module OrbitCoreLib module ObjectAuthable def self.included(base) base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete") base.define_singleton_method :authed_for_user do |user,title = nil| sub_role_ids_ary=user.sub_roles.collect{|t| t.id} if title.nil? auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s) else auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title) end query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id) query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id) result = (query1 + query2).uniq result.collect{|t| t.obj_authable} end end def authed_users(title=nil) users = [] unless title.nil? users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue [] else users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue [] users.flatten!.uniq! end users end end module PermissionUnility private def check_permission(type = :use) permission_grant = current_user.admin?? true : false module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app unless permission_grant permission_grant = case type when :use users_ary = module_app.app_auth.auth_users rescue nil users_ary = [] if users_ary.nil? (users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)) when :manager module_app.is_manager?(current_user) when :sub_manager module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user) end end permission_grant end end end