class AppAuth include Mongoid::Document include Mongoid::Timestamps # after_save :update_block_list,:update_privilage_list field :title field :token field :all ,type: Boolean,default: false belongs_to :module_app belongs_to :users # belongs_to :users,as: :block_users, :inverse_of => :privilege_apps has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User" has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User" has_and_belongs_to_many :roles has_and_belongs_to_many :sub_roles attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users def add_role role add_operation(:roles,role) end def add_sub_role role add_operation(:sub_roles,role) end def remove_role role remove_operation(:roles,role) end def remove_sub_role role remove_operation(:sub_roles,role) end def add_user_to_black_list user add_operation(:blocked_users,user) end def remove_user_from_black_list user remove_operation(:blocked_users,user) end def add_user_to_privilege_list user add_operation(:privilege_users,user) end def remove_user_from_privilege_list user remove_operation(:privilege_users,user) end def remove_operation(item,obj) if (self.send item).include? obj (self.send item).delete obj self.save! else false #should put error message for user not existed in list end end def add_operation(item,obj) unless (self.send item).include?(obj) (self.send item) << obj self.save! else false #should put error message for user existed in list already end end def auth_users if self.all? User.all.entries else ary=[] [:roles,:sub_roles].each do |t_role| ary += (self.send t_role).collect do |role| role.users end end ary << self.privilege_users ary.flatten!.uniq end end def auth_users_after_block_list auth_users - self.blocked_users end # protected end