fixing for app_auth

This commit is contained in:
Matthew Fu 2012-01-05 16:20:51 +08:00
parent d3ca1647be
commit 7b40706aed
9 changed files with 225 additions and 112 deletions

View File

@ -4,7 +4,7 @@ class Admin::AppAuthsController < ApplicationController
before_filter :is_admin? before_filter :is_admin?
def index def index
@user_roles = UserRole.all.entries @roles = Role.all.entries
apps = Purchase.where(:type =>"App") apps = Purchase.where(:type =>"App")
@app_auth_data = apps.entries.map do |app| @app_auth_data = apps.entries.map do |app|
app_c = eval(app.app_controller) app_c = eval(app.app_controller)

View File

@ -5,6 +5,13 @@ class ApplicationController < ActionController::Base
helper :all helper :all
before_filter :set_locale, :set_site before_filter :set_locale, :set_site
def front_end_available(module_app_title='')
app_controller = ModuleApp.first(conditions: {:title => module_app_title} )
unless app_controller.enable_frontend?
render :text => 'View not available'
end
end
def get_all_app_engines def get_all_app_engines
ary = ["vender/plugins/NewBlog"] ary = ["vender/plugins/NewBlog"]

View File

@ -15,55 +15,72 @@ class AppAuth
has_and_belongs_to_many :roles has_and_belongs_to_many :roles
has_and_belongs_to_many :sub_roles
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
def add_role role
add_operation(:roles,role)
end
def add_sub_role role
add_operation(:sub_roles,role)
end
def remove_role role
remove_operation(:roles,role)
end
def remove_sub_role role
remove_operation(:sub_roles,role)
end
def add_user_to_black_list user def add_user_to_black_list user
unless self.blocked_users.include?(user) add_operation(:blocked_users,user)
self.blocked_users << user
self.save!
else
false #should put error message for user existed in list already
end
end end
def remove_user_from_black_list user def remove_user_from_black_list user
if self.blocked_users.include? user remove_operation(:blocked_users,user)
self.blocked_users.delete user end
def add_user_to_privilege_list user
add_operation(:privilege_users,user)
end
def remove_user_from_privilege_list user
remove_operation(:privilege_users,user)
end
def remove_operation(item,obj)
if (self.send item).include? obj
(self.send item).delete obj
self.save! self.save!
else else
false #should put error message for user not existed in list false #should put error message for user not existed in list
end end
end end
def add_operation(item,obj)
def add_user_to_privilege_list user unless (self.send item).include?(obj)
unless self.privilege_users.include? user (self.send item) << obj
self.privilege_users << user
self.save! self.save!
else else
false #should put error message for user existed in list already false #should put error message for user existed in list already
end end
end end
def remove_user_from_privilege_list user
if self.privilege_users.include? user
self.privilege_users.delete user
self.save!
else
false #should put error message for user not existed in list
end
end
def auth_users def auth_users
if self.all? if self.all?
User.all.entries User.all.entries
else else
ary= self.roles.collect do |role| ary=[]
role.users [:roles,:sub_roles].each do |t_role|
ary += (self.send t_role).collect do |role|
role.users
end
end end
ary << self.privilege_users ary << self.privilege_users
ary.flatten! ary.flatten!.uniq
end end
end end

View File

@ -9,9 +9,13 @@ class ModuleApp
field :intro field :intro
field :update_info field :update_info
field :create_date field :create_date
field :enable_frontend,type: Boolean
field :app_pages ,type: Array field :app_pages ,type: Array
field :widgets ,type: Array
has_one :app_auth,dependent: :delete has_one :app_auth,dependent: :delete
end end

View File

@ -19,7 +19,10 @@ class User
accepts_nested_attributes_for :attribute_values, :allow_destroy => true accepts_nested_attributes_for :attribute_values, :allow_destroy => true
def avb_apps def avb_apps
query = AppAuth.any_of({all: true},{privilege_user_ids: self.id},{roles: self.role.id}).excludes(blocked_user_ids: self.id) sub_role_ids_ary=self.sub_roles.collect{|t| t.id}
query1 = AppAuth.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: self.id)
query2 = AppAuth.any_of({all: true},{privilege_user_ids: self.id},{role_ids: self.role.id}).excludes(blocked_user_ids: self.id)
(query1 + query2).uniq
end end
def name def name

View File

@ -38,7 +38,7 @@
<%= f.hidden_field :to_save, :value => true %> <%= f.hidden_field :to_save, :value => true %>
<% end %> <% end %>
<% else %> <% else %>
<%= File.basename (@design.default_css.file.url) %> <%= File.basename (@design.default_css.file.url) rescue "" %>
<% end %> <% end %>
</p> </p>
<p> <p>

View File

@ -1,6 +1,6 @@
<h1><%= t('admin.new_design') %></h1> <h1><%= t('admin.new_design') %></h1>
<%= form_for :design, :url => admin_designs_path do |f| %> <%= form_for @design, :url => admin_design_path(@design),:html => {:multipart => true} do |f| %>
<%= f.error_messages %> <%= f.error_messages %>
<%= render :partial => "form", :locals => { :f => f } %> <%= render :partial => "form", :locals => { :f => f } %>

View File

@ -6,129 +6,210 @@ describe AppAuth do
before do before do
User.all.destroy User.all.destroy
UserRole.all.destroy Role.all.destroy
SubRole.all.destroy
AppAuth.all.destroy AppAuth.all.destroy
ModuleApp.all.destroy ModuleApp.all.destroy
#Create some fixtures of Main Role #Create some fixtures of Main Role
main_role_key = ["Stud","Teacher","Staff"] main_role_key = ["Stud","Teacher","Staff"]
@new_main_role_list = main_role_key.each do |role| @new_main_role_list = main_role_key.each do |role|
new_role = UserRole.new :key => role new_role = Role.new :key => role
new_role.save new_role.save
end end
#Create Some SubRoles
sub_role_key = ["graduated_school","undergraduated_school","TA","Senior"]
@new_main_role_list = sub_role_key.each do |role|
new_role = SubRole.new :key => role
new_role.save
end
#Create some users of User #Create some users of User
user_emails = ["a_good_stud","a_bad_stud","a_teacher","a_staff"] user_emails = ["a_good_ug_stud_1","a_good_ug_stud_2","a_bad_ug_stud","a_good_g_stud","a_bad_g_stud","a_teacher","a_staff"]
user_emails.each do |user_email| user_emails.each do |user_email|
email=user_email+"@rulingcom.com" email=user_email+"@rulingcom.com"
new_user = User.new :email=> email new_user = User.new :email=> email
new_user.save new_user.save
end end
#MRK = Member Role Key SRK=Sub Role Key
@stud_MRK = UserRole.first(conditions:{key:"Stud"}) @stud_MRK = Role.first(conditions:{key:"Stud"})
@teacher_MRK = UserRole.first(conditions:{key:"Teacher"}) @teacher_MRK = Role.first(conditions:{key:"Teacher"})
@staff_MRK = UserRole.first(conditions:{key:"Staff"}) @staff_MRK = Role.first(conditions:{key:"Staff"})
@good_stu = User.first(conditions:{email:"a_good_stud@rulingcom.com"}) @graduated_SRK = SubRole.first(conditions:{key:"graduated_school"})
@bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"}) @under_graduated_SRK = SubRole.first(conditions:{key:"undergraduated_school"})
@ta_SRK = SubRole.first(conditions:{key:"TA"})
@senior_SRK = SubRole.first(conditions:{key:"Senior"})
@stud_MRK.sub_roles += [@graduated,@under_graduated,@ta]
@stud_MRK.save!
@teacher_MRK.sub_roles = [@senior]
@teacher_MRK.save!
@good_ug_stu_1 = User.first(conditions:{email:"a_good_ug_stud_1@rulingcom.com"})
@good_ug_stu_2 = User.first(conditions:{email:"a_good_ug_stud_2@rulingcom.com"})
@bad_ug_stu = User.first(conditions:{email:"a_bad_ug_stud@rulingcom.com"})
@good_g_stu = User.first(conditions:{email:"a_good_g_stud@rulingcom.com"})
@bad_g_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
@teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"}) @teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
@staff = User.first(conditions:{email:"a_staff@rulingcom.com"}) @staff = User.first(conditions:{email:"a_staff@rulingcom.com"})
#setting Roles for users #setting Roles for users
@good_stu.user_role = @stud_MRK @good_g_stu.role = @stud_MRK
@bad_stu.user_role = @stud_MRK @bad_g_stu.role = @stud_MRK
@teacher.user_role = @teacher_MRK @good_ug_stu_1.role = @stud_MRK
@staff.user_role = @staff_MRK @good_ug_stu_2.role = @stud_MRK
@bad_ug_stu.role = @stud_MRK
@good_g_stu.sub_roles = [@graduated_SRK,@ta_SRK]
@bad_g_stu.sub_roles << @graduated_SRK
@good_ug_stu_1.sub_roles << @under_graduated_SRK
@good_ug_stu_2.sub_roles << @under_graduated_SRK
@bad_ug_stu.sub_roles << @under_graduated_SRK
@good_stu.save! @teacher.role = @teacher_MRK
@bad_stu.save! @staff.role = @staff_MRK
@good_g_stu.save!
@bad_g_stu.save!
@good_ug_stu_1.save!
@good_ug_stu_2.save!
@bad_ug_stu.save!
@teacher.save! @teacher.save!
@staff.save! @staff.save!
end end
describe "Testing basic structure" do describe "Starting a ClassBulletin Auth for teacher , staff and ta" do
before do before do
@app_auth = AppAuth.new() @bulletin_app_auth = AppAuth.new()
#all stud has access right #all teacher and staff has access right
@app_auth.user_roles << @stud_MRK @bulletin_app_auth.roles = [@teacher_MRK,@staff_MRK]
#all person with TA sub_role has access right
@bulletin_app_auth.sub_roles << @ta_SRK
#a_bad_stud add to block to app_auth #a_bad_ug_stud add to block to bulletin_app_auth
@app_auth.blocked_users << @bad_stu #@bulletin_app_auth.blocked_users << @bad_ug_stu
#all teacher has access right #all teacher has access right
@app_auth.user_roles << @teacher_MRK # @bulletin_app_auth.roles << @teacher_MRK
@app_auth.privilege_users << @staff # @bulletin_app_auth.privilege_users << @staff
@app_auth.save! @bulletin_app_auth.save!
end end
context "Should just initialize all obj that is needed" do context "Should just initialize all obj that is needed" do
it "Testing @app_auth init result" do it "Testing @bulletin_app_auth init result" do
@app_auth.user_roles.should have(2).item @bulletin_app_auth.roles.should have(2).item #teacher staff
@bulletin_app_auth.sub_roles.should have(1).item #ta
end end
it "@app_auth should have UserRoles: Stud , Teacher " do it "@bulletin_app_auth should have Roles: Staff , Teacher " do
key_ary = @app_auth.user_roles.collect do |role| key_ary = @bulletin_app_auth.roles.collect do |role|
role.key role.key
end end
key_ary.should == ["Stud","Teacher"] key_ary.sort.should == ["Staff","Teacher"].sort
end end
it "@app_auth should have one Privialage user which is belongs to Staff" do it "bulletin_app_auth should have 3 auth users" do
p_user_ary = @app_auth.privilege_users.collect do |p_user| user_ary = [@teacher,@staff,@good_g_stu]
p_user.user_role.key @bulletin_app_auth.auth_users.sort.should == user_ary.sort
end check_user_has_app user_ary
p_user_ary.should include("Staff")
end end
it "@app_auth should have one student listed at blocklist" do it "Adding a undergraduate stud into app_auth by privilege list" do
@bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"}) user_ary = [@teacher,@staff,@good_g_stu,@good_ug_stu_1]
@app_auth.blocked_users.should have(1).item @bulletin_app_auth.add_user_to_privilege_list @good_ug_stu_1
@app_auth.blocked_users.should include(@bad_stu) @bulletin_app_auth.auth_users.sort.should == user_ary.sort
check_user_has_app user_ary
end end
it "Adding all graudated-stud into app_auth" do
user_ary = [@teacher,@staff,@good_g_stu,@bad_g_stu]
@bulletin_app_auth.add_sub_role @graduated_SRK
@bulletin_app_auth.auth_users.sort.should == user_ary.sort
check_user_has_app user_ary
end
it "Blocking bad-graduate student" do
user_ary =[@teacher,@staff,@good_g_stu]
@bulletin_app_auth.add_sub_role @graduated_SRK
@bulletin_app_auth.add_user_to_black_list @bad_g_stu
@bulletin_app_auth.auth_users_after_block_list.sort.should == user_ary.sort
check_user_has_app user_ary
end
it "Removing all graudated-stud from app_auth" do
user_ary =[@teacher,@staff,@good_g_stu]
@bulletin_app_auth.add_sub_role @graduated_SRK
@bulletin_app_auth.remove_sub_role @graduated_SRK
@bulletin_app_auth.auth_users.sort.should == user_ary.sort
check_user_has_app user_ary
end
# it "@bulletin_app_auth should have one Privialage user which is belongs to Staff" do
# p_user_ary = @bulletin_app_auth.privilege_users.collect do |p_user|
# p_user.roles.key
# end
# p_user_ary.should include("Staff")
# end
# it "@bulletin_app_auth should have one student listed at blocklist" do
# @bad_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
# @bulletin_app_auth.blocked_users.should have(1).item
# @bulletin_app_auth.blocked_users.should include(@bad_stu)
# end
it "[Development #1]-1.Authorizing roles: roles + blocklist" do # it "[Development #1]-1.Authorizing roles: roles + blocklist" do
@good_stu = User.first(conditions:{email:"a_good_stud@rulingcom.com"}) # @good_stu = User.first(conditions:{email:"a_good_g_stud@rulingcom.com"})
@teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"}) # @teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
@staff = User.first(conditions:{email:"a_staff@rulingcom.com"}) # @staff = User.first(conditions:{email:"a_staff@rulingcom.com"})
ary = [@good_stu,@teacher,@staff] # ary = [@good_stu,@teacher,@staff]
@app_auth.auth_users_after_block_list.should == ary # @bulletin_app_auth.auth_users_after_block_list.should == ary
end # end
#
it "[Development #1]-2.Authorizing single users: list of users [new_user1~2]" do # it "[Development #1]-2.Authorizing single users: list of users [new_user1~2]" do
user_emails = ["new_user1","new_user2","new_user3","new_user4"] # user_emails = ["new_user1","new_user2","new_user3","new_user4"]
user_emails.each do |user_email| # user_emails.each do |user_email|
email=user_email+"@rulingcom.com" # email=user_email+"@rulingcom.com"
new_user = User.new :email=> email # new_user = User.new :email=> email
new_user.save # new_user.save
# end
# user1= User.first(conditions:{email:"new_user1@rulingcom.com"})
# user2= User.first(conditions:{email:"new_user2@rulingcom.com"})
# user3= User.first(conditions:{email:"new_user3@rulingcom.com"})
# user4= User.first(conditions:{email:"new_user4@rulingcom.com"})
#
# @bulletin_app_auth.privilege_users << user1
# @bulletin_app_auth.privilege_users << user2
#
# @bulletin_app_auth.auth_users_after_block_list.should include(user1,user2)
# @bulletin_app_auth.auth_users_after_block_list.should_not include(user3,user4)
#
# end
#
# it "[Development #1]-3.Authorizing roles and single users: roles + blocklist + list of users" do
# @bulletin_app_auth.auth_users.should have(7).item
# end
#
# it "[Development #1]-4.Authorizing all: blocklist" do
# @bad_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
# @new_bulletin_app_auth = (AppAuth.new :all => true)
# @new_bulletin_app_auth.blocked_users << @bad_stu
#
# @new_bulletin_app_auth.auth_users.should == User.all.entries
# @new_bulletin_app_auth.auth_users_after_block_list.should_not include(@bad_stu)
# @new_bulletin_app_auth.save!
# end
def check_user_has_app(user_ary)
user_ary.each do |user|
user.avb_apps.should include(@bulletin_app_auth)
end end
user1= User.first(conditions:{email:"new_user1@rulingcom.com"})
user2= User.first(conditions:{email:"new_user2@rulingcom.com"})
user3= User.first(conditions:{email:"new_user3@rulingcom.com"})
user4= User.first(conditions:{email:"new_user4@rulingcom.com"})
@app_auth.privilege_users << user1
@app_auth.privilege_users << user2
@app_auth.auth_users_after_block_list.should include(user1,user2)
@app_auth.auth_users_after_block_list.should_not include(user3,user4)
end end
end
it "[Development #1]-3.Authorizing roles and single users: roles + blocklist + list of users" do
@app_auth.auth_users.should have(4).item
end
it "[Development #1]-4.Authorizing all: blocklist" do
@bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
@new_app_auth = (AppAuth.new :all => true)
@new_app_auth.blocked_users << @bad_stu
@new_app_auth.auth_users.should == User.all.entries
@new_app_auth.auth_users_after_block_list.should_not include(@bad_stu)
@new_app_auth.save!
end
end

View File

@ -6,5 +6,6 @@
"intro": "A simple blog……", "intro": "A simple blog……",
"update_info": "Some info", "update_info": "Some info",
"create_date": "11-11-2011", "create_date": "11-11-2011",
"app_pages": ["/panel/blog/front_end/"] "app_pages": ["/panel/blog/front_end/"],
"widgets": ["/panel/blog/widget/latest_post","/panel/blog/widget/"]
} }