Orbit/app/controllers/admin/module_apps_controller.rb

115 lines
3.5 KiB
Ruby
Raw Normal View History

class Admin::ModuleAppsController < OrbitBackendController
before_filter :user_has_manager_privilege?, :only => [ :assign_manager, :remove_manager ]
before_filter :user_has_sub_manager_privilege?, :only => [ :assign_sub_manager, :remove_sub_manager ]
layout "new_admin"
helper Admin::PagePartsHelper
def index
@module_apps = ModuleApp.all.entries
end
2012-01-12 06:13:41 +00:00
def module_auth_proc
@module_app = ModuleApp.find(params[:id])
end
2012-01-12 06:13:41 +00:00
def edit
@module_app = ModuleApp.find(params[:id])
end
2012-02-13 09:33:48 +00:00
def show
@module_app = ModuleApp.find(params[:id])
end
2012-01-13 10:20:04 +00:00
2012-01-12 06:13:41 +00:00
def update
@module_app = ModuleApp.find(params[:id])
unless params['module_app']['enable_frontend'].nil?
@module_app.update_attribute('enable_frontend',params['module_app']['enable_frontend'])
@module_app.save!
end
@attribute = @module_app
respond_to do |format|
format.html { redirect_to :action => :index }
format.js { render 'admin/attributes/toggle_enable' }
end
end
2012-01-13 10:20:04 +00:00
2012-01-13 10:20:04 +00:00
def assign_sub_manager
unless @assign_to_user.nil? || @assign_to_user.admin?
if @module_app.assign_sub_manager(@assign_to_user,current_user)
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.assigning_manager.add_manager_ok')
else
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.assigning_manager.add_manager_fail')
end
2012-01-13 10:20:04 +00:00
else
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.failed_no_user')
end
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.can_not_add_this_user')
redirect_to :action => "edit"
2012-01-13 10:20:04 +00:00
end
2012-01-13 10:20:04 +00:00
def assign_manager
unless @assign_to_user.nil? || @assign_to_user.admin?
2012-01-13 10:20:04 +00:00
if @module_app.assign_manager(@assign_to_user,current_user)
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.assigning_sub_manager.add_sub_manager_ok')
2012-01-13 10:20:04 +00:00
else
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.assigning_sub_manager.add_sub_manager_fail')
2012-01-13 10:20:04 +00:00
end
else
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.failed_no_user')
2012-01-13 10:20:04 +00:00
end
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.can_not_add_this_user')
redirect_to :action => "edit"
2012-01-13 10:20:04 +00:00
end
2012-01-13 10:20:04 +00:00
def remove_manager
@app_manager = AppManager.find(params[:app_manager_id])
2012-01-13 10:20:04 +00:00
if @module_app.remove_manager(@app_manager.user)
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.delete_manager.success')
2012-01-13 10:20:04 +00:00
else
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.delete_manager.fail')
2012-01-13 10:20:04 +00:00
end
redirect_to :action => "edit"
end
2012-01-13 10:20:04 +00:00
def remove_sub_manager
@app_sub_manager = AppManager.find(params[:app_sub_manager_id])
2012-01-13 10:20:04 +00:00
if @module_app.remove_sub_manager(@app_sub_manager.user)
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.delete_sub_manager.success')
2012-01-13 10:20:04 +00:00
else
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.delete_sub_manager.fail')
2012-01-13 10:20:04 +00:00
end
redirect_to :action => "edit"
end
private
def user_has_manager_privilege?
@module_app = ModuleApp.find(params[:id])
@assign_to_user = User.find params[:manager][:id] rescue nil
if current_user.admin? #only admin can assign app's manager
return
end
#user is not permited to do that
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.operation_not_permitted')
render :nothing => true, :status => 403
end
def user_has_sub_manager_privilege?
@module_app = ModuleApp.find(params[:id])
@assign_to_user = User.find params[:sub_manager][:id] rescue nil
if current_user.admin? || @module_app.managing_users.include?(current_user) #admin or app's manager can assign app's subanager
return
end
#user is not permited to do that
2012-09-12 11:12:50 +00:00
flash[:notice] = t('app_auth.operation_not_permitted')
2013-01-21 08:56:37 +00:00
render :nothing => true,:status => 403
end
2011-12-20 08:47:17 +00:00
end