fixing for app_auth

2012-01-05 16:20:51 +08:00 · 2012-01-05 16:20:51 +08:00 · 7b40706aed
parent d3ca1647be
commit 7b40706aed
9 changed files with 225 additions and 112 deletions
--- a/app/controllers/admin/app_auths_controller.rb
+++ b/app/controllers/admin/app_auths_controller.rb
@ -4,7 +4,7 @@ class Admin::AppAuthsController < ApplicationController
  before_filter :is_admin?
  
  def index
-    @user_roles = UserRole.all.entries
+    @roles = Role.all.entries
    apps = Purchase.where(:type =>"App")
    @app_auth_data = apps.entries.map do |app|
      app_c = eval(app.app_controller)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -5,6 +5,13 @@ class ApplicationController < ActionController::Base
  
  helper :all
  before_filter :set_locale, :set_site
+
+  def front_end_available(module_app_title='')
+    app_controller = ModuleApp.first(conditions: {:title => module_app_title} )
+    unless app_controller.enable_frontend? 
+      render :text => 'View not available'
+    end
+  end
  
  def get_all_app_engines
    ary = ["vender/plugins/NewBlog"]
--- a/app/models/app_auth.rb
+++ b/app/models/app_auth.rb
@ -15,55 +15,72 @@ class AppAuth


  has_and_belongs_to_many :roles
+  has_and_belongs_to_many :sub_roles
+  
+  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
+
+  def add_role role
+    add_operation(:roles,role)
+  end
+  
+  def add_sub_role role
+    add_operation(:sub_roles,role)
+  end
+  
+  def remove_role role
+    remove_operation(:roles,role)
+  end
+  
+  def remove_sub_role role
+    remove_operation(:sub_roles,role)
+  end
  
  def add_user_to_black_list user
-    unless self.blocked_users.include?(user)
-      self.blocked_users << user
-      self.save!
-    else
-      false #should put error message for user existed in list already
-    end
+    add_operation(:blocked_users,user)
  end
  
-  
  def remove_user_from_black_list user
-    if self.blocked_users.include? user
-      self.blocked_users.delete user
+    remove_operation(:blocked_users,user)
+  end
+  
+  def add_user_to_privilege_list user
+    add_operation(:privilege_users,user)
+  end
+  
+  def remove_user_from_privilege_list user
+    remove_operation(:privilege_users,user)
+  end
+  
+  def remove_operation(item,obj)
+    if (self.send item).include? obj
+       (self.send item).delete obj
      self.save!
    else
      false #should put error message for user not existed in list
-    end
+    end    
  end
  
-  
-  def add_user_to_privilege_list user
-    unless self.privilege_users.include? user
-      self.privilege_users << user
+  def add_operation(item,obj)
+    unless (self.send item).include?(obj)
+      (self.send item) << obj
      self.save!
    else
      false #should put error message for user existed in list already
    end
  end
  
-  
-  def remove_user_from_privilege_list user
-    if self.privilege_users.include? user
-      self.privilege_users.delete user
-      self.save!
-    else
-      false #should put error message for user not existed in list
-    end
-  end
-  
  def auth_users
    if self.all?
      User.all.entries
    else
-      ary= self.roles.collect do |role|
-        role.users
+      ary=[]
+      [:roles,:sub_roles].each do |t_role|
+        ary += (self.send t_role).collect do |role|
+          role.users
+        end        
      end
      ary << self.privilege_users
-      ary.flatten!  
+      ary.flatten!.uniq  
    end
  end
  
--- a/app/models/module_app.rb
+++ b/app/models/module_app.rb
@ -9,9 +9,13 @@ class ModuleApp
  field :intro
  field :update_info
  field :create_date
+  field :enable_frontend,type: Boolean
  
  field :app_pages ,type: Array
+  field :widgets ,type: Array
  
  has_one :app_auth,dependent: :delete
  
+  
+  
 end
--- a/app/models/user/user.rb
+++ b/app/models/user/user.rb
@ -19,7 +19,10 @@ class User
  accepts_nested_attributes_for :attribute_values, :allow_destroy => true
  
  def avb_apps
-    query = AppAuth.any_of({all: true},{privilege_user_ids: self.id},{roles: self.role.id}).excludes(blocked_user_ids: self.id)
+    sub_role_ids_ary=self.sub_roles.collect{|t| t.id}
+    query1 = AppAuth.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: self.id)
+    query2 = AppAuth.any_of({all: true},{privilege_user_ids: self.id},{role_ids: self.role.id}).excludes(blocked_user_ids: self.id)
+    (query1 + query2).uniq
  end
  
  def name
--- a/app/views/admin/designs/_form.html.erb
+++ b/app/views/admin/designs/_form.html.erb
@ -38,7 +38,7 @@
 			<%= f.hidden_field :to_save, :value => true %>
 		<% end %>
 	<% else %>
-	  <%= File.basename (@design.default_css.file.url) %>
+	  <%= File.basename (@design.default_css.file.url) rescue "" %>
 	<% end %> 
 </p>
 <p>
--- a/app/views/admin/designs/_new.html.erb
+++ b/app/views/admin/designs/_new.html.erb
@ -1,6 +1,6 @@
 <h1><%= t('admin.new_design') %></h1>

-<%= form_for :design, :url => admin_designs_path do |f| %>
+<%= form_for @design, :url => admin_design_path(@design),:html => {:multipart => true} do |f| %>
  <%= f.error_messages %>
  <%= render :partial => "form", :locals => { :f => f } %>
  
--- a/spec/models/app_auth_basic.rb
+++ b/spec/models/app_auth_basic.rb
@ -6,129 +6,210 @@ describe AppAuth do
  
  before  do
    User.all.destroy
-    UserRole.all.destroy
+    Role.all.destroy
+    SubRole.all.destroy
    AppAuth.all.destroy
    ModuleApp.all.destroy
    
    #Create some fixtures of Main Role
    main_role_key = ["Stud","Teacher","Staff"]
    @new_main_role_list = main_role_key.each do |role|
-      new_role = UserRole.new :key => role
-      
+      new_role = Role.new :key => role
      new_role.save
    end
+    #Create Some SubRoles
+    sub_role_key = ["graduated_school","undergraduated_school","TA","Senior"]
+    @new_main_role_list = sub_role_key.each do |role|
+      new_role = SubRole.new :key => role
+      new_role.save
+    end
+    
    #Create some users of User
-    user_emails = ["a_good_stud","a_bad_stud","a_teacher","a_staff"]
+    user_emails = ["a_good_ug_stud_1","a_good_ug_stud_2","a_bad_ug_stud","a_good_g_stud","a_bad_g_stud","a_teacher","a_staff"]
    user_emails.each do |user_email|
      email=user_email+"@rulingcom.com"
      new_user = User.new :email=> email
      new_user.save
    end
-     
-    @stud_MRK = UserRole.first(conditions:{key:"Stud"})
-    @teacher_MRK = UserRole.first(conditions:{key:"Teacher"})
-    @staff_MRK = UserRole.first(conditions:{key:"Staff"})
-
-    @good_stu = User.first(conditions:{email:"a_good_stud@rulingcom.com"})
-    @bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
+    #MRK = Member Role Key    SRK=Sub Role Key
+    @stud_MRK = Role.first(conditions:{key:"Stud"})
+    @teacher_MRK = Role.first(conditions:{key:"Teacher"})
+    @staff_MRK = Role.first(conditions:{key:"Staff"})
+    
+    @graduated_SRK = SubRole.first(conditions:{key:"graduated_school"})
+    @under_graduated_SRK = SubRole.first(conditions:{key:"undergraduated_school"})
+    @ta_SRK = SubRole.first(conditions:{key:"TA"})
+    @senior_SRK = SubRole.first(conditions:{key:"Senior"})
+    
+    @stud_MRK.sub_roles += [@graduated,@under_graduated,@ta]
+    @stud_MRK.save!
+    
+    @teacher_MRK.sub_roles = [@senior]
+    @teacher_MRK.save!
+    
+    @good_ug_stu_1 = User.first(conditions:{email:"a_good_ug_stud_1@rulingcom.com"})    
+    @good_ug_stu_2 = User.first(conditions:{email:"a_good_ug_stud_2@rulingcom.com"})
+    @bad_ug_stu = User.first(conditions:{email:"a_bad_ug_stud@rulingcom.com"})
+    
+    @good_g_stu = User.first(conditions:{email:"a_good_g_stud@rulingcom.com"})
+    @bad_g_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
    @teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
    @staff =  User.first(conditions:{email:"a_staff@rulingcom.com"})
    
    #setting Roles for users
-    @good_stu.user_role = @stud_MRK
-    @bad_stu.user_role = @stud_MRK
-    @teacher.user_role = @teacher_MRK
-    @staff.user_role = @staff_MRK
+    @good_g_stu.role = @stud_MRK
+    @bad_g_stu.role = @stud_MRK
+    @good_ug_stu_1.role = @stud_MRK
+    @good_ug_stu_2.role = @stud_MRK
+    @bad_ug_stu.role = @stud_MRK
+    
+    @good_g_stu.sub_roles = [@graduated_SRK,@ta_SRK]
+    @bad_g_stu.sub_roles << @graduated_SRK
+    @good_ug_stu_1.sub_roles << @under_graduated_SRK
+    @good_ug_stu_2.sub_roles << @under_graduated_SRK
+    @bad_ug_stu.sub_roles << @under_graduated_SRK

-    @good_stu.save!
-    @bad_stu.save!
+    @teacher.role = @teacher_MRK
+    @staff.role = @staff_MRK
+
+    @good_g_stu.save!
+    @bad_g_stu.save!
+    @good_ug_stu_1.save!
+    @good_ug_stu_2.save!
+    @bad_ug_stu.save!
+    
    @teacher.save!
    @staff.save!

  end
-  describe "Testing basic structure" do
+  describe "Starting a ClassBulletin Auth for teacher , staff and ta" do
    before do
-      @app_auth = AppAuth.new()
-      #all stud has access right
-      @app_auth.user_roles << @stud_MRK
+      @bulletin_app_auth = AppAuth.new()
+      #all teacher and staff has access right
+      @bulletin_app_auth.roles = [@teacher_MRK,@staff_MRK]
+      #all person with TA sub_role has access right
+      @bulletin_app_auth.sub_roles << @ta_SRK

-      #a_bad_stud add to block to app_auth 
-      @app_auth.blocked_users << @bad_stu
+      #a_bad_ug_stud add to block to bulletin_app_auth 
+      #@bulletin_app_auth.blocked_users << @bad_ug_stu

      #all teacher has access right
-      @app_auth.user_roles << @teacher_MRK
+      # @bulletin_app_auth.roles << @teacher_MRK

-      @app_auth.privilege_users << @staff
-      @app_auth.save!
+      # @bulletin_app_auth.privilege_users << @staff
+      @bulletin_app_auth.save!
    end
    context "Should just initialize all obj that is needed" do

-      it "Testing @app_auth init result" do
-        @app_auth.user_roles.should have(2).item
+      it "Testing @bulletin_app_auth init result" do
+        @bulletin_app_auth.roles.should have(2).item     #teacher staff
+        @bulletin_app_auth.sub_roles.should have(1).item  #ta
      end

-      it "@app_auth should have UserRoles: Stud , Teacher " do
-        key_ary = @app_auth.user_roles.collect do |role|
+      it "@bulletin_app_auth should have Roles: Staff , Teacher " do
+        key_ary = @bulletin_app_auth.roles.collect do |role|
          role.key
        end
-        key_ary.should == ["Stud","Teacher"]
+        key_ary.sort.should == ["Staff","Teacher"].sort
      end
      
-      it "@app_auth should have one Privialage user which is belongs to Staff" do
-        p_user_ary = @app_auth.privilege_users.collect do |p_user|
-          p_user.user_role.key
-        end
-        p_user_ary.should include("Staff")
+      it "bulletin_app_auth should have 3 auth users" do
+        user_ary = [@teacher,@staff,@good_g_stu]
+       @bulletin_app_auth.auth_users.sort.should == user_ary.sort  
+       check_user_has_app user_ary
      end
      
-      it "@app_auth should have one student listed at blocklist" do
-        @bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
-        @app_auth.blocked_users.should have(1).item
-        @app_auth.blocked_users.should include(@bad_stu)
+      it "Adding a undergraduate stud into app_auth by privilege list" do
+        user_ary = [@teacher,@staff,@good_g_stu,@good_ug_stu_1]
+       @bulletin_app_auth.add_user_to_privilege_list  @good_ug_stu_1
+       @bulletin_app_auth.auth_users.sort.should == user_ary.sort  
+       check_user_has_app user_ary       
      end
+      
+      it "Adding all graudated-stud into app_auth" do
+       user_ary = [@teacher,@staff,@good_g_stu,@bad_g_stu]
+       @bulletin_app_auth.add_sub_role  @graduated_SRK
+       @bulletin_app_auth.auth_users.sort.should == user_ary.sort  
+       check_user_has_app user_ary
+      end
+      
+      it "Blocking bad-graduate student" do
+        user_ary =[@teacher,@staff,@good_g_stu]
+       @bulletin_app_auth.add_sub_role  @graduated_SRK
+       @bulletin_app_auth.add_user_to_black_list @bad_g_stu
+       @bulletin_app_auth.auth_users_after_block_list.sort.should == user_ary.sort  
+       check_user_has_app user_ary
+      end
+      
+      it "Removing all graudated-stud from app_auth" do
+        user_ary =[@teacher,@staff,@good_g_stu]
+        @bulletin_app_auth.add_sub_role  @graduated_SRK
+        @bulletin_app_auth.remove_sub_role  @graduated_SRK
+       @bulletin_app_auth.auth_users.sort.should == user_ary.sort  
+       check_user_has_app user_ary
+      end
+      
+
+      # it "@bulletin_app_auth should have one Privialage user which is belongs to Staff" do
+      #   p_user_ary = @bulletin_app_auth.privilege_users.collect do |p_user|
+      #     p_user.roles.key
+      #   end
+      #   p_user_ary.should include("Staff")
+      # end
+      
+      # it "@bulletin_app_auth should have one student listed at blocklist" do
+      #   @bad_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
+      #   @bulletin_app_auth.blocked_users.should have(1).item
+      #   @bulletin_app_auth.blocked_users.should include(@bad_stu)
+      # end
          
-      it "[Development #1]-1.Authorizing roles: roles + blocklist" do
-        @good_stu = User.first(conditions:{email:"a_good_stud@rulingcom.com"})
-        @teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
-        @staff =  User.first(conditions:{email:"a_staff@rulingcom.com"})
-        ary = [@good_stu,@teacher,@staff]
-        @app_auth.auth_users_after_block_list.should == ary
-      end
-      
-      it "[Development #1]-2.Authorizing single users: list of users [new_user1~2]" do
-        user_emails = ["new_user1","new_user2","new_user3","new_user4"]
-        user_emails.each do |user_email|
-          email=user_email+"@rulingcom.com"
-          new_user = User.new :email=> email
-          new_user.save
+    #   it "[Development #1]-1.Authorizing roles: roles + blocklist" do
+    #     @good_stu = User.first(conditions:{email:"a_good_g_stud@rulingcom.com"})
+    #     @teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
+    #     @staff =  User.first(conditions:{email:"a_staff@rulingcom.com"})
+    #     ary = [@good_stu,@teacher,@staff]
+    #     @bulletin_app_auth.auth_users_after_block_list.should == ary
+    #   end
+    #   
+    #   it "[Development #1]-2.Authorizing single users: list of users [new_user1~2]" do
+    #     user_emails = ["new_user1","new_user2","new_user3","new_user4"]
+    #     user_emails.each do |user_email|
+    #       email=user_email+"@rulingcom.com"
+    #       new_user = User.new :email=> email
+    #       new_user.save
+    #     end
+    #     user1= User.first(conditions:{email:"new_user1@rulingcom.com"})
+    #     user2= User.first(conditions:{email:"new_user2@rulingcom.com"})
+    #     user3= User.first(conditions:{email:"new_user3@rulingcom.com"})
+    #     user4= User.first(conditions:{email:"new_user4@rulingcom.com"})
+    #     
+    #     @bulletin_app_auth.privilege_users << user1
+    #     @bulletin_app_auth.privilege_users << user2
+    #     
+    #     @bulletin_app_auth.auth_users_after_block_list.should include(user1,user2)
+    #     @bulletin_app_auth.auth_users_after_block_list.should_not include(user3,user4)
+    #     
+    #   end
+    #   
+    #   it "[Development #1]-3.Authorizing roles and single users: roles + blocklist + list of users" do
+    #     @bulletin_app_auth.auth_users.should have(7).item 
+    #   end
+    #   
+    #   it "[Development #1]-4.Authorizing all: blocklist" do
+    #     @bad_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
+    #     @new_bulletin_app_auth = (AppAuth.new :all => true)
+    #     @new_bulletin_app_auth.blocked_users << @bad_stu 
+    #     
+    #     @new_bulletin_app_auth.auth_users.should == User.all.entries
+    #     @new_bulletin_app_auth.auth_users_after_block_list.should_not include(@bad_stu)
+    #     @new_bulletin_app_auth.save!
+    #   end
+      def check_user_has_app(user_ary)
+        user_ary.each do |user|
+         user.avb_apps.should include(@bulletin_app_auth) 
        end
-        user1= User.first(conditions:{email:"new_user1@rulingcom.com"})
-        user2= User.first(conditions:{email:"new_user2@rulingcom.com"})
-        user3= User.first(conditions:{email:"new_user3@rulingcom.com"})
-        user4= User.first(conditions:{email:"new_user4@rulingcom.com"})
-        
-        @app_auth.privilege_users << user1
-        @app_auth.privilege_users << user2
-        
-        @app_auth.auth_users_after_block_list.should include(user1,user2)
-        @app_auth.auth_users_after_block_list.should_not include(user3,user4)
-        
      end
-      
-      it "[Development #1]-3.Authorizing roles and single users: roles + blocklist + list of users" do
-        @app_auth.auth_users.should have(4).item 
-      end
-      
-      it "[Development #1]-4.Authorizing all: blocklist" do
-        @bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
-        @new_app_auth = (AppAuth.new :all => true)
-        @new_app_auth.blocked_users << @bad_stu 
-        
-        @new_app_auth.auth_users.should == User.all.entries
-        @new_app_auth.auth_users_after_block_list.should_not include(@bad_stu)
-        @new_app_auth.save!
-      end
-    end
+     end
    
    
    
--- a/vendor/built_in_modules/NewBlog/NewBlog.json
+++ b/vendor/built_in_modules/NewBlog/NewBlog.json
@ -6,5 +6,6 @@
  "intro": "A simple blog……",
  "update_info": "Some info",
  "create_date": "11-11-2011",
-	"app_pages":  ["/panel/blog/front_end/"]
+	"app_pages":  ["/panel/blog/front_end/"],
+	"widgets": ["/panel/blog/widget/latest_post","/panel/blog/widget/"]
 }