From d632439f801e4fc0e712eb3db47b9c71f49b7167 Mon Sep 17 00:00:00 2001
From: chris <chris.vilayphiou@gmail.com>
Date: Wed, 31 Jul 2013 00:01:48 +0800
Subject: [PATCH] Add class for Ray's check-box Fix some typos Change the
 default index for auth Add some hard code in object_auth.rb to handle
 page_context A user cannot select himself in authorisation

---
 app/helpers/admin_helper.rb                   | 15 ++++++++-----
 app/helpers/orbit_backend_helper.rb           | 22 +++++++++++++------
 app/models/object_auth.rb                     |  8 +++++--
 app/views/admin/authorizations/_user.html.erb |  8 ++++---
 app/views/admin/authorizations/index.html.erb |  2 +-
 .../admin/authorizations/modal_select.js.erb  |  2 +-
 .../member_selects/_modal_select.html.erb     |  6 ++---
 app/views/layouts/back_end.html.erb           |  4 ++--
 app/views/layouts/basic_back_end.html.erb     |  4 ++--
 lib/orbit_category/categorizing.rb            |  2 +-
 10 files changed, 45 insertions(+), 28 deletions(-)

diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb
index 7cb28b96..a0d8d0d9 100644
--- a/app/helpers/admin_helper.rb
+++ b/app/helpers/admin_helper.rb
@@ -1,10 +1,5 @@
 module AdminHelper
   
-  def show_parent_items_link 
-    @parent_items = @parent_item.ancestors.map{ |i| i }
-    link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
-  end
-  
   # Check if the current_user is manager in current module app
   def is_manager?
     (@module_app.is_manager?(current_or_guest_user) rescue nil) || is_admin?
@@ -34,4 +29,14 @@ module AdminHelper
     return false
   end
 
+  def get_user_module_role(user)
+    if user.admin?
+      t(:admin)
+    elsif @module_app.is_manager?(user)
+      t(:manager)
+    elsif @module_app.is_sub_manager?(user)
+      t(:sub_manager)
+    end
+  end
+
 end
\ No newline at end of file
diff --git a/app/helpers/orbit_backend_helper.rb b/app/helpers/orbit_backend_helper.rb
index aa8075c4..a673e5d9 100644
--- a/app/helpers/orbit_backend_helper.rb
+++ b/app/helpers/orbit_backend_helper.rb
@@ -76,9 +76,7 @@ module OrbitBackendHelper
   #   
   # TODO: link for other types
   # ===============================================================
-  def get_value(object, field)
-    authorization = !@authorization || (@authorization && is_authorized(object))
-    approvable = !@approvable || (@approvable && is_approvable(object))
+  def get_value(object, field, authorization, approvable)
     res = ''
     case field[:type]
     when 'associated'
@@ -145,9 +143,11 @@ module OrbitBackendHelper
       end)
       concat (content_tag :tbody do
         (@objects.each do |object|
+          authorization = !@authorization || (@authorization && is_authorized(object))
+          approvable = !@approvable || (@approvable && is_approvable(object))
           concat (content_tag :tr do
             (@fields.each do |field|
-              concat(content_tag :td, get_value(object, field))
+              concat(content_tag :td, get_value(object, field, authorization, approvable))
             end)
           end)
         end)
@@ -280,11 +280,11 @@ module OrbitBackendHelper
         content_tag :li, link_to(t(quick[:translation] || :approval_), eval("#{quick[:link]}('#{object.id}')"), class: "preview_trigger #{quick[:class]}")
       end
     when 'authorization'
-      if authorization
+      if is_admin? || is_manager?
         content_tag :li, link_to(t(quick[:translation] || :authorization_), eval("#{quick[:link]}"), class: "preview_trigger #{quick[:class]}")
       end
     when 'edit'
-      if authorization || approvable
+      if authorization && approvable
         content_tag :li, link_to(t(quick[:translation] || :edit), eval("#{quick[:link]}('#{object.id}')"), class: quick[:class])
       end
     when 'delete'
@@ -319,7 +319,15 @@ module OrbitBackendHelper
   end
 
   def is_authorized(object)
-    at_least_module_manager || object.category.cur_user_is_sub_manager_of("submit_#{@module_app.key}")
+    autorized = @module_app.authorizable_models.inject(false) do |autorized, klass|
+      if object.is_a?(klass.constantize)
+        autorized ||= object.cur_user_is_sub_manager_of("#{klass.underscore}_#{@module_app.key}")
+      else
+        autorized ||= object.category.cur_user_is_sub_manager_of("category_#{@module_app.key}")
+      end
+      autorized
+    end
+    at_least_module_manager || autorized
   end
 
   def quick_edit_link(args)
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
index f2ef5c04..c57c6c68 100644
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@@ -15,8 +15,12 @@ class ObjectAuth  < PrototypeAuth
   end
 
   def check_user_has_can_access_app
-    sub_managing_users = auth_obj.module_app.sub_managing_users rescue []
-    module_app =  auth_obj.module_app
+    if auth_obj.is_a?(PageContext)
+      module_app = ModuleApp.where(key: 'page_content').first
+    else
+      module_app = auth_obj.module_app
+    end
+    sub_managing_users = module_app.sub_managing_users rescue []
     self.auth_users.each do |auth_user|
       if !sub_managing_users.include? auth_user && !auth_user.admin?
          module_app.assign_sub_manager(auth_user,User.current)
diff --git a/app/views/admin/authorizations/_user.html.erb b/app/views/admin/authorizations/_user.html.erb
index c1c4ddad..2723234e 100644
--- a/app/views/admin/authorizations/_user.html.erb
+++ b/app/views/admin/authorizations/_user.html.erb
@@ -1,8 +1,10 @@
-<li class="filter-item selected_user" id="<%= user.id %>">
+<li class="filter-item selected_user <%= 'check-item' unless user == current_user || is_admin? %>" id="<%= user.id %>">
   <label>
     <%= image_tag (user.avatar? ? user.avatar.thumb : 'menber-pic.png'), :class => "user-pic" %>
     <span class="user-name"><%= user.name %></span>
-    <!-- <span>國際事務學院,國際研究英語碩士學位學程</span> -->
+    <span><%= get_user_module_role(user) %></span>
   </label>
-  <input type="checkbox">
+  <% unless user == current_user || is_admin? %>
+  	<input type="checkbox">
+  <% end %>
 </li>
\ No newline at end of file
diff --git a/app/views/admin/authorizations/index.html.erb b/app/views/admin/authorizations/index.html.erb
index 41d6b55d..6e98df12 100644
--- a/app/views/admin/authorizations/index.html.erb
+++ b/app/views/admin/authorizations/index.html.erb
@@ -15,7 +15,7 @@
   <div class="mini-layout-body span10">
     <%= link_to t(:module_authorization), admin_authorizations_path(@module_app.key) %>
     <% @module_app.authorizable_models.each do |authorizable_model| %>
-      <%= link_to (authorizable_model.eql?('Category') ? t(:category_auth) : "#{authorizable_model.underscore.humanize.capitalize} #{t(:authorization_)}"), admin_authorizations_path(@module_app.key, type: authorizable_model.downcase) %>
+      <%= link_to (authorizable_model.eql?('Category') ? t(:category_auth) : "#{authorizable_model.underscore.humanize.capitalize} #{t(:authorization_)}"), admin_authorizations_path(@module_app.key, type: authorizable_model.underscore) %>
     <% end %>
     <%= link_to t(:approval_), admin_authorizations_path(@module_app.key, type: 'approval') if @module_app.is_approvable %>
     <% if @error %>
diff --git a/app/views/admin/authorizations/modal_select.js.erb b/app/views/admin/authorizations/modal_select.js.erb
index 90018562..fe828190 100644
--- a/app/views/admin/authorizations/modal_select.js.erb
+++ b/app/views/admin/authorizations/modal_select.js.erb
@@ -1,2 +1,2 @@
-$("#select_user").html("<%= j render partial: 'admin/member_selects/modal_select', locals: {role_form_url: admin_add_roles_authorizations_path(@module_app.key, @type, @object_id), user_form_url: admin_add_users_authorizations_path(@module_app.key, @type, @cobject_id)} %>");
+$("#select_user").html("<%= j render partial: 'admin/member_selects/modal_select', locals: {role_form_url: admin_add_roles_authorizations_path(@module_app.key, @type, @object_id), user_form_url: admin_add_users_authorizations_path(@module_app.key, @type, @object_id)} %>");
 $("#member-filter").modal();
\ No newline at end of file
diff --git a/app/views/admin/member_selects/_modal_select.html.erb b/app/views/admin/member_selects/_modal_select.html.erb
index 2ce2a564..becc1993 100644
--- a/app/views/admin/member_selects/_modal_select.html.erb
+++ b/app/views/admin/member_selects/_modal_select.html.erb
@@ -39,7 +39,7 @@
                   <div class="content">
                     <ul class="checkbox-card clearfix">
                       <% users.each do |user| %>
-                        <li>
+                        <li class="check-item">
                           <label>
                             <%= image_tag (user.avatar.file ? user.avatar : "menber-pic.png"), class: "user-pic" %>
                             <span class="user-name"><%= user.name %></span>
@@ -72,9 +72,7 @@
     $('#member-filter').on('shown', function() {
       $('#member-filter').off('shown')
       $(this).find('.nano').nanoScroller({ scrollTop: 0, iOSNativeScrolling: true });
-      $(this).find('.checkbox-card > li').cardCheck({
-        check: $(this).find('.checkbox-card > li input[type="checkbox"]'),
-      });
+      $(this).find('.checkbox-card').cardCheck();
     });
   });
 </script>
\ No newline at end of file
diff --git a/app/views/layouts/back_end.html.erb b/app/views/layouts/back_end.html.erb
index 0af047db..828e1c88 100644
--- a/app/views/layouts/back_end.html.erb
+++ b/app/views/layouts/back_end.html.erb
@@ -5,11 +5,11 @@
 	<%= render 'layouts/meta' %>
 	<%= render 'layouts/google_font' %>
 	<%= stylesheet_link_tag "back_end" %>
-	<%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset params[:controller] %>
+	<%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.css" %>
   <%= yield :page_specific_css %>
 	<%= render 'layouts/ie_html5_fix' %>
 	<%= javascript_include_tag "back_end" %>
-	<%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset params[:controller] %>
+	<%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.js" %>
 	<%= yield :page_specific_javascript %>
 	<%= csrf_meta_tag %>
 </head>
diff --git a/app/views/layouts/basic_back_end.html.erb b/app/views/layouts/basic_back_end.html.erb
index 801925fd..6c8c4f56 100644
--- a/app/views/layouts/basic_back_end.html.erb
+++ b/app/views/layouts/basic_back_end.html.erb
@@ -5,10 +5,10 @@
   <%= render 'layouts/meta' %>
   <%= render 'layouts/google_font' %>
   <%= stylesheet_link_tag "basic" %>
-  <%= stylesheet_link_tag params[:controller] %>
+  <%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.css" %>
   <%= render 'layouts/ie_html5_fix' %>
   <%= javascript_include_tag "basic" %>
-  <%= javascript_include_tag params[:controller] %>
+  <%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.js" %>
   <%= yield :page_specific_css %>
   <%= yield :page_specific_javascript %>
   <%= csrf_meta_tag %>
diff --git a/lib/orbit_category/categorizing.rb b/lib/orbit_category/categorizing.rb
index 2dbaf15a..1b11f520 100644
--- a/lib/orbit_category/categorizing.rb
+++ b/lib/orbit_category/categorizing.rb
@@ -9,7 +9,7 @@ module OrbitCategory
       end
     end
 
-    def get_categories_for_form(func_authed_for_sub_manager = "submit_#{@module_app.key}")
+    def get_categories_for_form(func_authed_for_sub_manager = "category_#{@module_app.key}")
       categories = if is_manager? || is_admin?
         @module_app.categories.enabled
       elsif is_sub_manager?