fix bugs with token

This commit is contained in:
Matthew Kaito Juyuan Fu 2012-02-16 13:57:28 +08:00 committed by Christophe Vilayphiou
parent cc550c5745
commit 2e58c63ff7
8 changed files with 31 additions and 12 deletions

View File

@ -10,7 +10,6 @@ class OrbitBackendController< ApplicationController
def setup_vars def setup_vars
@app_title = request.fullpath.split('/')[2] @app_title = request.fullpath.split('/')[2]
@module_app = ModuleApp.first(conditions: {:key => @app_title} ) @module_app = ModuleApp.first(conditions: {:key => @app_title} )
end end
private private

View File

@ -1,6 +1,7 @@
class ModuleApp class ModuleApp
include Mongoid::Document include Mongoid::Document
include Mongoid::Timestamps include Mongoid::Timestamps
include OrbitCoreLib::ObjectTokenUnility
field :key field :key
field :title field :title
@ -82,4 +83,5 @@ class ModuleApp
self.key = self.title.underscore if self.title self.key = self.title.underscore if self.title
end end
end end

View File

@ -1,5 +1,5 @@
class ObjectAuth < PrototypeAuth class ObjectAuth < PrototypeAuth
include OrbitCoreLib::ObjectTokenUnility
belongs_to :obj_authable, polymorphic: true belongs_to :obj_authable, polymorphic: true
# > - Something.find_with_auth(query) # > - Something.find_with_auth(query)
# > - or Something.find(query).auth # > - or Something.find(query).auth

View File

@ -4,7 +4,6 @@ class PrototypeAuth
# after_save :update_block_list,:update_privilage_list # after_save :update_block_list,:update_privilage_list
field :title field :title
field :token
field :all ,type: Boolean,default: false field :all ,type: Boolean,default: false
belongs_to :users belongs_to :users
@ -12,12 +11,13 @@ class PrototypeAuth
has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User" has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User" has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
has_and_belongs_to_many :roles has_and_belongs_to_many :roles
has_and_belongs_to_many :sub_roles has_and_belongs_to_many :sub_roles
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
def add_role role def add_role role
add_operation(:roles,role) add_operation(:roles,role)
end end
@ -87,7 +87,6 @@ class PrototypeAuth
auth_users_before_block_list - self.blocked_users auth_users_before_block_list - self.blocked_users
end end
# protected
end end

View File

@ -1,5 +1,7 @@
<div id="user_role_management"> <div id="user_role_management">
<h1>User Role</h1> <h1>User Role</h1>
All User
<%= form_tag(submit_url) do %> <%= form_tag(submit_url) do %>
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %> <%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
<%= submit_tag 'Add Role' %><br/> <%= submit_tag 'Add Role' %><br/>
@ -10,7 +12,6 @@
<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %> <%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
<%= submit_tag 'Add BlockedList' %><br/> <%= submit_tag 'Add BlockedList' %><br/>
<% end %> <% end %>
<ul>Roles </ul>
<% unless auth.nil? %> <% unless auth.nil? %>
<% auth.roles.each do |role| %> <% auth.roles.each do |role| %>
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> <li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>

View File

@ -16,7 +16,7 @@ PrototypeR4::Application.routes.draw do
resources :app_auths resources :app_auths
resources :object_auths do resources :object_auths do
collection do collection do
match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
end end
member do member do
match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role

View File

@ -31,12 +31,28 @@ module OrbitCoreLib
end end
end end
module ObjectTokenUnility
def self.included(base)
base.instance_eval("field :s_token")
base.instance_eval("after_create :generate_token")
end
def token
return self.s_token
end
protected
def generate_token
self.s_token = ActiveSupport::SecureRandom.hex(16)
self.save!
end
end
module PermissionUnility module PermissionUnility
private private
def check_permission(type = :use) def check_permission(type = :use)
permission_grant = current_user.admin?? true : false permission_grant = current_user.admin?? true : false
module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
unless permission_grant unless permission_grant
permission_grant = case type permission_grant = case type
when :use when :use
@ -51,6 +67,8 @@ module OrbitCoreLib
end end
permission_grant permission_grant
end end
def find_module_app_by_token(token)
ModuleApp.first(conditions: {s_token: token})
end
end end
end end

View File

@ -7,9 +7,9 @@
<td><%= bulletin_category.display %></td> <td><%= bulletin_category.display %></td>
<% if is_manager? %> <% if is_manager? %>
<td> <td>
<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %> <br/ > <%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,:token => @module_app.token) %> <br/ >
<% bulletin_category.object_auths.each do |obj_auth| %> <% bulletin_category.object_auths.each do |obj_auth| %>
<%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth) %><br /> <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth,:token => @module_app.token) %><br />
<% end %> <% end %>
</td> </td>
<td> <td>