diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb index a350c28b1..2386a1d19 100644 --- a/app/controllers/admin/module_apps_controller.rb +++ b/app/controllers/admin/module_apps_controller.rb @@ -100,7 +100,7 @@ class Admin::ModuleAppsController < ApplicationController end #user is not permited to do that flash[:notice] = t('admin.app_auth.operation_not_permitted') - redirect_to :action => "edit" # [TODO] maybe need to redirect to some other page + render :nothing => true, :status => 403 end @@ -112,7 +112,7 @@ class Admin::ModuleAppsController < ApplicationController end #user is not permited to do that flash[:notice] = t('admin.app_auth.operation_not_permitted') - redirect_to :action => "edit" # [TODO] maybe need to redirect to some other page + render :nothing => true, :status => 403 end end \ No newline at end of file diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb index a7a8dc419..58219acf2 100644 --- a/app/controllers/admin/object_auths_controller.rb +++ b/app/controllers/admin/object_auths_controller.rb @@ -27,8 +27,13 @@ class Admin::ObjectAuthsController < ApplicationController def create obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id] - @object_auth=obj.object_auths.create :title=> params[:object_auth][:title] - redirect_to edit_admin_object_auth_path(@object_auth) + @object_auth=obj.object_auths.build :title=> params[:object_auth][:title] + if @object_auth.save + redirect_to edit_admin_object_auth_path(@object_auth) + else + flash[:error] = t('admin.object.a_object_must_have_only_one_object_auth_profile_for_each_action') + redirect_to (:back) + end end def create_role diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb index f67f99843..8932bb762 100644 --- a/app/models/object_auth.rb +++ b/app/models/object_auth.rb @@ -1,5 +1,6 @@ class ObjectAuth < PrototypeAuth include OrbitCoreLib::ObjectTokenUnility + validates_uniqueness_of :obj_authable_type,:scope => :title #{ |c| } belongs_to :obj_authable, polymorphic: true # > - Something.find_with_auth(query) # > - or Something.find(query).auth diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb index 99cd72d71..cd9ca8ae7 100644 --- a/app/views/admin/components/_user_role_management.html.erb +++ b/app/views/admin/components/_user_role_management.html.erb @@ -1,7 +1,7 @@

All User

<%= form_tag(submit_url) do %> - <%= check_box_tag 'auth_all',true,auth.all %><%= submit_tag 'Add Role' %>
+ <%= check_box_tag 'auth_all',true,(auth.all rescue true) %><%= submit_tag 'Add Role' %>
<% end %>
diff --git a/lib/tasks/user.rake b/lib/tasks/user.rake index 31ed7c246..5189ee14f 100644 --- a/lib/tasks/user.rake +++ b/lib/tasks/user.rake @@ -5,7 +5,7 @@ namespace :user do User.all(conditions: {email: /nor/}).destroy_all username_list = %w{nor1 nor2 nor3 nor4 nor5 nor6 nor7} - userfirstname_list_en = %w{ One Two Thre For Fiv Six Sen } + userfirstname_list_en = %w{ UserOne UserTwo Thre For Fiv Six Sen } userlastname_list_en = %w{ Aa Bb Cc Dd Ee Ff Gg } userfirstname_list_ct = %w{ 一一 二二 三三 四四 五五 六六 七七 } diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb index 8faf23f6c..f7f51b4db 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb @@ -4,8 +4,8 @@ class Panel::Announcement::BackEnd::AnnouncementsController < OrbitBackendContro render :text => "This is an public_page need to be build" end - def index - + def list_mine + @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new') end # GET /announcements/1 # GET /announcements/1.xml diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb index 2731ee39b..6880f8e64 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb @@ -1,5 +1,5 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController - + include AdminHelper #before_filter :is_admin? def index @@ -136,7 +136,12 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController protected def get_categorys(id = nil) - @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true)) + @bulletin_categorys = [] + if(is_manager? || is_admin?) + @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true)) + elsif is_sub_manager? + @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new') + end end diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb index 1ef3b3007..dd4719589 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb @@ -1,10 +1,18 @@ class Panel::Announcement::BackEnd::FactChecksController < OrbitBackendController before_filter :authenticate_user! + include AdminHelper layout 'admin' def index - @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview') - @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check') + @bulletin_categorys_submit_new = [] + @bulletin_categorys_check =[] + if is_admin? || is_manager? + #@bulletin_categorys_submit_new = BulletinCategory.all + @bulletin_categorys_check = BulletinCategory.all + # elsif is_sub_manager? + # @bulletin_categorys_submit_new = BulletinCategory.authed_for_user(current_user,'submit_new') + # @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check') + end end def new diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb index 1a086ebfb..ee2767f55 100644 --- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb +++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb @@ -5,7 +5,7 @@ class BulletinCategory include Mongoid::Timestamps include OrbitCoreLib::ObjectAuthable - ObjectAuthTitlesOptions = %W{preview fact_check} + ObjectAuthTitlesOptions = %W{submit_new fact_check} AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys' # include Mongoid::MultiParameterAttributes diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb index 87a2993c9..87b30a049 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb @@ -1,22 +1,17 @@ <% content_for :secondary do %> -
-
-
-
-
- +<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %> <% end -%> <%= flash_messages %> +
+
+
+
+
+

<%= t('bulletin_category.list_announcement_class') %>

-
-
-
-
-
+ diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb index 5f8d064bc..296afb092 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb @@ -1,15 +1,15 @@ -
-
-
-
- <% content_for :secondary do %> - +<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %> <% end -%> <%= flash_messages %> + +
+
+
+
+
+

<%= t('bulletin_category.new_announcement_class') %>

<%= form_for @bulletin_category, :url => panel_announcement_back_end_bulletin_categorys_path do |f| %> <%= render :partial => 'form', :locals => {:f => f} %> diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb index 1bdd80636..9350d0fb9 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb @@ -1,9 +1,14 @@ -
-
-
-
+<% content_for :secondary do %> +<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %> +<% end -%> -

<%= t('announcement.editing_announcement') %>

+<%= flash_messages %> + +
+
+
+
+
<%= form_for @bulletin, :url => panel_announcement_back_end_bulletin_path(@bulletin) do |f| %> <%= render :partial => 'form', :locals => {:f => f} %> diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb index 728910958..dd88f5c02 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb @@ -1,15 +1,5 @@ <% content_for :secondary do %> -
-
-
-
-
- +<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %> <% end -%> <%= flash_messages %> diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb index e23ecfba3..d200bb66a 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb @@ -1,15 +1,14 @@ -
-
-
-
- <% content_for :secondary do %> - +<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %> <% end -%> <%= flash_messages %> + +
+
+
+
+

<%= t('bulletin.new_announcement') %>

<%= form_for @bulletin, :url => panel_announcement_back_end_bulletins_path do |f| %> <%= render :partial => 'form', :locals => {:f => f} %> diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb index c3ba2c09d..5aff4bbdb 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb @@ -1,10 +1,14 @@ -<% # encoding: utf-8 %> +<% content_for :secondary do %> +<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %> +<% end -%> + +<%= flash_messages %>


- -

<%= flash_messages %>

+
+
<%= t('bulletin_category.key') %>