class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController include OrbitCoreLib::PermissionUtility before_filter :force_order def set_module_app @module_app = ModuleApp.where(:title=>'Announcement').first end def setting @sys_users = User.all(conditions: {admin: false}).includes(:avatar).not_guest_user @ob_auth = ObjectAuth.find params[:object_auth_id] @options_from_collection_for_select_ob_auth = @ob_auth.siblings.collect{|oa| [oa.auth_obj.pp_object,oa.id] } @users_array = @ob_auth.privilege_users rescue [] respond_to do |format| format.html format.js end end def update_setting ob_auth = update_setting_by_params if ob_auth.save! flash[:notice] = t('update.success_') else flash[:notice] = t('update.fail') end end def user_list @ob_auth = ObjectAuth.find params[:ob_auth][:id] end protected def update_setting_by_params user_sat = [] oa = ObjectAuth.find params[:ob_auth][:id] user_sat += User.find params[:users].keys if params.has_key? :users users_to_new = user_sat - oa.auth_users users_to_remove = oa.auth_users - user_sat users_to_new.each do |new_user| oa.privilege_users << new_user oa.add_user_to_privilege_list(new_user) end users_to_remove.each do |remove_user| oa.privilege_users.delete_if{|user| user == remove_user} oa.remove_user_from_privilege_list(remove_user) end oa end # def get_categorys(id = nil) # @bulletin_categorys = [] # if(is_manager? || is_admin?) # @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.all) # elsif is_sub_manager? # @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new') # end # end def force_order authenticate_user! set_module_app setup_vars check_if_user_can_do_object_auth end def check_if_user_can_do_object_auth unless check_permission(:manager) redirect_to '/' end end def check_permission(var) #app = ModuleApp.first({conditions:{key: params[:module_app_key]}}) # setup_vars @module_app.is_manager?(current_user) || current_user.admin? end def setup_vars http_referer = request.env['HTTP_REFERER'] || '' if http_referer.split('/')[4] == "object_auths" @app_key = params[:app_key] else @app_key = http_referer.split('/')[4] end #@app_key = request.fullpath.split('/')[1] if(@app_key == "back_end") if @app_key @app_key.gsub!(/[?].*/,'') @module_app = ModuleApp.first(conditions: {:key => @app_key} ) if @module_app.nil? raise ObjectAuthError, 'Auth procress failed, module_app not exist ' end else raise ObjectAuthError, 'Auth procress failed, pls redo your sop' end end end