diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb index 8932bb76..ae3fd701 100644 --- a/app/models/object_auth.rb +++ b/app/models/object_auth.rb @@ -1,6 +1,6 @@ class ObjectAuth < PrototypeAuth include OrbitCoreLib::ObjectTokenUnility - validates_uniqueness_of :obj_authable_type,:scope => :title #{ |c| } + validates_uniqueness_of :title ,:scope => [:obj_authable_type,:obj_authable_id] #{ |c| } belongs_to :obj_authable, polymorphic: true # > - Something.find_with_auth(query) # > - or Something.find(query).auth diff --git a/app/views/layouts/_side_bar.html.erb b/app/views/layouts/_side_bar.html.erb index 71e8106d..baeef6c4 100644 --- a/app/views/layouts/_side_bar.html.erb +++ b/app/views/layouts/_side_bar.html.erb @@ -9,8 +9,9 @@ <%= content_tag :li, link_to(t('admin.add_new'), new_panel_announcement_back_end_bulletin_path), :class => active_for_action('bulletins', 'new') %> <%= content_tag :li, link_to(t('admin.categories'), panel_announcement_back_end_bulletin_categorys_path), :class => active_for_action('bulletin_categorys', 'index') %> <%= content_tag :li, link_to(t('admin.tags'), panel_announcement_back_end_tags_path), :class => active_for_action('tags', 'index') %> - <%= content_tag :li, link_to(t('announcement.bulletin.fact_check_setting'), panel_announcement_back_end_fact_checks_setting_path), :class => active_for_action('tags', 'index') %> + <%= content_tag :li, link_to(t('announcement.bulletin.fact_check_setting'), panel_announcement_back_end_fact_checks_setting_path), :class => active_for_action('tags', 'index') if is_manager? %> <% end -%> + <% end -%> <%= content_tag :li, :class => active_for_controllers('users') do -%> diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb index 561fceba..bcde17e0 100644 --- a/lib/orbit_core_lib.rb +++ b/lib/orbit_core_lib.rb @@ -21,11 +21,19 @@ module OrbitCoreLib def authed_users(title=nil) users = [] - unless title.nil? - users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue [] + users = case title + when :all + ary = self.object_auths.collect{|t| t.auth_users} + ary.flatten! + when nil + if self.object_auths.count ==1 + self.object_auths.first.auth_users_after_block_list rescue [] + else + logger.info "Warning calling a auth commend without specificed value( has multi-auths ), return empty" + [] + end else - users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue [] - users.flatten!.uniq! + self.object_auths.where(title: title).first.auth_users rescue [] end users end diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb index f55ad6e3..97378c5a 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb @@ -1,4 +1,4 @@ -class Panel::Announcement::BackEnd::BulletinCategorysController < ApplicationController +class Panel::Announcement::BackEnd::BulletinCategorysController < OrbitBackendController layout 'new_admin' diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb index 31f446a0..31b3b4a2 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb @@ -159,12 +159,12 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController end def file_quick_add - # debugger + # debugger @bulletin_file = BulletinFile.new - @file_url = panel_announcement_back_end_bulletins_path + @file_url = panel_announcement_back_end_bulletins_path - @bulletin_file.bulletin_id = params[:bulletin_id] + @bulletin_file.bulletin_id = params[:bulletin_id] respond_to do |format| format.js @@ -173,75 +173,73 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController end def file_quick_edit - # debugger + # debugger @bulletin_file = BulletinFile.find(params[:bulletin_id]) - @file_url = panel_announcement_back_end_bulletin_path(@bulletin_file) + @file_url = panel_announcement_back_end_bulletin_path(@bulletin_file) respond_to do |format| format.js end - end # PUT /bulletins/1 # PUT /bulletins/1.xml def update - if params[:bulletin_link] - - @bulletin_link = BulletinLink.find(params[:id]) - - @link_url = panel_announcement_back_end_bulletin_path(@bulletin_link) + if params[:bulletin_link] + + @bulletin_link = BulletinLink.find(params[:id]) + + @link_url = panel_announcement_back_end_bulletin_path(@bulletin_link) - respond_to do |format| - if @bulletin_link.update_attributes(params[:bulletin_link]) - # format.html { redirect_to(panel_announcement_back_end_bulletins_url) } - format.js { render 'update_bulletin_link' } - end - end - - elsif params[:bulletin_file] - - @bulletin_file = BulletinFile.find(params[:id]) - - @file_url = panel_announcement_back_end_bulletin_path(@bulletin_file) + respond_to do |format| + if @bulletin_link.update_attributes(params[:bulletin_link]) + # format.html { redirect_to(panel_announcement_back_end_bulletins_url) } + format.js { render 'update_bulletin_link' } + end + end + + elsif params[:bulletin_file] + + @bulletin_file = BulletinFile.find(params[:id]) + + @file_url = panel_announcement_back_end_bulletin_path(@bulletin_file) - respond_to do |format| - if @bulletin_file.update_attributes(params[:bulletin_file]) - # format.html { redirect_to(panel_announcement_back_end_bulletins_url) } - format.js { render 'update_bulletin_file' } - end - end - - else - - @bulletin = Bulletin.find(params[:id]) - - @bulletin.update_user_id = current_user.id - - # @bulletin.image.clear if params[:bulletin][:image_del] == '1' - # if params[:bulletin][:image_del] == '1' - # @bulletin.remove_image! - # @bulletin.image_del = nil - # params[:bulletin][:image_del] = nil - # end + respond_to do |format| + if @bulletin_file.update_attributes(params[:bulletin_file]) + # format.html { redirect_to(panel_announcement_back_end_bulletins_url) } + format.js { render 'update_bulletin_file' } + end + end + + else + + @bulletin = Bulletin.find(params[:id]) + + @bulletin.update_user_id = current_user.id + + # @bulletin.image.clear if params[:bulletin][:image_del] == '1' + # if params[:bulletin][:image_del] == '1' + # @bulletin.remove_image! + # @bulletin.image_del = nil + # params[:bulletin][:image_del] = nil + # end - respond_to do |format| - if @bulletin.update_attributes(params[:bulletin]) && @bulletin.save - # format.html { redirect_to(panel_announcement_back_end_bulletin_url(@bulletin), :notice => t('bulletin.update_bulletin_success')) } - format.html { redirect_to(panel_announcement_back_end_bulletins_url, :notice => t('bulletin.update_bulletin_success')) } - format.js { render 'toggle_enable' } - format.xml { head :ok } - else - format.html { render :action => "edit" } - format.xml { render :xml => @bulletin.errors, :status => :unprocessable_entity } - end - end + respond_to do |format| + if @bulletin.update_attributes(params[:bulletin]) && @bulletin.save + # format.html { redirect_to(panel_announcement_back_end_bulletin_url(@bulletin), :notice => t('bulletin.update_bulletin_success')) } + format.html { redirect_to(panel_announcement_back_end_bulletins_url, :notice => t('bulletin.update_bulletin_success')) } + format.js { render 'toggle_enable' } + format.xml { head :ok } + else + format.html { render :action => "edit" } + format.xml { render :xml => @bulletin.errors, :status => :unprocessable_entity } + end + end end - end # DELETE /bulletins/1 diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb index c47e91fb..9095a4d3 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb @@ -18,7 +18,7 @@ class Panel::Announcement::BackEnd::FactChecksController < OrbitBackendControll else first_category = @bulletin_categorys.first end - preload_object_auth = first_category.object_auths.where(title: 'fact_check') || (first_category.object_auths.create :title=> 'fact_check') + preload_object_auth = first_category.object_auths.where(title: 'fact_check').empty?? (first_category.object_auths.create! :title=> 'fact_check') : first_category.object_auths.where(title: 'fact_check') @users_array = preload_object_auth.first.privilege_users rescue [] respond_to do |format| format.html diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb index ff3cbdc9..fe0b2aa5 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb @@ -12,9 +12,9 @@ class Panel::Announcement::FrontEnd::BulletinsController < OrbitWidgetController date_now = Time.now if params[:category_id] - @bulletins = Bulletin.where(:bulletin_category_id => params[:category_id]).any_of( {deadline: nil,:postdate.lte => date_now} , {:deadline.gte => date_now,:postdate.lte => date_now} ).desc( :is_top, :postdate).page( params[:page]).per(10) + @bulletins = Bulletin.can_display.where(:bulletin_category_id => params[:category_id]).any_of( {deadline: nil,:postdate.lte => date_now} , {:deadline.gte => date_now,:postdate.lte => date_now} ).desc( :is_top, :postdate).page( params[:page]).per(10) else - @bulletins = Bulletin.any_of( {deadline: nil,:postdate.lte => date_now} , {:deadline.gte => date_now,:postdate.lte => date_now} ).desc( :is_top, :postdate).page( params[:page]).per(10) + @bulletins = Bulletin.can_display.any_of( {deadline: nil,:postdate.lte => date_now} , {:deadline.gte => date_now,:postdate.lte => date_now} ).desc( :is_top, :postdate).page( params[:page]).per(10) end get_categorys @@ -23,7 +23,7 @@ class Panel::Announcement::FrontEnd::BulletinsController < OrbitWidgetController end def show - @bulletin = Bulletin.find(params[:id]) + @bulletin = Bulletin.can_display.where.where(_id: params[:id]) get_categorys end diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/widget/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/widget/bulletins_controller.rb index 60aad3d9..783ee9ef 100644 --- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/widget/bulletins_controller.rb +++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/widget/bulletins_controller.rb @@ -14,9 +14,9 @@ class Panel::Announcement::Widget::BulletinsController < OrbitWidgetController # @bulletin_categorys = BulletinCategory.first; # @bulletins = Bulletin.widget_datas(@bulletin_categorys.id).limit(9) if params[:category_id] - @bulletins = Bulletin.where(:bulletin_category_id => params[:category_id]).widget_datas.limit(9) + @bulletins = Bulletin.can_display.where(:bulletin_category_id => params[:category_id]).widget_datas.limit(9) else - @bulletins = Bulletin.widget_datas.limit(9) + @bulletins = Bulletin.can_display.widget_datas.limit(9) end get_categorys @@ -26,14 +26,14 @@ class Panel::Announcement::Widget::BulletinsController < OrbitWidgetController def bulletins_and_web_links @tags = AnnouncementTag.all @selected_tag = AnnouncementTag.find(params[:id]) rescue @tags[0] - @bulletins = @selected_tag.get_visible_bulletins.page(params[:page]).per(5) rescue nil + @bulletins = @selected_tag.get_visible_bulletins.can_display.page(params[:page]).per(5) rescue nil @web_links = WebResourceTag.first(:conditions => {:en => @selected_tag[:en]}).get_visible_links.page(params[:page]).per(5) rescue nil render :layout => 'module_widget' end def reload_bulletins @selected_tag = AnnouncementTag.find(params[:tag_id]) - @bulletins = @selected_tag.get_visible_bulletins.page(params[:page]).per(5) rescue nil + @bulletins = @selected_tag.get_visible_bulletins.can_display.page(params[:page]).per(5) rescue nil end def reload_web_links diff --git a/vendor/built_in_modules/announcement/app/models/bulletin.rb b/vendor/built_in_modules/announcement/app/models/bulletin.rb index d1b7f3c5..e24f7f21 100644 --- a/vendor/built_in_modules/announcement/app/models/bulletin.rb +++ b/vendor/built_in_modules/announcement/app/models/bulletin.rb @@ -19,12 +19,14 @@ class Bulletin field :is_top, :type => Boolean, :default => false field :is_hot, :type => Boolean, :default => false field :is_hidden, :type => Boolean, :default => false - field :is_checked, :type => Boolean, :default => false + field :is_checked, :type => Boolean, :default => nil field :not_checked_reason field :public, :type => Boolean, :default => true + scope :can_display,where(is_checked: true) + mount_uploader :image, ImageUploader belongs_to :bulletin_category @@ -47,28 +49,17 @@ class Bulletin def self.search( search = nil, category_id = nil ) - - if category_id.to_s.size > 0 and search.to_s.size > 0 - + if category_id.to_s.size > 0 and search.to_s.size > 0 key = /#{search}/ - - find(:all, :conditions => {title: key, bulletin_category_id: category_id}).desc( :is_top, :postdate ) - - elsif category_id.to_s.size > 0 and search.to_s.size < 1 - - find(:all, :conditions => {bulletin_category_id: category_id}).desc( :is_top, :postdate ) - - elsif search.to_s.size > 0 and category_id.to_s.size < 1 - + find(:all, :conditions => {title: key, bulletin_category_id: category_id}).desc( :is_top, :postdate ) + elsif category_id.to_s.size > 0 and search.to_s.size < 1 + find(:all, :conditions => {bulletin_category_id: category_id}).desc( :is_top, :postdate ) + elsif search.to_s.size > 0 and category_id.to_s.size < 1 key = /#{search}/ - - find(:all, :conditions => {title: key}).desc( :is_top, :postdate ) - else - - find(:all).desc( :is_top, :postdate) - - end - + find(:all, :conditions => {title: key}).desc( :is_top, :postdate ) + else + find(:all).desc( :is_top, :postdate) + end end @@ -87,7 +78,11 @@ class Bulletin end end - + + def is_expired? + Date.today > self.deadline ? true : false rescue false + #some dates might sat as nil so rescue false + end def is_top? self.is_top @@ -101,6 +96,15 @@ class Bulletin self.is_hidden end + def is_checked? + self.is_checked + end + + def is_check_rejected? + self.is_checked == false + end + + def save_bulletin_links self.bulletin_links.each do |t| if t.should_destroy diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletin.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletin.html.erb index 5338fb41..a67464c1 100644 --- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletin.html.erb +++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletin.html.erb @@ -10,8 +10,10 @@ <% if bulletin.is_hidden? %> <%= t(:hidden) %> <% end %> +