First version for App and Object auth.Taking Announcement as experiment
This commit is contained in:
parent
3bcd7ea349
commit
cc550c5745
|
@ -1,8 +1,12 @@
|
||||||
class Admin::ObjectAuthsController < ApplicationController
|
class Admin::ObjectAuthsController < ApplicationController
|
||||||
|
include OrbitCoreLib::PermissionUnility
|
||||||
layout "admin"
|
layout "admin"
|
||||||
before_filter :authenticate_user!
|
before_filter :authenticate_user!
|
||||||
|
before_filter :check_if_user_can_do_object_auth
|
||||||
# before_filter :is_admin? ,:only => :index
|
# before_filter :is_admin? ,:only => :index
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
def index
|
def index
|
||||||
# if current_user.admin?
|
# if current_user.admin?
|
||||||
@object_auths = ObjectAuth.all
|
@object_auths = ObjectAuth.all
|
||||||
|
@ -71,6 +75,10 @@ class Admin::ObjectAuthsController < ApplicationController
|
||||||
@object_auth = ObjectAuth.find(params[:id])
|
@object_auth = ObjectAuth.find(params[:id])
|
||||||
end
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
def check_if_user_can_do_object_auth
|
||||||
|
unless check_permission(:manager)
|
||||||
|
render :nothing => true, :status => 403
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
|
@ -1,3 +0,0 @@
|
||||||
class ObitFrontendController< ObitFrontendComponentController
|
|
||||||
|
|
||||||
end
|
|
|
@ -1,3 +0,0 @@
|
||||||
class ObitWidgetController< ObitFrontendComponentController
|
|
||||||
|
|
||||||
end
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
class OrbitBackendController< ApplicationController
|
||||||
|
before_filter :authenticate_user!
|
||||||
|
before_filter :setup_vars
|
||||||
|
# before_filter {|c| c.front_end_available(@app_title)}
|
||||||
|
before_filter :check_user_can_use,:except => [:public]
|
||||||
|
include OrbitCoreLib::PermissionUnility
|
||||||
|
|
||||||
|
layout 'admin'
|
||||||
|
|
||||||
|
def setup_vars
|
||||||
|
@app_title = request.fullpath.split('/')[2]
|
||||||
|
@module_app = ModuleApp.first(conditions: {:key => @app_title} )
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def check_user_can_use
|
||||||
|
unless check_permission
|
||||||
|
redirect_to polymorphic_path(['panel',@app_title,'back_end','public'])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
|
@ -1,4 +1,4 @@
|
||||||
class ObitFrontendComponentController< ApplicationController
|
class OrbitFrontendComponentController< ApplicationController
|
||||||
before_filter :setup_vars
|
before_filter :setup_vars
|
||||||
before_filter {|c| c.front_end_available(@app_title)}
|
before_filter {|c| c.front_end_available(@app_title)}
|
||||||
layout 'module_widget'
|
layout 'module_widget'
|
|
@ -0,0 +1,3 @@
|
||||||
|
class OrbitFrontendController< OrbitFrontendComponentController
|
||||||
|
|
||||||
|
end
|
|
@ -0,0 +1,3 @@
|
||||||
|
class ObitWidgetController< OrbitFrontendComponentController
|
||||||
|
|
||||||
|
end
|
|
@ -3,4 +3,9 @@ module Admin::AppAuthHelper
|
||||||
link_to t(:enable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => true})"), :remote => true, :method => :put, :id => "disable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? 'none' : ''}", :class => 'switch'
|
link_to t(:enable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => true})"), :remote => true, :method => :put, :id => "disable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? 'none' : ''}", :class => 'switch'
|
||||||
link_to t(:disable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => false})"), :remote => true, :method => :put, :id => "enable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? '' : 'none'}", :class => 'switch'
|
link_to t(:disable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => false})"), :remote => true, :method => :put, :id => "enable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? '' : 'none'}", :class => 'switch'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def if_permitted_to(user,role)
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
|
@ -5,4 +5,17 @@ module AdminHelper
|
||||||
link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
|
link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Check if the current_user is manager in current module app
|
||||||
|
def is_manager?
|
||||||
|
@module_app.is_manager?(current_user) || is_admin?
|
||||||
|
end
|
||||||
|
|
||||||
|
# Check if the current_user is sub manager in current module app
|
||||||
|
def is_sub_manager?
|
||||||
|
@module_app.is_sub_manager?(current_user)|| is_admin?
|
||||||
|
end
|
||||||
|
|
||||||
|
def is_admin?
|
||||||
|
current_user.admin?
|
||||||
|
end
|
||||||
end
|
end
|
|
@ -2,4 +2,5 @@ class AppAuth < PrototypeAuth
|
||||||
|
|
||||||
belongs_to :module_app
|
belongs_to :module_app
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
|
@ -26,6 +26,14 @@ class ModuleApp
|
||||||
|
|
||||||
before_save :set_key
|
before_save :set_key
|
||||||
|
|
||||||
|
def is_manager?(user)
|
||||||
|
managing_users.include?(user)
|
||||||
|
end
|
||||||
|
|
||||||
|
def is_sub_manager?(user)
|
||||||
|
sub_managing_users.include?(user) || is_manager?(user)
|
||||||
|
end
|
||||||
|
|
||||||
def managing_users
|
def managing_users
|
||||||
self.managers.collect{ |t| t.user }
|
self.managers.collect{ |t| t.user }
|
||||||
end
|
end
|
||||||
|
|
|
@ -16,7 +16,7 @@ class PrototypeAuth
|
||||||
has_and_belongs_to_many :roles
|
has_and_belongs_to_many :roles
|
||||||
has_and_belongs_to_many :sub_roles
|
has_and_belongs_to_many :sub_roles
|
||||||
|
|
||||||
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
|
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
|
||||||
|
|
||||||
def add_role role
|
def add_role role
|
||||||
add_operation(:roles,role)
|
add_operation(:roles,role)
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
<%= f.select :module_app_id, @apps.collect { |t| [t.title.capitalize, t.id] }, {}, {:rel => admin_module_apps_path } %>
|
|
|
@ -11,4 +11,4 @@
|
||||||
<%= render :partial => "admin/components/user_role_management", :locals => {
|
<%= render :partial => "admin/components/user_role_management", :locals => {
|
||||||
:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
|
:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
|
||||||
|
|
||||||
|
<%= link_to 'Back to object',eval(@object_auth.obj_authable.class.to_s+"::AfterObjectAuthUrl") %>
|
|
@ -16,7 +16,7 @@ PrototypeR4::Application.routes.draw do
|
||||||
resources :app_auths
|
resources :app_auths
|
||||||
resources :object_auths do
|
resources :object_auths do
|
||||||
collection do
|
collection do
|
||||||
match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
|
match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init
|
||||||
end
|
end
|
||||||
member do
|
member do
|
||||||
match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
|
match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
|
||||||
|
|
|
@ -31,4 +31,26 @@ module OrbitCoreLib
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
module PermissionUnility
|
||||||
|
private
|
||||||
|
def check_permission(type = :use)
|
||||||
|
permission_grant = current_user.admin?? true : false
|
||||||
|
module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
|
||||||
|
unless permission_grant
|
||||||
|
permission_grant = case type
|
||||||
|
when :use
|
||||||
|
users_ary = module_app.app_auth.auth_users rescue nil
|
||||||
|
users_ary = [] if users_ary.nil?
|
||||||
|
(users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user))
|
||||||
|
when :manager
|
||||||
|
module_app.is_manager?(current_user)
|
||||||
|
when :sub_manager
|
||||||
|
module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permission_grant
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
# encoding: utf-8
|
||||||
|
|
||||||
|
namespace :anc do
|
||||||
|
|
||||||
|
task :build => :environment do
|
||||||
|
bulletin_category_1 = BulletinCategory.create(:key => "C1ChrisCheckANDPreivew",:display => "List" )
|
||||||
|
bulletin_category_1.create_i18n_variable(:en => "ChrisCheckANDPreivew", :zh_tw => 'ChrisCheckANDPreivew')
|
||||||
|
bulletin_category_2 = BulletinCategory.create(:key => "C2MattCheckANDPreivew",:display => "List" )
|
||||||
|
bulletin_category_2.create_i18n_variable(:en => "MattCheckANDPreivew", :zh_tw => 'MattCheckANDPreivew')
|
||||||
|
bulletin_category_3 = BulletinCategory.create(:key => "C3MattCheckChrisPreview",:display => "List" )
|
||||||
|
bulletin_category_3.create_i18n_variable(:en => "MattCheckChrisPreview", :zh_tw => 'MattCheckChrisPreview')
|
||||||
|
|
||||||
|
|
||||||
|
bulletin_1 = Bulletin.create(:title => "C1P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category => bulletin_category_1 )
|
||||||
|
bulletin_2 = Bulletin.create(:title => "C1P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category => bulletin_category_1 )
|
||||||
|
bulletin_3 = Bulletin.create(:title => "C2P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category => bulletin_category_2 )
|
||||||
|
bulletin_4 = Bulletin.create(:title => "C2P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category => bulletin_category_2 )
|
||||||
|
bulletin_5 = Bulletin.create(:title => "C3P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category => bulletin_category_3 )
|
||||||
|
bulletin_6 = Bulletin.create(:title => "C3P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category => bulletin_category_3 )
|
||||||
|
|
||||||
|
end
|
||||||
|
end
|
|
@ -126,6 +126,12 @@ namespace :dev do
|
||||||
AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
|
AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
|
||||||
AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
|
AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
|
||||||
|
|
||||||
|
user = User.create( :email => 'manager@rulingcom.com', :password => 'password', :password_confirmation => 'password', :admin => false, :role_id => r_2.id, :sub_role_ids => [sr_2_1.id ] )
|
||||||
|
AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[0].id, :key => 'first_name', :en => 'Manager', :zh_tw => '管理員' )
|
||||||
|
AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[1].id, :key => 'last_name', :en => 'Chen', :zh_tw => '陳' )
|
||||||
|
AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
|
||||||
|
AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
|
||||||
|
|
||||||
|
|
||||||
ad_banner = AdBanner.new(:title => 'banner_1',:post_date => Date.today,:context=> "context",:ad_fx=>'zoom',:direct_to_after_click=>true)
|
ad_banner = AdBanner.new(:title => 'banner_1',:post_date => Date.today,:context=> "context",:ad_fx=>'zoom',:direct_to_after_click=>true)
|
||||||
ad_banner.ad_images.build(:time_to_next=>2,:picture_intro=>'Banner1',:out_link=>'http://www.rulingcom.com/main.php',:file => File.open("#{Rails.root}/lib/ad_banner/ad_banner1.jpg",:link_open=>'new_window'))
|
ad_banner.ad_images.build(:time_to_next=>2,:picture_intro=>'Banner1',:out_link=>'http://www.rulingcom.com/main.php',:file => File.open("#{Rails.root}/lib/ad_banner/ad_banner1.jpg",:link_open=>'new_window'))
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{
|
{
|
||||||
"title": "Announcement",
|
"title": "announcement",
|
||||||
"version": "0.1",
|
"version": "0.1",
|
||||||
"organization": "Rulingcom",
|
"organization": "Rulingcom",
|
||||||
"author": "RD dep",
|
"author": "RD dep",
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
class Panel::Announcement::BackEnd::FactChecksController < ApplicationController
|
class Panel::Announcement::BackEnd::FactChecksController < OrbitBackendController
|
||||||
|
before_filter :authenticate_user!
|
||||||
layout 'admin'
|
layout 'admin'
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
|
@bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
|
||||||
@bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'check')
|
@bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
|
||||||
end
|
end
|
||||||
|
|
||||||
def new
|
def new
|
||||||
|
|
|
@ -6,7 +6,7 @@ class BulletinCategory
|
||||||
include OrbitCoreLib::ObjectAuthable
|
include OrbitCoreLib::ObjectAuthable
|
||||||
|
|
||||||
ObjectAuthTitlesOptions = %W{preview fact_check}
|
ObjectAuthTitlesOptions = %W{preview fact_check}
|
||||||
|
AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys'
|
||||||
# include Mongoid::MultiParameterAttributes
|
# include Mongoid::MultiParameterAttributes
|
||||||
|
|
||||||
PAYMENT_TYPES = [ "List", "Picture" ]
|
PAYMENT_TYPES = [ "List", "Picture" ]
|
||||||
|
|
|
@ -5,13 +5,15 @@
|
||||||
<td><%= bulletin_category.i18n_variable[locale] rescue nil %></td>
|
<td><%= bulletin_category.i18n_variable[locale] rescue nil %></td>
|
||||||
<% end %>
|
<% end %>
|
||||||
<td><%= bulletin_category.display %></td>
|
<td><%= bulletin_category.display %></td>
|
||||||
|
<% if is_manager? %>
|
||||||
<td>
|
<td>
|
||||||
<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category) %> <br/ >
|
<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %> <br/ >
|
||||||
<% bulletin_category.object_auths.each do |obj_auth| %>
|
<% bulletin_category.object_auths.each do |obj_auth| %>
|
||||||
<%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth) %><br />
|
<%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth) %><br />
|
||||||
<% end %>
|
<% end %>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
|
<% end %>
|
||||||
<%= link_to t('bulletin_category.edit'), edit_panel_announcement_back_end_bulletin_category_path(bulletin_category), :remote => true %> |
|
<%= link_to t('bulletin_category.edit'), edit_panel_announcement_back_end_bulletin_category_path(bulletin_category), :remote => true %> |
|
||||||
<%= link_to t('bulletin_category.quick_edit'), panel_announcement_back_end_bulletin_category_quick_edit_path(bulletin_category), :remote => true %> |
|
<%= link_to t('bulletin_category.quick_edit'), panel_announcement_back_end_bulletin_category_quick_edit_path(bulletin_category), :remote => true %> |
|
||||||
<%= link_to t('bulletin_category.delete'), panel_announcement_back_end_bulletin_category_path(bulletin_category), :confirm => t('announcement.sure?'), :method => :delete, :remote => true %>
|
<%= link_to t('bulletin_category.delete'), panel_announcement_back_end_bulletin_category_path(bulletin_category), :confirm => t('announcement.sure?'), :method => :delete, :remote => true %>
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<%= render 'filter' %>
|
]<%= render 'filter' %>
|
||||||
<table id="bulettin_sort_list" class="table main-list">
|
<table id="bulettin_sort_list" class="table main-list">
|
||||||
<%= render 'bulletins' %>
|
<%= render 'bulletins' %>
|
||||||
</table>
|
</table>
|
||||||
|
|
|
@ -42,10 +42,14 @@
|
||||||
<br />
|
<br />
|
||||||
|
|
||||||
<h1><%= t('bulletin.list_announcement') %></h1>
|
<h1><%= t('bulletin.list_announcement') %></h1>
|
||||||
|
<div id="preview_block">
|
||||||
|
<h1>Preview</h1>
|
||||||
<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
|
<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
|
||||||
|
</div>
|
||||||
|
===================================================================================================================
|
||||||
|
<div id="check_block">
|
||||||
|
<h1>Check Please</h1>
|
||||||
<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
|
<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
|
||||||
|
</div>
|
||||||
<br />
|
<br />
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,7 @@ Rails.application.routes.draw do
|
||||||
namespace :panel do
|
namespace :panel do
|
||||||
namespace :announcement do
|
namespace :announcement do
|
||||||
namespace :back_end do
|
namespace :back_end do
|
||||||
|
match 'public' => "announcements#public",:as => :public
|
||||||
resources :fact_checks
|
resources :fact_checks
|
||||||
root :to => "bulletins#index"
|
root :to => "bulletins#index"
|
||||||
resources :bulletins
|
resources :bulletins
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
# desc "Explaining what the task does"
|
|
||||||
# task :announcement do
|
|
||||||
# # Task goes here
|
|
||||||
# end
|
|
|
@ -1,4 +1,4 @@
|
||||||
class Panel::NewBlog::FrontEnd::CommentsController < ObitFrontendController
|
class Panel::NewBlog::FrontEnd::CommentsController < OrbitFrontendController
|
||||||
def create
|
def create
|
||||||
@post = Post.find(params[:post_id])
|
@post = Post.find(params[:post_id])
|
||||||
@comment = @post.comments.create!(params[:comment])
|
@comment = @post.comments.create!(params[:comment])
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
class Panel::NewBlog::FrontEnd::PostsController < ObitFrontendController
|
class Panel::NewBlog::FrontEnd::PostsController < OrbitFrontendController
|
||||||
# GET /posts
|
# GET /posts
|
||||||
# GET /posts.xml
|
# GET /posts.xml
|
||||||
def index
|
def index
|
||||||
|
|
Reference in New Issue