diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
new file mode 100644
index 000000000..2b54cc5ef
--- /dev/null
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -0,0 +1,71 @@
+class Admin::ObjectAuthsController < ApplicationController
+ layout "admin"
+ before_filter :authenticate_user!
+# before_filter :is_admin? ,:only => :index
+
+ def index
+ # @roles = Role.all.entries
+ # apps = Purchase.where(:type =>"App")
+ # @app_auth_data = apps.entries.map do |app|
+ # app_c = eval(app.app_controller)
+ # obj = app_c.new
+ # obj_auth = obj.send "auth"
+ # [:app_obj => app,:auth_field => obj_auth]
+ # end
+ # if current_user.admin?
+ @object_auths = ObjectAuth.all
+ # else
+ # @module_apps = current_user.managing_apps.collect{|t| t.managing_app}
+ # end
+ end
+
+ def create
+ # app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id])
+ # params[:new].each do |item|
+ # field = item[0]
+ # field_value = item[1]
+ # if field_value!=''
+ # case field
+ # when 'role'
+ # app_auth.send("add_#{field}",(Role.find field_value)) rescue nil
+ # when 'sub_role'
+ # app_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
+ # when 'privilege_user'
+ # app_auth.add_user_to_privilege_list (User.find field_value) rescue nil
+ # when 'blocked_user'
+ # app_auth.add_user_to_black_list (User.find field_value) rescue nil
+ # end
+ # end
+ # end
+ # app = ModuleApp.find params[:module_app_id] rescue nil
+ # redirect_to edit_admin_module_app_path(app)
+ end
+
+ def remove
+ # app_auth = AppAuth.find( params[:id] )
+ # type = params[:type]
+ # field_value = params[:target_id]
+ # if field_value!=''
+ # case type
+ # when 'role'
+ # app_auth.remove_role(Role.find field_value) rescue nil
+ # when 'sub_role'
+ # app_auth.remove_sub_role(SubRole.find field_value) rescue nil
+ # when 'privilege_user'
+ # app_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
+ # when 'blocked_user'
+ # app_auth.remove_user_from_black_list (User.find field_value) rescue nil
+ # end
+ # end
+ #
+ # app = ModuleApp.find params[:module_app_id] rescue nil
+ # redirect_to edit_admin_module_app_path(app)
+ end
+
+ def edit
+ @object_auth = ObjectAuth.find(params[:id])
+ end
+
+
+
+end
\ No newline at end of file
diff --git a/app/models/app_auth.rb b/app/models/app_auth.rb
index b31add3c0..5a3de60c5 100644
--- a/app/models/app_auth.rb
+++ b/app/models/app_auth.rb
@@ -1,94 +1,5 @@
-class AppAuth
- include Mongoid::Document
- include Mongoid::Timestamps
- # after_save :update_block_list,:update_privilage_list
-
- field :title
- field :token
- field :all ,type: Boolean,default: false
+class AppAuth < PrototypeAuth
+
belongs_to :module_app
- belongs_to :users
- # belongs_to :users,as: :block_users, :inverse_of => :privilege_apps
- has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
- has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
-
-
- has_and_belongs_to_many :roles
- has_and_belongs_to_many :sub_roles
-
- attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
-
- def add_role role
- add_operation(:roles,role)
- end
-
- def add_sub_role role
- add_operation(:sub_roles,role)
- end
-
- def remove_role role
- remove_operation(:roles,role)
- end
-
- def remove_sub_role role
- remove_operation(:sub_roles,role)
- end
-
- def add_user_to_black_list user
- add_operation(:blocked_users,user)
- end
-
- def remove_user_from_black_list user
- remove_operation(:blocked_users,user)
- end
-
- def add_user_to_privilege_list user
- add_operation(:privilege_users,user)
- end
-
- def remove_user_from_privilege_list user
- remove_operation(:privilege_users,user)
- end
-
- def remove_operation(item,obj)
- if (self.send item).include? obj
- (self.send item).delete obj
- self.save!
- else
- false #should put error message for user not existed in list
- end
- end
-
- def add_operation(item,obj)
- unless (self.send item).include?(obj)
- (self.send item) << obj
- self.save!
- else
- false #should put error message for user existed in list already
- end
- end
-
- def auth_users
- if self.all?
- User.all.entries
- else
- ary=[]
- [:roles,:sub_roles].each do |t_role|
- ary += (self.send t_role).collect do |role|
- role.users
- end
- end
- ary << self.privilege_users
- ary.flatten!.uniq
- end
- end
-
- def auth_users_after_block_list
- auth_users - self.blocked_users
- end
-
- # protected
-
-
end
\ No newline at end of file
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
new file mode 100644
index 000000000..dab7acc73
--- /dev/null
+++ b/app/models/object_auth.rb
@@ -0,0 +1,11 @@
+class ObjectAuth < PrototypeAuth
+
+ belongs_to :obj_authable, polymorphic: true
+ # > - Something.find_with_auth(query)
+ # > - or Something.find(query).auth
+ def auth_obj
+ class_obj = eval(self.obj_authable_type)
+ class_obj.find self.obj_authable_id
+ end
+
+end
\ No newline at end of file
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
new file mode 100644
index 000000000..734268c43
--- /dev/null
+++ b/app/models/prototype_auth.rb
@@ -0,0 +1,93 @@
+class PrototypeAuth
+ include Mongoid::Document
+ include Mongoid::Timestamps
+ # after_save :update_block_list,:update_privilage_list
+
+ field :title
+ field :token
+ field :all ,type: Boolean,default: false
+
+ belongs_to :users
+ # belongs_to :users,as: :block_users, :inverse_of => :privilege_apps
+ has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
+ has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
+
+
+ has_and_belongs_to_many :roles
+ has_and_belongs_to_many :sub_roles
+
+ attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
+
+ def add_role role
+ add_operation(:roles,role)
+ end
+
+ def add_sub_role role
+ add_operation(:sub_roles,role)
+ end
+
+ def remove_role role
+ remove_operation(:roles,role)
+ end
+
+ def remove_sub_role role
+ remove_operation(:sub_roles,role)
+ end
+
+ def add_user_to_black_list user
+ add_operation(:blocked_users,user)
+ end
+
+ def remove_user_from_black_list user
+ remove_operation(:blocked_users,user)
+ end
+
+ def add_user_to_privilege_list user
+ add_operation(:privilege_users,user)
+ end
+
+ def remove_user_from_privilege_list user
+ remove_operation(:privilege_users,user)
+ end
+
+ def remove_operation(item,obj)
+ if (self.send item).include? obj
+ (self.send item).delete obj
+ self.save!
+ else
+ false #should put error message for user not existed in list
+ end
+ end
+
+ def add_operation(item,obj)
+ unless (self.send item).include?(obj)
+ (self.send item) << obj
+ self.save!
+ else
+ false #should put error message for user existed in list already
+ end
+ end
+
+ def auth_users
+ if self.all?
+ User.all.entries
+ else
+ ary=[]
+ [:roles,:sub_roles].each do |t_role|
+ ary += (self.send t_role).collect do |role|
+ role.users
+ end
+ end
+ ary << self.privilege_users
+ ary.flatten!.uniq
+ end
+ end
+
+ def auth_users_after_block_list
+ auth_users - self.blocked_users
+ end
+
+ # protected
+
+
+end
\ No newline at end of file
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
new file mode 100644
index 000000000..7afca0a4d
--- /dev/null
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -0,0 +1,34 @@
+
+ <%#= debugger %>
+
User Role
+ <%= debugger %>
+ <%= form_tag(polymorphic_path([controller_path.split('/')[0],object,auth.class.name.underscore]),:method => :post) do %>
+ <%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
+ <%= submit_tag 'Add Role' %>
+ <%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
+ <%= submit_tag 'Add SubRole' %>
+ <%= collection_select(:new,:privilege_user, User.all, :id, :name, :prompt => true) %>
+ <%= submit_tag 'Add PrivilegeList' %>
+ <%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
+ <%= submit_tag 'Add BlockedList' %>
+ <% end %>
+
+ <% unless auth.nil? %>
+ <% auth.roles.each do |role| %>
+
<%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
+ <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'role',:target_id=>role.id),:method => :delete %>
+ <% end %>
+
+ <% auth.sub_roles.each do |role| %>
+
<%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'sub_role',:target_id=>role.id),:method => :delete %>
+ <% end %>
+
+ <% auth.privilege_users.each do |user| %>
+
<%= user.name %> <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'privilege_user',:target_id=>user.id),:method => :delete %>
+ <% end %>
+
+ <% auth.blocked_users.each do |user| %>
+
<%= user.name %><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'blocked_user',:target_id=>user.id),:method => :delete %>
+ <% end %>
+<% end %>
+
\ No newline at end of file
diff --git a/app/views/admin/module_apps/edit.html.erb b/app/views/admin/module_apps/edit.html.erb
index 9429e963d..5a2d56ec2 100644
--- a/app/views/admin/module_apps/edit.html.erb
+++ b/app/views/admin/module_apps/edit.html.erb
@@ -36,34 +36,5 @@
-
-
User Role
- <%= form_tag(admin_module_app_app_auths_path(@module_app),:method => :post) do %>
- <%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
- <%= submit_tag 'Add Role' %>
- <%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
- <%= submit_tag 'Add SubRole' %>
- <%= collection_select(:new,:privilege_user, User.all, :id, :name, :prompt => true) %>
- <%= submit_tag 'Add PrivilegeList' %>
- <%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
- <%= submit_tag 'Add BlockedList' %>
- <% end %>
-
- <% unless @module_app.app_auth.nil? %>
- <% @module_app.app_auth.roles.each do |role| %>
-
<%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'role',role),:method => :delete %>
- <% end %>
-
- <% @module_app.app_auth.sub_roles.each do |role| %>
-
<%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'sub_role',role),:method => :delete %>
- <% end %>
-
- <% @module_app.app_auth.privilege_users.each do |user| %>
-
<%= user.name %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'privilege_user',user),:method => :delete %>
- <% end %>
-
- <% @module_app.app_auth.blocked_users.each do |user| %>
-
<%= user.name %><%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'blocked_user',user),:method => :delete %>
- <% end %>
-<% end %>
-
+<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth } %>
+
diff --git a/app/views/admin/object_auths/_auth_unit.html.erb b/app/views/admin/object_auths/_auth_unit.html.erb
new file mode 100644
index 000000000..5a246fc3a
--- /dev/null
+++ b/app/views/admin/object_auths/_auth_unit.html.erb
@@ -0,0 +1,3 @@
+
+ <%= unit%>
+
\ No newline at end of file
diff --git a/app/views/admin/object_auths/edit.html.erb b/app/views/admin/object_auths/edit.html.erb
new file mode 100644
index 000000000..62e9b4657
--- /dev/null
+++ b/app/views/admin/object_auths/edit.html.erb
@@ -0,0 +1,13 @@
+<% content_for :secondary do %>
+<% end %>
+
+
+
+
+
+
+
<%= @object_auth.title %>
+
+<%= render :partial => "admin/components/user_role_management", :locals => { :object => @object_auth.auth_obj ,:auth=> @object_auth } %>
+
+
diff --git a/app/views/admin/object_auths/index.html.erb b/app/views/admin/object_auths/index.html.erb
new file mode 100644
index 000000000..7db021e54
--- /dev/null
+++ b/app/views/admin/object_auths/index.html.erb
@@ -0,0 +1,39 @@
+<% content_for :secondary do %>
+ <% #render 'side_bar' %>
+<% end %>
+
+
+ <%= flash_messages %>
+
+ <% #link_to t('admin.new_user'), new_admin_user_path, :class => 'new' %>
+
+
+
+
+ <%= t('admin.object_auth.title') %> |
+ <%= t('admin.object_auth.obj_type') %> |
+
+
+
+
+ <% @object_auths.each do |object_auth| %>
+
+ <%= object_auth.title %> |
+ <%= object_auth.obj_authable_type.to_s %> |
+
+
+ <%= link_to t(:show), admin_object_auth_path(object_auth), :class => 'show' %>
+ <%= link_to t(:edit), edit_admin_object_auth_path(object_auth), :class => 'edit' %>
+ <%= link_to t(:delete), admin_object_auth_path(object_auth), :class => 'delete', :confirm => t('sure?'), :method => :delete %>
+ |
+
+
+ |
+
+ <% end %>
+
+
+
+ <%# link_to t('admin.new_user'), new_admin_user_path, :class => 'new' %>
+
+
diff --git a/config/routes.rb b/config/routes.rb
index a8574ee66..c9bb7f7aa 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -12,6 +12,8 @@ PrototypeR4::Application.routes.draw do
namespace :admin do
resources :assets
resources :app_auths
+ resources :object_auths
+
resources :ad_banners
resources :designs do
collection do
diff --git a/vendor/built_in_modules/new_blog/app/models/post.rb b/vendor/built_in_modules/new_blog/app/models/post.rb
index f60c1c196..2926c3051 100644
--- a/vendor/built_in_modules/new_blog/app/models/post.rb
+++ b/vendor/built_in_modules/new_blog/app/models/post.rb
@@ -5,4 +5,5 @@ class Post
field :body, :type => String
embeds_many :comments
validates_presence_of :title, :body
+ has_one :object_auth,as: :obj_authable,dependent: :delete
end
\ No newline at end of file