first commit for object auth,will take new_blog for experiment

2012-02-07 16:16:48 +08:00 · 2012-02-07 16:16:48 +08:00 · 3a8dbd6af4
parent fff918cd78
commit 3a8dbd6af4
11 changed files with 271 additions and 122 deletions
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@ -0,0 +1,71 @@
 class Admin::ObjectAuthsController < ApplicationController
  layout "admin"
  before_filter :authenticate_user!
 #  before_filter :is_admin? ,:only => :index
  def index
    # @roles = Role.all.entries
    # apps = Purchase.where(:type =>"App")
    # @app_auth_data = apps.entries.map do |app|
    #   app_c = eval(app.app_controller)
    #   obj = app_c.new
    #   obj_auth = obj.send  "auth"
    #   [:app_obj => app,:auth_field => obj_auth]
    # end
    # if current_user.admin?
      @object_auths = ObjectAuth.all
    # else
    #       @module_apps = current_user.managing_apps.collect{|t| t.managing_app}
    #     end
  end
  def create
    # app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id])
    #    params[:new].each do |item|
    #      field = item[0]
    #      field_value = item[1]
    #      if field_value!=''
    #        case field
    #        when 'role'
    #          app_auth.send("add_#{field}",(Role.find field_value)) rescue nil
    #        when 'sub_role'
    #          app_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
    #        when 'privilege_user'
    #          app_auth.add_user_to_privilege_list (User.find field_value) rescue nil
    #        when 'blocked_user'  
    #          app_auth.add_user_to_black_list (User.find field_value) rescue nil
    #        end
    #      end
    #    end
    #    app = ModuleApp.find params[:module_app_id] rescue nil
    #    redirect_to edit_admin_module_app_path(app)
  end
  def remove
    # app_auth = AppAuth.find( params[:id] )
    #      type = params[:type]
    #      field_value = params[:target_id]
    #      if field_value!=''
    #        case type
    #        when 'role'
    #          app_auth.remove_role(Role.find field_value) rescue nil
    #        when 'sub_role'
    #          app_auth.remove_sub_role(SubRole.find field_value) rescue nil
    #        when 'privilege_user'
    #          app_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
    #        when 'blocked_user'  
    #          app_auth.remove_user_from_black_list (User.find field_value) rescue nil
    #        end
    #      end
    #    
    #    app = ModuleApp.find params[:module_app_id] rescue nil
    #    redirect_to edit_admin_module_app_path(app)
  end
  def edit
    @object_auth = ObjectAuth.find(params[:id])
  end
 end
--- a/app/models/app_auth.rb
+++ b/app/models/app_auth.rb
@ -1,94 +1,5 @@
-class AppAuth
+class AppAuth < PrototypeAuth
  include Mongoid::Document
  include Mongoid::Timestamps
 # after_save :update_block_list,:update_privilage_list
  field :title
  field :token
  field :all ,type: Boolean,default: false
  belongs_to :module_app
  belongs_to :users
  # belongs_to :users,as: :block_users, :inverse_of => :privilege_apps
  has_and_belongs_to_many :blocked_users,  :inverse_of => nil, :class_name => "User"
  has_and_belongs_to_many :privilege_users,  :inverse_of => nil, :class_name => "User"
  has_and_belongs_to_many :roles
  has_and_belongs_to_many :sub_roles
  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
  def add_role role
    add_operation(:roles,role)
  end
  def add_sub_role role
    add_operation(:sub_roles,role)
  end
  def remove_role role
    remove_operation(:roles,role)
  end
  def remove_sub_role role
    remove_operation(:sub_roles,role)
  end
  def add_user_to_black_list user
    add_operation(:blocked_users,user)
  end
  def remove_user_from_black_list user
    remove_operation(:blocked_users,user)
  end
  def add_user_to_privilege_list user
    add_operation(:privilege_users,user)
  end
  def remove_user_from_privilege_list user
    remove_operation(:privilege_users,user)
  end
  def remove_operation(item,obj)
    if (self.send item).include? obj
       (self.send item).delete obj
      self.save!
    else
      false #should put error message for user not existed in list
    end    
  end
  def add_operation(item,obj)
    unless (self.send item).include?(obj)
      (self.send item) << obj
      self.save!
    else
      false #should put error message for user existed in list already
    end
  end
  def auth_users
    if self.all?
      User.all.entries
    else
      ary=[]
      [:roles,:sub_roles].each do |t_role|
        ary += (self.send t_role).collect do |role|
          role.users
        end        
      end
      ary << self.privilege_users
      ary.flatten!.uniq  
    end
  end
  def auth_users_after_block_list
    auth_users - self.blocked_users
  end
 # protected
 end
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@ -0,0 +1,11 @@
 class ObjectAuth  < PrototypeAuth
  belongs_to :obj_authable, polymorphic: true
  # > - Something.find_with_auth(query)
  # > - or Something.find(query).auth
  def auth_obj
    class_obj = eval(self.obj_authable_type)
    class_obj.find self.obj_authable_id
  end
 end
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@ -0,0 +1,93 @@
 class PrototypeAuth
  include Mongoid::Document
  include Mongoid::Timestamps
 # after_save :update_block_list,:update_privilage_list
  field :title
  field :token
  field :all ,type: Boolean,default: false
  belongs_to :users
  # belongs_to :users,as: :block_users, :inverse_of => :privilege_apps
  has_and_belongs_to_many :blocked_users,  :inverse_of => nil, :class_name => "User"
  has_and_belongs_to_many :privilege_users,  :inverse_of => nil, :class_name => "User"
  has_and_belongs_to_many :roles
  has_and_belongs_to_many :sub_roles
  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
  def add_role role
    add_operation(:roles,role)
  end
  def add_sub_role role
    add_operation(:sub_roles,role)
  end
  def remove_role role
    remove_operation(:roles,role)
  end
  def remove_sub_role role
    remove_operation(:sub_roles,role)
  end
  def add_user_to_black_list user
    add_operation(:blocked_users,user)
  end
  def remove_user_from_black_list user
    remove_operation(:blocked_users,user)
  end
  def add_user_to_privilege_list user
    add_operation(:privilege_users,user)
  end
  def remove_user_from_privilege_list user
    remove_operation(:privilege_users,user)
  end
  def remove_operation(item,obj)
    if (self.send item).include? obj
       (self.send item).delete obj
      self.save!
    else
      false #should put error message for user not existed in list
    end    
  end
  def add_operation(item,obj)
    unless (self.send item).include?(obj)
      (self.send item) << obj
      self.save!
    else
      false #should put error message for user existed in list already
    end
  end
  def auth_users
    if self.all?
      User.all.entries
    else
      ary=[]
      [:roles,:sub_roles].each do |t_role|
        ary += (self.send t_role).collect do |role|
          role.users
        end        
      end
      ary << self.privilege_users
      ary.flatten!.uniq  
    end
  end
  def auth_users_after_block_list
    auth_users - self.blocked_users
  end
 # protected
 end
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@ -0,0 +1,34 @@
 <div id="user_role_management">
 	<%#= debugger %>
 	<h1>User Role</h1>
 	<%= debugger %>
 	<%= form_tag(polymorphic_path([controller_path.split('/')[0],object,auth.class.name.underscore]),:method => :post) do %>
 		<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add Role' %><br/>
 		<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add SubRole' %><br/>
 		<%= collection_select(:new,:privilege_user, User.all, :id, :name, :prompt => true) %>	
 		<%= submit_tag 'Add PrivilegeList' %><br/>
 		<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
 		<%= submit_tag 'Add BlockedList' %><br/>
 	<% end %>
 	<ul>Roles </ul>
 	<% unless auth.nil? %>
 		<% auth.roles.each do |role| %>
 			<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
 				<%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'role',:target_id=>role.id),:method => :delete %></li>
 		<% end %>
 	<ul>Sub Roles </ul>
 		<% auth.sub_roles.each do |role| %>
 			<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'sub_role',:target_id=>role.id),:method => :delete %>
 			<% end %>
 	<ul>PrivilegeList </ul>
 			<% auth.privilege_users.each do |user| %>
 				<li> <%= user.name %> <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'privilege_user',:target_id=>user.id),:method => :delete %> </li>
 			<% end %>
 	<ul>BlockedList </ul>
 			<% auth.blocked_users.each do |user| %>
 				<li> <%= user.name %><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'blocked_user',:target_id=>user.id),:method => :delete %> </li>
 			<% end %>
 <% end %>
 </div>
--- a/app/views/admin/module_apps/edit.html.erb
+++ b/app/views/admin/module_apps/edit.html.erb
@ -36,34 +36,5 @@
 		</dd>
 	</dl>
 </div>
-<div id="user_role_management">
+<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth } %>
-	<h1>User Role</h1>
+
 	<%= form_tag(admin_module_app_app_auths_path(@module_app),:method => :post) do %>
 		<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add Role' %><br/>
 		<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add SubRole' %><br/>
 		<%= collection_select(:new,:privilege_user, User.all, :id, :name, :prompt => true) %>	
 		<%= submit_tag 'Add PrivilegeList' %><br/>
 		<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
 		<%= submit_tag 'Add BlockedList' %><br/>
 	<% end %>
 	<ul>Roles </ul>
 	<% unless @module_app.app_auth.nil? %>
 		<% @module_app.app_auth.roles.each do |role| %>
 			<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'role',role),:method => :delete %></li>
 		<% end %>
 	<ul>Sub Roles </ul>
 		<% @module_app.app_auth.sub_roles.each do |role| %>
 			<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'sub_role',role),:method => :delete %>
 			<% end %>
 	<ul>PrivilegeList </ul>
 			<% @module_app.app_auth.privilege_users.each do |user| %>
 				<li> <%= user.name %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'privilege_user',user),:method => :delete %> </li>
 			<% end %>
 	<ul>BlockedList </ul>
 			<% @module_app.app_auth.blocked_users.each do |user| %>
 				<li> <%= user.name %><%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'blocked_user',user),:method => :delete %> </li>
 			<% end %>
 <% end %>
 </div>
--- a/app/views/admin/object_auths/_auth_unit.html.erb
+++ b/app/views/admin/object_auths/_auth_unit.html.erb
@ -0,0 +1,3 @@
 <div class="auth_unit">
 	<%= unit%>
 <div>
--- a/app/views/admin/object_auths/edit.html.erb
+++ b/app/views/admin/object_auths/edit.html.erb
@ -0,0 +1,13 @@
 <% content_for :secondary do %>
 <% end %>
 <!-- Remove if CSS done-->
 <br />
 <br />
 <br />
 <!-- Remove if CSS done-->
 <h3><%= @object_auth.title %></h3>
 <%= render :partial => "admin/components/user_role_management", :locals => { :object => @object_auth.auth_obj ,:auth=> @object_auth } %>
--- a/app/views/admin/object_auths/index.html.erb
+++ b/app/views/admin/object_auths/index.html.erb
@ -0,0 +1,39 @@
 <% content_for :secondary do %>
 	<% #render 'side_bar' %>
 <% end %>
 <div class="main_list">
 	<%= flash_messages %>
 	<div class="button_bar up">
 		<%  #link_to t('admin.new_user'), new_admin_user_path, :class => 'new' %>
 	</div>
 	<table>
 		<thead>
 			<tr>
 				 <td><%= t('admin.object_auth.title') %></td>
 		      <td><%= t('admin.object_auth.obj_type') %></td>
 			</tr>
 		</thead>
 		<tbody>
 			<% @object_auths.each do |object_auth| %>
 			<tr>
 				<td class="name"><%= object_auth.title %></td>
 				<td class="name"><%= object_auth.obj_authable_type.to_s %></td>
 				<td class="action">
 					<%= link_to t(:show), admin_object_auth_path(object_auth), :class => 'show' %>
 					<%= link_to t(:edit), edit_admin_object_auth_path(object_auth), :class => 'edit' %>
 					<%= link_to t(:delete), admin_object_auth_path(object_auth), :class => 'delete', :confirm => t('sure?'), :method => :delete %>
 				</td>
 			</tr>
 			<tr>
 				<td colspan="5"></td>
 			</tr>
 			<% end %>
 		</tbody>
 	</table>
 	<div class="button_bar">
 		<%# link_to t('admin.new_user'), new_admin_user_path, :class => 'new' %>
 	</div>	
 </div>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -13,6 +13,8 @@ PrototypeR4::Application.routes.draw do
  namespace :admin do
    resources :assets
    resources :app_auths 
    resources :object_auths 
    resources :ad_banners
    resources :designs do
      collection do
--- a/vendor/built_in_modules/new_blog/app/models/post.rb
+++ b/vendor/built_in_modules/new_blog/app/models/post.rb
@ -5,4 +5,5 @@ class Post
  field :body, :type => String
  embeds_many :comments
  validates_presence_of :title, :body
  has_one :object_auth,as: :obj_authable,dependent: :delete
 end