Make the filter for authorisation easier for developers
This commit is contained in:
chris
parent
4078d426a6
commit
ec40591489
|
|
@ -144,36 +144,126 @@ module OrbitCoreLib
|
||||||
def self.included(base)
|
def self.included(base)
|
||||||
base.class_eval do
|
base.class_eval do
|
||||||
before_filter :can_use
|
before_filter :can_use
|
||||||
|
send :include, InstanceMethods
|
||||||
end
|
end
|
||||||
|
base.extend(ClassMethods)
|
||||||
end
|
end
|
||||||
|
|
||||||
def setup_vars
|
module ClassMethods
|
||||||
@app_title ||= controller_path.split('/')[1].singularize
|
protected
|
||||||
@module_app ||= ModuleApp.first(conditions: {:key => @app_title} )
|
|
||||||
# raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil?
|
def open_for_admin(arg = nil)
|
||||||
|
if arg
|
||||||
|
key = arg.shift
|
||||||
|
prepend_before_filter key[0] => key[1] {|f| f.open_for :admin}
|
||||||
|
else
|
||||||
|
prepend_before_filter {|f| f.open_for :admin}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def open_for_manager(arg = nil)
|
||||||
|
if arg
|
||||||
|
key = arg.shift
|
||||||
|
prepend_before_filter key[0] => key[1] {|f| f.open_for :manager}
|
||||||
|
else
|
||||||
|
prepend_before_filter {|f| f.open_for :manager}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def open_for_sub_manager(arg = nil)
|
||||||
|
if arg
|
||||||
|
key = arg.shift
|
||||||
|
prepend_before_filter key[0] => key[1] {|f| f.open_for :sub_manager}
|
||||||
|
else
|
||||||
|
prepend_before_filter {|f| f.open_for :sub_manager}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def open_for_approver(arg = nil)
|
||||||
|
if arg
|
||||||
|
key = arg.shift
|
||||||
|
prepend_before_filter key[0] => key[1] {|f| f.open_for :approver}
|
||||||
|
else
|
||||||
|
prepend_before_filter {|f| f.open_for :approver}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def open_for_visitor(arg = nil)
|
||||||
|
if arg
|
||||||
|
key = arg.shift
|
||||||
|
prepend_before_filter key[0] => key[1] {|f| f.open_for :visitor}
|
||||||
|
else
|
||||||
|
prepend_before_filter {|f| f.open_for :visitor}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
module InstanceMethods
|
||||||
|
protected
|
||||||
def can_use
|
def can_use
|
||||||
unless @override_can_use
|
if @user_type
|
||||||
check_backend_openness if @public
|
@user_type.each do |user_type|
|
||||||
setup_vars
|
open = false
|
||||||
set_current_user
|
visitor = false
|
||||||
unless @public
|
case user_type
|
||||||
|
when :admin
|
||||||
|
open ||= check_admin
|
||||||
|
when :manager
|
||||||
|
open ||= check_manager
|
||||||
|
when :sub_manager
|
||||||
|
open ||= check_sub_manager
|
||||||
|
when :approver
|
||||||
|
open ||= check_sub_manager
|
||||||
|
when :visitor
|
||||||
|
open ||= true
|
||||||
|
visitor ||= true
|
||||||
|
end
|
||||||
|
check_backend_openness if visitor
|
||||||
|
setup_vars
|
||||||
|
set_current_user
|
||||||
|
authenticate_user! unless visitor
|
||||||
|
redirect_to root_url unless open
|
||||||
|
end
|
||||||
|
else
|
||||||
|
setup_vars
|
||||||
|
set_current_user
|
||||||
authenticate_user!
|
authenticate_user!
|
||||||
check_user_can_use
|
check_user_can_use
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
|
||||||
|
|
||||||
def set_public
|
def check_admin
|
||||||
@public = true
|
current_or_guest_user.admin?
|
||||||
end
|
end
|
||||||
|
|
||||||
def check_user_can_use
|
def check_manager
|
||||||
unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user)
|
check_admin || @module_app.is_manager?(current_or_guest_user)
|
||||||
redirect_to root_url
|
end
|
||||||
|
|
||||||
|
def check_sub_manager
|
||||||
|
check_admin || check_manager || @module_app.is_sub_manager?(current_or_guest_user)
|
||||||
|
end
|
||||||
|
|
||||||
|
def check_approver
|
||||||
|
check_admin || check_manager || @module_app.can_approve?(current_or_guest_user)
|
||||||
|
end
|
||||||
|
|
||||||
|
def open_for(var)
|
||||||
|
@user_type ||= []
|
||||||
|
@user_type << var
|
||||||
|
end
|
||||||
|
|
||||||
|
def check_user_can_use
|
||||||
|
unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user)
|
||||||
|
redirect_to root_url
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def setup_vars
|
||||||
|
@app_title ||= controller_path.split('/')[1].singularize
|
||||||
|
@module_app ||= ModuleApp.first(conditions: {:key => @app_title} )
|
||||||
|
# raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil?
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
|
||||||
|
|
||||||
before_filter :clean_values, :only => [:create, :update]
|
before_filter :clean_values, :only => [:create, :update]
|
||||||
|
|
||||||
prepend_before_filter :set_public, :only => [:index, :show, :get_sorted_and_filtered_bulletins]
|
open_for_visitor :only => [:index, :show, :get_sorted_and_filtered_bulletins]
|
||||||
|
|
||||||
before_filter :only => [ :new, :create, :edit, :update ] do |controller|
|
before_filter :only => [ :new, :create, :edit, :update ] do |controller|
|
||||||
@categories = get_categories_for_form
|
@categories = get_categories_for_form
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue