Add class for Ray's check-box

Fix some typos
Change the default index for auth
Add some hard code in object_auth.rb to handle page_context
A user cannot select himself in authorisation
This commit is contained in:
chris 2013-07-31 00:01:48 +08:00
parent b1755bdc80
commit d632439f80
10 changed files with 45 additions and 28 deletions

View File

@ -1,10 +1,5 @@
module AdminHelper module AdminHelper
def show_parent_items_link
@parent_items = @parent_item.ancestors.map{ |i| i }
link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
end
# Check if the current_user is manager in current module app # Check if the current_user is manager in current module app
def is_manager? def is_manager?
(@module_app.is_manager?(current_or_guest_user) rescue nil) || is_admin? (@module_app.is_manager?(current_or_guest_user) rescue nil) || is_admin?
@ -34,4 +29,14 @@ module AdminHelper
return false return false
end end
def get_user_module_role(user)
if user.admin?
t(:admin)
elsif @module_app.is_manager?(user)
t(:manager)
elsif @module_app.is_sub_manager?(user)
t(:sub_manager)
end
end
end end

View File

@ -76,9 +76,7 @@ module OrbitBackendHelper
# #
# TODO: link for other types # TODO: link for other types
# =============================================================== # ===============================================================
def get_value(object, field) def get_value(object, field, authorization, approvable)
authorization = !@authorization || (@authorization && is_authorized(object))
approvable = !@approvable || (@approvable && is_approvable(object))
res = '' res = ''
case field[:type] case field[:type]
when 'associated' when 'associated'
@ -145,9 +143,11 @@ module OrbitBackendHelper
end) end)
concat (content_tag :tbody do concat (content_tag :tbody do
(@objects.each do |object| (@objects.each do |object|
authorization = !@authorization || (@authorization && is_authorized(object))
approvable = !@approvable || (@approvable && is_approvable(object))
concat (content_tag :tr do concat (content_tag :tr do
(@fields.each do |field| (@fields.each do |field|
concat(content_tag :td, get_value(object, field)) concat(content_tag :td, get_value(object, field, authorization, approvable))
end) end)
end) end)
end) end)
@ -280,11 +280,11 @@ module OrbitBackendHelper
content_tag :li, link_to(t(quick[:translation] || :approval_), eval("#{quick[:link]}('#{object.id}')"), class: "preview_trigger #{quick[:class]}") content_tag :li, link_to(t(quick[:translation] || :approval_), eval("#{quick[:link]}('#{object.id}')"), class: "preview_trigger #{quick[:class]}")
end end
when 'authorization' when 'authorization'
if authorization if is_admin? || is_manager?
content_tag :li, link_to(t(quick[:translation] || :authorization_), eval("#{quick[:link]}"), class: "preview_trigger #{quick[:class]}") content_tag :li, link_to(t(quick[:translation] || :authorization_), eval("#{quick[:link]}"), class: "preview_trigger #{quick[:class]}")
end end
when 'edit' when 'edit'
if authorization || approvable if authorization && approvable
content_tag :li, link_to(t(quick[:translation] || :edit), eval("#{quick[:link]}('#{object.id}')"), class: quick[:class]) content_tag :li, link_to(t(quick[:translation] || :edit), eval("#{quick[:link]}('#{object.id}')"), class: quick[:class])
end end
when 'delete' when 'delete'
@ -319,7 +319,15 @@ module OrbitBackendHelper
end end
def is_authorized(object) def is_authorized(object)
at_least_module_manager || object.category.cur_user_is_sub_manager_of("submit_#{@module_app.key}") autorized = @module_app.authorizable_models.inject(false) do |autorized, klass|
if object.is_a?(klass.constantize)
autorized ||= object.cur_user_is_sub_manager_of("#{klass.underscore}_#{@module_app.key}")
else
autorized ||= object.category.cur_user_is_sub_manager_of("category_#{@module_app.key}")
end
autorized
end
at_least_module_manager || autorized
end end
def quick_edit_link(args) def quick_edit_link(args)

View File

@ -15,8 +15,12 @@ class ObjectAuth < PrototypeAuth
end end
def check_user_has_can_access_app def check_user_has_can_access_app
sub_managing_users = auth_obj.module_app.sub_managing_users rescue [] if auth_obj.is_a?(PageContext)
module_app = auth_obj.module_app module_app = ModuleApp.where(key: 'page_content').first
else
module_app = auth_obj.module_app
end
sub_managing_users = module_app.sub_managing_users rescue []
self.auth_users.each do |auth_user| self.auth_users.each do |auth_user|
if !sub_managing_users.include? auth_user && !auth_user.admin? if !sub_managing_users.include? auth_user && !auth_user.admin?
module_app.assign_sub_manager(auth_user,User.current) module_app.assign_sub_manager(auth_user,User.current)

View File

@ -1,8 +1,10 @@
<li class="filter-item selected_user" id="<%= user.id %>"> <li class="filter-item selected_user <%= 'check-item' unless user == current_user || is_admin? %>" id="<%= user.id %>">
<label> <label>
<%= image_tag (user.avatar? ? user.avatar.thumb : 'menber-pic.png'), :class => "user-pic" %> <%= image_tag (user.avatar? ? user.avatar.thumb : 'menber-pic.png'), :class => "user-pic" %>
<span class="user-name"><%= user.name %></span> <span class="user-name"><%= user.name %></span>
<!-- <span>國際事務學院,國際研究英語碩士學位學程</span> --> <span><%= get_user_module_role(user) %></span>
</label> </label>
<input type="checkbox"> <% unless user == current_user || is_admin? %>
<input type="checkbox">
<% end %>
</li> </li>

View File

@ -15,7 +15,7 @@
<div class="mini-layout-body span10"> <div class="mini-layout-body span10">
<%= link_to t(:module_authorization), admin_authorizations_path(@module_app.key) %> <%= link_to t(:module_authorization), admin_authorizations_path(@module_app.key) %>
<% @module_app.authorizable_models.each do |authorizable_model| %> <% @module_app.authorizable_models.each do |authorizable_model| %>
<%= link_to (authorizable_model.eql?('Category') ? t(:category_auth) : "#{authorizable_model.underscore.humanize.capitalize} #{t(:authorization_)}"), admin_authorizations_path(@module_app.key, type: authorizable_model.downcase) %> <%= link_to (authorizable_model.eql?('Category') ? t(:category_auth) : "#{authorizable_model.underscore.humanize.capitalize} #{t(:authorization_)}"), admin_authorizations_path(@module_app.key, type: authorizable_model.underscore) %>
<% end %> <% end %>
<%= link_to t(:approval_), admin_authorizations_path(@module_app.key, type: 'approval') if @module_app.is_approvable %> <%= link_to t(:approval_), admin_authorizations_path(@module_app.key, type: 'approval') if @module_app.is_approvable %>
<% if @error %> <% if @error %>

View File

@ -1,2 +1,2 @@
$("#select_user").html("<%= j render partial: 'admin/member_selects/modal_select', locals: {role_form_url: admin_add_roles_authorizations_path(@module_app.key, @type, @object_id), user_form_url: admin_add_users_authorizations_path(@module_app.key, @type, @cobject_id)} %>"); $("#select_user").html("<%= j render partial: 'admin/member_selects/modal_select', locals: {role_form_url: admin_add_roles_authorizations_path(@module_app.key, @type, @object_id), user_form_url: admin_add_users_authorizations_path(@module_app.key, @type, @object_id)} %>");
$("#member-filter").modal(); $("#member-filter").modal();

View File

@ -39,7 +39,7 @@
<div class="content"> <div class="content">
<ul class="checkbox-card clearfix"> <ul class="checkbox-card clearfix">
<% users.each do |user| %> <% users.each do |user| %>
<li> <li class="check-item">
<label> <label>
<%= image_tag (user.avatar.file ? user.avatar : "menber-pic.png"), class: "user-pic" %> <%= image_tag (user.avatar.file ? user.avatar : "menber-pic.png"), class: "user-pic" %>
<span class="user-name"><%= user.name %></span> <span class="user-name"><%= user.name %></span>
@ -72,9 +72,7 @@
$('#member-filter').on('shown', function() { $('#member-filter').on('shown', function() {
$('#member-filter').off('shown') $('#member-filter').off('shown')
$(this).find('.nano').nanoScroller({ scrollTop: 0, iOSNativeScrolling: true }); $(this).find('.nano').nanoScroller({ scrollTop: 0, iOSNativeScrolling: true });
$(this).find('.checkbox-card > li').cardCheck({ $(this).find('.checkbox-card').cardCheck();
check: $(this).find('.checkbox-card > li input[type="checkbox"]'),
});
}); });
}); });
</script> </script>

View File

@ -5,11 +5,11 @@
<%= render 'layouts/meta' %> <%= render 'layouts/meta' %>
<%= render 'layouts/google_font' %> <%= render 'layouts/google_font' %>
<%= stylesheet_link_tag "back_end" %> <%= stylesheet_link_tag "back_end" %>
<%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset params[:controller] %> <%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.css" %>
<%= yield :page_specific_css %> <%= yield :page_specific_css %>
<%= render 'layouts/ie_html5_fix' %> <%= render 'layouts/ie_html5_fix' %>
<%= javascript_include_tag "back_end" %> <%= javascript_include_tag "back_end" %>
<%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset params[:controller] %> <%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.js" %>
<%= yield :page_specific_javascript %> <%= yield :page_specific_javascript %>
<%= csrf_meta_tag %> <%= csrf_meta_tag %>
</head> </head>

View File

@ -5,10 +5,10 @@
<%= render 'layouts/meta' %> <%= render 'layouts/meta' %>
<%= render 'layouts/google_font' %> <%= render 'layouts/google_font' %>
<%= stylesheet_link_tag "basic" %> <%= stylesheet_link_tag "basic" %>
<%= stylesheet_link_tag params[:controller] %> <%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.css" %>
<%= render 'layouts/ie_html5_fix' %> <%= render 'layouts/ie_html5_fix' %>
<%= javascript_include_tag "basic" %> <%= javascript_include_tag "basic" %>
<%= javascript_include_tag params[:controller] %> <%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.js" %>
<%= yield :page_specific_css %> <%= yield :page_specific_css %>
<%= yield :page_specific_javascript %> <%= yield :page_specific_javascript %>
<%= csrf_meta_tag %> <%= csrf_meta_tag %>

View File

@ -9,7 +9,7 @@ module OrbitCategory
end end
end end
def get_categories_for_form(func_authed_for_sub_manager = "submit_#{@module_app.key}") def get_categories_for_form(func_authed_for_sub_manager = "category_#{@module_app.key}")
categories = if is_manager? || is_admin? categories = if is_manager? || is_admin?
@module_app.categories.enabled @module_app.categories.enabled
elsif is_sub_manager? elsif is_sub_manager?