From e1450ec748a4d22df51767552d6a28456c4b652c Mon Sep 17 00:00:00 2001 From: "Matthew K. Fu JuYuan" Date: Mon, 14 May 2012 12:34:15 +0800 Subject: [PATCH] Change to apply page to had object_auth --- .../object_auths_new_interface_controller.rb | 5 +++-- app/controllers/application_controller.rb | 4 ++++ app/controllers/orbit_backend_controller.rb | 1 + app/helpers/admin/page_content_helper.rb | 18 ++++++++++++++++++ app/models/ad_banner.rb | 10 ++++++++++ app/models/object_auth.rb | 12 ++++++++++++ app/models/user/user.rb | 8 ++++++++ .../setting.html.erb | 2 +- config/locales/zh_tw.yml | 4 ++++ lib/orbit_core_lib.rb | 5 +++++ .../app/models/bulletin_category.rb | 2 +- .../news/app/models/news_bulletin_category.rb | 3 ++- .../back_end/page_contexts_controller.rb | 7 ++++--- .../page_content/app/models/page_context.rb | 12 +++++++++++- .../page_contexts/_page_context.html.erb | 13 +++++++++++-- 15 files changed, 95 insertions(+), 11 deletions(-) create mode 100644 app/helpers/admin/page_content_helper.rb diff --git a/app/controllers/admin/object_auths_new_interface_controller.rb b/app/controllers/admin/object_auths_new_interface_controller.rb index 427ec7222..6c33ff711 100644 --- a/app/controllers/admin/object_auths_new_interface_controller.rb +++ b/app/controllers/admin/object_auths_new_interface_controller.rb @@ -1,4 +1,4 @@ -class Admin::ObjectAuthsNewInterfaceController < ApplicationController +class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController include OrbitCoreLib::PermissionUnility layout "new_admin" before_filter :force_order @@ -33,8 +33,9 @@ class Admin::ObjectAuthsNewInterfaceController < ApplicationController protected def update_setting_by_params + user_sat = [] oa = ObjectAuth.find params[:ob_auth][:id] - user_sat = User.find params[:users].keys + user_sat += User.find params[:users].keys if params.has_key? :users users_to_new = user_sat - oa.auth_users users_to_remove = oa.auth_users - user_sat diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 494b497ea..ae63e824d 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -8,6 +8,10 @@ class ApplicationController < ActionController::Base helper :all before_filter :set_locale, :set_site + def set_current_user + User.current = current_user + end + def front_end_available(module_app_title='') app_controller = ModuleApp.first(conditions: {:key => module_app_title} ) unless app_controller.enable_frontend? diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb index a03a1f6c0..a8d3a2e89 100644 --- a/app/controllers/orbit_backend_controller.rb +++ b/app/controllers/orbit_backend_controller.rb @@ -10,6 +10,7 @@ class OrbitBackendController< ApplicationController def setup_vars @app_title = request.fullpath.split('/')[2] + @app_title = request.fullpath.split('/')[1] if(@app_title == "back_end") @module_app = ModuleApp.first(conditions: {:key => @app_title} ) end diff --git a/app/helpers/admin/page_content_helper.rb b/app/helpers/admin/page_content_helper.rb new file mode 100644 index 000000000..9f2b22e0a --- /dev/null +++ b/app/helpers/admin/page_content_helper.rb @@ -0,0 +1,18 @@ +module Admin::PageContentHelper +include ActionView::Helpers::UrlHelper + + + def show_page_context_edit_auth_link(page_context) + type = 'Edit' +# debugger +# a=1 + oa = page_context.get_object_auth_by_title(type) + if oa.nil? + page_context.object_auths.new(title: type ).save rescue + oa = page_context.get_object_auth_by_title(type) + end +# link_to t('announcement.bulletin.cate_auth'), edit_admin_object_auth_path(oa) + link_to t('admin.page_context.ob_auth.edit'),admin_object_auth_ob_auth_path(oa) + end + +end \ No newline at end of file diff --git a/app/models/ad_banner.rb b/app/models/ad_banner.rb index 39112960f..e1013c2f5 100644 --- a/app/models/ad_banner.rb +++ b/app/models/ad_banner.rb @@ -1,4 +1,5 @@ class AdBanner + include OrbitCoreLib::ObjectAuthable include Mongoid::Document include Mongoid::Timestamps include Mongoid::MultiParameterAttributes @@ -14,6 +15,15 @@ class AdBanner FX_TYPES = ["blindX","blindY","blindZ","cover","curtainX","curtainY","fade","fadeZoom","growX","growY","scrollUp","scrollDown","scrollLeft","scrollRight","scrollHorz","scrollVert","shuffle","slideX","slideY","toss","turnUp","turnDown","turnLeft","turnRight","uncover","wipe","zoom"] attr_writer :transition_sec + + AfterObjectAuthUrl = '/panel/page_content/back_end/page_contexts' + APP_NAME = 'ad_banners' + ObjectAuthTitlesOptions = %W{edit} + + def pp_object + title + end + def transition_sec self.transition_msec/1000 rescue nil end diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb index ae3fd7015..d1c1c6737 100644 --- a/app/models/object_auth.rb +++ b/app/models/object_auth.rb @@ -2,6 +2,7 @@ class ObjectAuth < PrototypeAuth include OrbitCoreLib::ObjectTokenUnility validates_uniqueness_of :title ,:scope => [:obj_authable_type,:obj_authable_id] #{ |c| } belongs_to :obj_authable, polymorphic: true + after_save :check_user_has_app_auth # > - Something.find_with_auth(query) # > - or Something.find(query).auth def auth_obj @@ -9,4 +10,15 @@ class ObjectAuth < PrototypeAuth class_obj.find self.obj_authable_id end + def check_user_has_app_auth + sub_managing_users = auth_obj.app_auth.sub_managing_users + app_auth = auth_obj.app_auth + self.auth_users.each do |auth_user| + if !sub_managing_users.include? auth_user && !auth_user.admin? + app_auth.assign_sub_manager(auth_user,User.current) + app_auth.save! + end + end + end + end \ No newline at end of file diff --git a/app/models/user/user.rb b/app/models/user/user.rb index d74a543b9..2a2dbd861 100644 --- a/app/models/user/user.rb +++ b/app/models/user/user.rb @@ -20,6 +20,14 @@ class User belongs_to :role has_and_belongs_to_many :sub_roles accepts_nested_attributes_for :attribute_values, :allow_destroy => true + + def self.current + Thread.current[:user] + end + + def self.current=(user) + Thread.current[:user] = user + end def avb_apps sub_role_ids_ary=self.sub_roles.collect{|t| t.id} diff --git a/app/views/admin/object_auths_new_interface/setting.html.erb b/app/views/admin/object_auths_new_interface/setting.html.erb index ae5096ba4..f5d17370f 100644 --- a/app/views/admin/object_auths_new_interface/setting.html.erb +++ b/app/views/admin/object_auths_new_interface/setting.html.erb @@ -27,7 +27,7 @@
<%= content_tag :div do -%> <% form_tag admin_object_auth_ob_auth_path do %> - <%#= render :partial => "privilege_user", :locals => {:users => @users_array} %> + <%= render :partial => "privilege_user", :locals => {:users => @users_array} %>
<%= submit_tag "Update", :class => 'btn btn-primary' %>
diff --git a/config/locales/zh_tw.yml b/config/locales/zh_tw.yml index 29721630c..e871de00b 100644 --- a/config/locales/zh_tw.yml +++ b/config/locales/zh_tw.yml @@ -199,6 +199,10 @@ zh_tw: options: 選項 orig_upload_file: 原上傳檔名 page: 頁面管理 + page_context: + edit: 編輯 + ob_auth: + edit: 分類授權 position: 位置 published?: 發布? purchase: 購買 diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb index 281654a76..a6c9917f7 100644 --- a/lib/orbit_core_lib.rb +++ b/lib/orbit_core_lib.rb @@ -19,6 +19,10 @@ module OrbitCoreLib end + def app_auth + ModuleApp.first(conditions: {:title => self.class::APP_NAME} ) + end + def pp_object "Object Auth method 'pp_object' need to be defined for class #{self.class}" end @@ -67,6 +71,7 @@ module OrbitCoreLib module PermissionUnility private def check_permission(type = :use) + setup_vars permission_grant = current_user.admin?? true : false module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app unless permission_grant diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb index 955d5f18d..ff0e0a9cb 100644 --- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb +++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb @@ -10,7 +10,7 @@ class BulletinCategory # include Mongoid::MultiParameterAttributes PAYMENT_TYPES = [ "List", "Picture" ] - + APP_NAME = 'Announcement' field :key field :display diff --git a/vendor/built_in_modules/news/app/models/news_bulletin_category.rb b/vendor/built_in_modules/news/app/models/news_bulletin_category.rb index b3dd7bc46..a9997b995 100644 --- a/vendor/built_in_modules/news/app/models/news_bulletin_category.rb +++ b/vendor/built_in_modules/news/app/models/news_bulletin_category.rb @@ -10,7 +10,8 @@ class NewsBulletinCategory # include Mongoid::MultiParameterAttributes PAYMENT_TYPES = [ "List", "Picture" ] - + APP_NAME = 'news' + field :key field :display diff --git a/vendor/built_in_modules/page_content/app/controllers/panel/page_content/back_end/page_contexts_controller.rb b/vendor/built_in_modules/page_content/app/controllers/panel/page_content/back_end/page_contexts_controller.rb index 6ae315fbf..809bfbb33 100644 --- a/vendor/built_in_modules/page_content/app/controllers/panel/page_content/back_end/page_contexts_controller.rb +++ b/vendor/built_in_modules/page_content/app/controllers/panel/page_content/back_end/page_contexts_controller.rb @@ -1,7 +1,8 @@ class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController - - before_filter :authenticate_user! - before_filter :is_admin? + before_filter :for_app_manager,:except => [:index,:edit,:update,:view,:show] + before_filter :for_app_sub_manager,:only => [:edit,:update,:view,:show] + :authenticate_user! + #before_filter :is_admin? def index diff --git a/vendor/built_in_modules/page_content/app/models/page_context.rb b/vendor/built_in_modules/page_content/app/models/page_context.rb index 5c0967113..dfbfd4a98 100644 --- a/vendor/built_in_modules/page_content/app/models/page_context.rb +++ b/vendor/built_in_modules/page_content/app/models/page_context.rb @@ -4,7 +4,9 @@ class PageContext include Mongoid::Document include Mongoid::Timestamps include Mongoid::MultiParameterAttributes - + + include OrbitCoreLib::ObjectAuthable + has_one :context, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy @@ -17,6 +19,14 @@ class PageContext belongs_to :page + AfterObjectAuthUrl = '/panel/page_content/back_end/page_contexts' + APP_NAME = 'page_content' + ObjectAuthTitlesOptions = %W{Edit} + + def pp_object + page.i18n_variable[I18n.locale] + end + def is_top? self.is_top end diff --git a/vendor/built_in_modules/page_content/app/views/panel/page_content/back_end/page_contexts/_page_context.html.erb b/vendor/built_in_modules/page_content/app/views/panel/page_content/back_end/page_contexts/_page_context.html.erb index 08db9b2d3..564f8ab55 100644 --- a/vendor/built_in_modules/page_content/app/views/panel/page_content/back_end/page_contexts/_page_context.html.erb +++ b/vendor/built_in_modules/page_content/app/views/panel/page_content/back_end/page_contexts/_page_context.html.erb @@ -4,11 +4,20 @@ <%= page_context.page.i18n_variable[I18n.locale] %>
- <%= link_to page_context.version, panel_page_content_back_end_view_path(page_context.page_id) %> + + <%if is_manager? || is_admin? || page_context.authed_users(:edit).include?(current_user)%> + <%= link_to page_context.version, panel_page_content_back_end_view_path(page_context.page_id) %> + <%end -%> + <%= page_context.updated_at.strftime("%Y-%m-%d %H:%I:%S") %> <%= User.find(page_context.create_user_id).name %> \ No newline at end of file