From e20739e32b8aa92f590567aeef44070ab2bc5d8a Mon Sep 17 00:00:00 2001 From: Matthew Kaito Juyuan Fu Date: Thu, 9 Feb 2012 17:48:51 +0800 Subject: [PATCH] Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. --- .../admin/object_auths_controller.rb | 79 +++++++++---------- .../components/_user_role_management.html.erb | 12 ++- app/views/admin/module_apps/edit.html.erb | 2 +- app/views/admin/object_auths/edit.html.erb | 3 +- config/routes.rb | 7 +- lib/orbit_core_lib.rb | 42 ++++++++++ .../new_blog/app/models/post.rb | 3 +- 7 files changed, 96 insertions(+), 52 deletions(-) create mode 100644 lib/orbit_core_lib.rb diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb index 2b54cc5e..7c6f60f0 100644 --- a/app/controllers/admin/object_auths_controller.rb +++ b/app/controllers/admin/object_auths_controller.rb @@ -19,53 +19,50 @@ class Admin::ObjectAuthsController < ApplicationController # end end - def create - # app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id]) - # params[:new].each do |item| - # field = item[0] - # field_value = item[1] - # if field_value!='' - # case field - # when 'role' - # app_auth.send("add_#{field}",(Role.find field_value)) rescue nil - # when 'sub_role' - # app_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil - # when 'privilege_user' - # app_auth.add_user_to_privilege_list (User.find field_value) rescue nil - # when 'blocked_user' - # app_auth.add_user_to_black_list (User.find field_value) rescue nil - # end - # end - # end - # app = ModuleApp.find params[:module_app_id] rescue nil - # redirect_to edit_admin_module_app_path(app) - end + def create_role + object_auth = ObjectAuth.find(params[:id]) + params[:new].each do |item| + field = item[0] + field_value = item[1] + if field_value!='' + case field + when 'role' + object_auth.send("add_#{field}",(Role.find field_value)) rescue nil + when 'sub_role' + object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil + when 'privilege_user' + object_auth.add_user_to_privilege_list (User.find field_value) rescue nil + when 'blocked_user' + object_auth.add_user_to_black_list (User.find field_value) rescue nil + end + end + end + redirect_to edit_admin_object_auth_path(object_auth) + end - def remove - # app_auth = AppAuth.find( params[:id] ) - # type = params[:type] - # field_value = params[:target_id] - # if field_value!='' - # case type - # when 'role' - # app_auth.remove_role(Role.find field_value) rescue nil - # when 'sub_role' - # app_auth.remove_sub_role(SubRole.find field_value) rescue nil - # when 'privilege_user' - # app_auth.remove_user_from_privilege_list (User.find field_value) rescue nil - # when 'blocked_user' - # app_auth.remove_user_from_black_list (User.find field_value) rescue nil - # end - # end - # - # app = ModuleApp.find params[:module_app_id] rescue nil - # redirect_to edit_admin_module_app_path(app) + def remove_role + object_auth = ObjectAuth.find(params[:id]) + type = params[:type] + field_value = params[:target_id] + if field_value!='' + case type + when 'role' + object_auth.remove_role(Role.find field_value) rescue nil + when 'sub_role' + object_auth.remove_sub_role(SubRole.find field_value) rescue nil + when 'privilege_user' + object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil + when 'blocked_user' + object_auth.remove_user_from_black_list (User.find field_value) rescue nil + end + end + redirect_to edit_admin_object_auth_path(object_auth) end def edit @object_auth = ObjectAuth.find(params[:id]) end - + end \ No newline at end of file diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb index 7afca0a4..59307351 100644 --- a/app/views/admin/components/_user_role_management.html.erb +++ b/app/views/admin/components/_user_role_management.html.erb @@ -1,8 +1,6 @@
- <%#= debugger %>

User Role

- <%= debugger %> - <%= form_tag(polymorphic_path([controller_path.split('/')[0],object,auth.class.name.underscore]),:method => :post) do %> + <%= form_tag(submit_url) do %> <%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %> <%= submit_tag 'Add Role' %>
<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %> @@ -16,19 +14,19 @@ <% unless auth.nil? %> <% auth.roles.each do |role| %>
  • <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> - <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'role',:target_id=>role.id),:method => :delete %>
  • + <%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'role',:target_id=>role.id),:method => :delete %> <% end %> <% auth.sub_roles.each do |role| %> -
  • <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
  • <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'sub_role',:target_id=>role.id),:method => :delete %> +
  • <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
  • <%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'sub_role',:target_id=>role.id),:method => :delete %> <% end %> <% auth.privilege_users.each do |user| %> -
  • <%= user.name %> <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'privilege_user',:target_id=>user.id),:method => :delete %>
  • +
  • <%= user.name %> <%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'privilege_user',:target_id=>user.id),:method => :delete %>
  • <% end %> <% auth.blocked_users.each do |user| %> -
  • <%= user.name %><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'blocked_user',:target_id=>user.id),:method => :delete %>
  • +
  • <%= user.name %><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'blocked_user',:target_id=>user.id),:method => :delete %>
  • <% end %> <% end %>
    \ No newline at end of file diff --git a/app/views/admin/module_apps/edit.html.erb b/app/views/admin/module_apps/edit.html.erb index 5a2d56ec..23745806 100644 --- a/app/views/admin/module_apps/edit.html.erb +++ b/app/views/admin/module_apps/edit.html.erb @@ -36,5 +36,5 @@ -<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth } %> +<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth ,:submit_url=> admin_module_app_app_auths_path(@module_app),:ploy_route_ary=>['remove',:admin,@module_app,@module_app.app_auth] } %> diff --git a/app/views/admin/object_auths/edit.html.erb b/app/views/admin/object_auths/edit.html.erb index 62e9b465..67fb026e 100644 --- a/app/views/admin/object_auths/edit.html.erb +++ b/app/views/admin/object_auths/edit.html.erb @@ -8,6 +8,7 @@

    <%= @object_auth.title %>

    -<%= render :partial => "admin/components/user_role_management", :locals => { :object => @object_auth.auth_obj ,:auth=> @object_auth } %> +<%= render :partial => "admin/components/user_role_management", :locals => { + :object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %> diff --git a/config/routes.rb b/config/routes.rb index c9bb7f7a..cf37f82d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -12,7 +12,12 @@ PrototypeR4::Application.routes.draw do namespace :admin do resources :assets resources :app_auths - resources :object_auths + resources :object_auths do + member do + match ':id/create_role',:action => 'create_role',:iia => "post",:as => :create_role + match 'remove/:type/:target_id' ,:action=> 'remove_role',:via => "delete",:as =>:remove + end + end resources :ad_banners resources :designs do diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb new file mode 100644 index 00000000..8056f4f9 --- /dev/null +++ b/lib/orbit_core_lib.rb @@ -0,0 +1,42 @@ +module OrbitCoreLib + module ObjectAuthable + def self.included(base) + base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete") + + base.define_singleton_method :authed_for_user do |user,title = nil| + sub_role_ids_ary=user.sub_roles.collect{|t| t.id} + if title.nil? + auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s) + else + auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title) + end + + query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id) + query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id) + result = (query1 + query2).uniq + result.collect{|t| t.obj_authable} + end + + end + + def authed_users(title=nil) + users = [] + unless title.nil? + users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue [] + else + users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue [] + users.flatten!.uniq! + end + users + end + + def tell_me_class + self.class.name + end + + def search_object_db + ObjectAuth.where(obj_authable_type: self.class.name) + end + + end +end diff --git a/vendor/built_in_modules/new_blog/app/models/post.rb b/vendor/built_in_modules/new_blog/app/models/post.rb index 2926c305..ef882a6d 100644 --- a/vendor/built_in_modules/new_blog/app/models/post.rb +++ b/vendor/built_in_modules/new_blog/app/models/post.rb @@ -1,9 +1,10 @@ class Post include Mongoid::Document include Mongoid::Timestamps + include OrbitCoreLib::ObjectAuthable + field :title, :type => String field :body, :type => String embeds_many :comments validates_presence_of :title, :body - has_one :object_auth,as: :obj_authable,dependent: :delete end \ No newline at end of file