Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as
1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity.
This commit is contained in:
parent
3ed9b81df9
commit
e20739e32b
|
@ -19,47 +19,44 @@ class Admin::ObjectAuthsController < ApplicationController
|
|||
# end
|
||||
end
|
||||
|
||||
def create
|
||||
# app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id])
|
||||
# params[:new].each do |item|
|
||||
# field = item[0]
|
||||
# field_value = item[1]
|
||||
# if field_value!=''
|
||||
# case field
|
||||
# when 'role'
|
||||
# app_auth.send("add_#{field}",(Role.find field_value)) rescue nil
|
||||
# when 'sub_role'
|
||||
# app_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
|
||||
# when 'privilege_user'
|
||||
# app_auth.add_user_to_privilege_list (User.find field_value) rescue nil
|
||||
# when 'blocked_user'
|
||||
# app_auth.add_user_to_black_list (User.find field_value) rescue nil
|
||||
# end
|
||||
# end
|
||||
# end
|
||||
# app = ModuleApp.find params[:module_app_id] rescue nil
|
||||
# redirect_to edit_admin_module_app_path(app)
|
||||
def create_role
|
||||
object_auth = ObjectAuth.find(params[:id])
|
||||
params[:new].each do |item|
|
||||
field = item[0]
|
||||
field_value = item[1]
|
||||
if field_value!=''
|
||||
case field
|
||||
when 'role'
|
||||
object_auth.send("add_#{field}",(Role.find field_value)) rescue nil
|
||||
when 'sub_role'
|
||||
object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
|
||||
when 'privilege_user'
|
||||
object_auth.add_user_to_privilege_list (User.find field_value) rescue nil
|
||||
when 'blocked_user'
|
||||
object_auth.add_user_to_black_list (User.find field_value) rescue nil
|
||||
end
|
||||
end
|
||||
end
|
||||
redirect_to edit_admin_object_auth_path(object_auth)
|
||||
end
|
||||
|
||||
def remove
|
||||
# app_auth = AppAuth.find( params[:id] )
|
||||
# type = params[:type]
|
||||
# field_value = params[:target_id]
|
||||
# if field_value!=''
|
||||
# case type
|
||||
# when 'role'
|
||||
# app_auth.remove_role(Role.find field_value) rescue nil
|
||||
# when 'sub_role'
|
||||
# app_auth.remove_sub_role(SubRole.find field_value) rescue nil
|
||||
# when 'privilege_user'
|
||||
# app_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
|
||||
# when 'blocked_user'
|
||||
# app_auth.remove_user_from_black_list (User.find field_value) rescue nil
|
||||
# end
|
||||
# end
|
||||
#
|
||||
# app = ModuleApp.find params[:module_app_id] rescue nil
|
||||
# redirect_to edit_admin_module_app_path(app)
|
||||
def remove_role
|
||||
object_auth = ObjectAuth.find(params[:id])
|
||||
type = params[:type]
|
||||
field_value = params[:target_id]
|
||||
if field_value!=''
|
||||
case type
|
||||
when 'role'
|
||||
object_auth.remove_role(Role.find field_value) rescue nil
|
||||
when 'sub_role'
|
||||
object_auth.remove_sub_role(SubRole.find field_value) rescue nil
|
||||
when 'privilege_user'
|
||||
object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
|
||||
when 'blocked_user'
|
||||
object_auth.remove_user_from_black_list (User.find field_value) rescue nil
|
||||
end
|
||||
end
|
||||
redirect_to edit_admin_object_auth_path(object_auth)
|
||||
end
|
||||
|
||||
def edit
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
<div id="user_role_management">
|
||||
<%#= debugger %>
|
||||
<h1>User Role</h1>
|
||||
<%= debugger %>
|
||||
<%= form_tag(polymorphic_path([controller_path.split('/')[0],object,auth.class.name.underscore]),:method => :post) do %>
|
||||
<%= form_tag(submit_url) do %>
|
||||
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
||||
<%= submit_tag 'Add Role' %><br/>
|
||||
<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
|
||||
|
@ -16,19 +14,19 @@
|
|||
<% unless auth.nil? %>
|
||||
<% auth.roles.each do |role| %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
|
||||
<%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'role',:target_id=>role.id),:method => :delete %></li>
|
||||
<%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'role',:target_id=>role.id),:method => :delete %></li>
|
||||
<% end %>
|
||||
<ul>Sub Roles </ul>
|
||||
<% auth.sub_roles.each do |role| %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'sub_role',:target_id=>role.id),:method => :delete %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'sub_role',:target_id=>role.id),:method => :delete %>
|
||||
<% end %>
|
||||
<ul>PrivilegeList </ul>
|
||||
<% auth.privilege_users.each do |user| %>
|
||||
<li> <%= user.name %> <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'privilege_user',:target_id=>user.id),:method => :delete %> </li>
|
||||
<li> <%= user.name %> <%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'privilege_user',:target_id=>user.id),:method => :delete %> </li>
|
||||
<% end %>
|
||||
<ul>BlockedList </ul>
|
||||
<% auth.blocked_users.each do |user| %>
|
||||
<li> <%= user.name %><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'blocked_user',:target_id=>user.id),:method => :delete %> </li>
|
||||
<li> <%= user.name %><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'blocked_user',:target_id=>user.id),:method => :delete %> </li>
|
||||
<% end %>
|
||||
<% end %>
|
||||
</div>
|
|
@ -36,5 +36,5 @@
|
|||
</dd>
|
||||
</dl>
|
||||
</div>
|
||||
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth } %>
|
||||
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth ,:submit_url=> admin_module_app_app_auths_path(@module_app),:ploy_route_ary=>['remove',:admin,@module_app,@module_app.app_auth] } %>
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
<!-- Remove if CSS done-->
|
||||
<h3><%= @object_auth.title %></h3>
|
||||
|
||||
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @object_auth.auth_obj ,:auth=> @object_auth } %>
|
||||
<%= render :partial => "admin/components/user_role_management", :locals => {
|
||||
:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
|
||||
|
||||
|
||||
|
|
|
@ -12,7 +12,12 @@ PrototypeR4::Application.routes.draw do
|
|||
namespace :admin do
|
||||
resources :assets
|
||||
resources :app_auths
|
||||
resources :object_auths
|
||||
resources :object_auths do
|
||||
member do
|
||||
match ':id/create_role',:action => 'create_role',:iia => "post",:as => :create_role
|
||||
match 'remove/:type/:target_id' ,:action=> 'remove_role',:via => "delete",:as =>:remove
|
||||
end
|
||||
end
|
||||
|
||||
resources :ad_banners
|
||||
resources :designs do
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
module OrbitCoreLib
|
||||
module ObjectAuthable
|
||||
def self.included(base)
|
||||
base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
|
||||
|
||||
base.define_singleton_method :authed_for_user do |user,title = nil|
|
||||
sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
|
||||
if title.nil?
|
||||
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
|
||||
else
|
||||
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
|
||||
end
|
||||
|
||||
query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
|
||||
query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id)
|
||||
result = (query1 + query2).uniq
|
||||
result.collect{|t| t.obj_authable}
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
def authed_users(title=nil)
|
||||
users = []
|
||||
unless title.nil?
|
||||
users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue []
|
||||
else
|
||||
users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue []
|
||||
users.flatten!.uniq!
|
||||
end
|
||||
users
|
||||
end
|
||||
|
||||
def tell_me_class
|
||||
self.class.name
|
||||
end
|
||||
|
||||
def search_object_db
|
||||
ObjectAuth.where(obj_authable_type: self.class.name)
|
||||
end
|
||||
|
||||
end
|
||||
end
|
|
@ -1,9 +1,10 @@
|
|||
class Post
|
||||
include Mongoid::Document
|
||||
include Mongoid::Timestamps
|
||||
include OrbitCoreLib::ObjectAuthable
|
||||
|
||||
field :title, :type => String
|
||||
field :body, :type => String
|
||||
embeds_many :comments
|
||||
validates_presence_of :title, :body
|
||||
has_one :object_auth,as: :obj_authable,dependent: :delete
|
||||
end
|
Reference in New Issue