module_app.can_approve?(current_or_guest_user)`
			`end`

			`def open_for(var)`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`@user_type \|\|= []`
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`@user_type << var`
			`end`

Add option to skip authorization 2013-10-08 09:18:58 +00:00			`def no_authorization`
			`@no_authorization = true`
			`end`

Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`def check_user_can_use`
Updated orbit core lib for module app 2013-11-05 03:25:35 +00:00			`unless current_or_guest_user.admin? \|\| (@module_app.is_manager?(current_or_guest_user) if @module_app.present?) \|\| (@module_app.is_sub_manager?(current_or_guest_user) if @module_app.present?) \|\| (@module_app.can_approve?(current_or_guest_user) if @module_app.present?)`
authorized user now able edit page context 2013-11-05 05:01:14 +00:00			`redirect_to admin_dashboards_url`
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`end`
			`end`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00
Make the filter for authorisation easier for developers 2013-08-22 04:17:50 +00:00			`def setup_vars`
Add option to skip authorization 2013-10-08 09:18:58 +00:00			`@app_title \|\|= controller_path.split('/')[1].singularize rescue nil`
			`@module_app \|\|= ModuleApp.first(conditions: {:key => @app_title} ) rescue nil`
default widgets and sidebar. 2012-12-03 10:52:36 +00:00			`end`
			`end`
			`end`

Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`end`