2012-02-07 08:16:48 +00:00
|
|
|
class Admin::ObjectAuthsController < ApplicationController
|
2012-02-15 10:20:44 +00:00
|
|
|
include OrbitCoreLib::PermissionUnility
|
2012-02-07 08:16:48 +00:00
|
|
|
layout "admin"
|
|
|
|
before_filter :authenticate_user!
|
2012-02-15 10:20:44 +00:00
|
|
|
before_filter :check_if_user_can_do_object_auth
|
2012-02-07 08:16:48 +00:00
|
|
|
# before_filter :is_admin? ,:only => :index
|
|
|
|
|
2012-02-15 10:20:44 +00:00
|
|
|
|
|
|
|
|
2012-02-07 08:16:48 +00:00
|
|
|
def index
|
|
|
|
# if current_user.admin?
|
|
|
|
@object_auths = ObjectAuth.all
|
|
|
|
# else
|
|
|
|
# @module_apps = current_user.managing_apps.collect{|t| t.managing_app}
|
|
|
|
# end
|
|
|
|
end
|
2012-02-09 11:04:06 +00:00
|
|
|
|
|
|
|
def new
|
|
|
|
obj = eval(params[:type]).find params[:obj_id]
|
|
|
|
@object_auth=obj.object_auths.build
|
2012-02-13 09:33:48 +00:00
|
|
|
@object_auth_title_option = eval(params[:type]+"::ObjectAuthTitlesOptions")
|
2012-02-09 11:04:06 +00:00
|
|
|
respond_to do |format|
|
|
|
|
format.html # new.html.erb
|
|
|
|
format.xml { render :xml => @post }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def create
|
|
|
|
obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id]
|
|
|
|
@object_auth=obj.object_auths.create :title=> params[:object_auth][:title]
|
|
|
|
redirect_to edit_admin_object_auth_path(@object_auth)
|
|
|
|
end
|
2012-02-07 08:16:48 +00:00
|
|
|
|
2012-02-09 09:48:51 +00:00
|
|
|
def create_role
|
|
|
|
object_auth = ObjectAuth.find(params[:id])
|
2012-02-16 06:59:26 +00:00
|
|
|
auth_all = params[:auth_all] || false
|
|
|
|
object_auth.update_attribute(:all,auth_all)
|
|
|
|
new_array = params[:new] || []
|
|
|
|
new_array.each do |item|
|
2012-02-09 11:04:06 +00:00
|
|
|
field = item[0]
|
|
|
|
field_value = item[1]
|
|
|
|
if field_value!=''
|
|
|
|
case field
|
|
|
|
when 'role'
|
|
|
|
object_auth.send("add_#{field}",(Role.find field_value)) rescue nil
|
|
|
|
when 'sub_role'
|
|
|
|
object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
|
|
|
|
when 'privilege_user'
|
|
|
|
object_auth.add_user_to_privilege_list (User.find field_value) rescue nil
|
|
|
|
when 'blocked_user'
|
|
|
|
object_auth.add_user_to_black_list (User.find field_value) rescue nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
redirect_to edit_admin_object_auth_path(object_auth)
|
2012-02-09 09:48:51 +00:00
|
|
|
end
|
2012-02-07 08:16:48 +00:00
|
|
|
|
2012-02-09 09:48:51 +00:00
|
|
|
def remove_role
|
|
|
|
object_auth = ObjectAuth.find(params[:id])
|
|
|
|
type = params[:type]
|
|
|
|
field_value = params[:target_id]
|
|
|
|
if field_value!=''
|
|
|
|
case type
|
|
|
|
when 'role'
|
|
|
|
object_auth.remove_role(Role.find field_value) rescue nil
|
|
|
|
when 'sub_role'
|
|
|
|
object_auth.remove_sub_role(SubRole.find field_value) rescue nil
|
|
|
|
when 'privilege_user'
|
|
|
|
object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
|
|
|
|
when 'blocked_user'
|
|
|
|
object_auth.remove_user_from_black_list (User.find field_value) rescue nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
redirect_to edit_admin_object_auth_path(object_auth)
|
2012-02-07 08:16:48 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def edit
|
|
|
|
@object_auth = ObjectAuth.find(params[:id])
|
|
|
|
end
|
|
|
|
|
2012-02-15 10:20:44 +00:00
|
|
|
private
|
|
|
|
def check_if_user_can_do_object_auth
|
|
|
|
unless check_permission(:manager)
|
|
|
|
render :nothing => true, :status => 403
|
|
|
|
end
|
|
|
|
end
|
2012-02-07 08:16:48 +00:00
|
|
|
end
|