Change to apply page to had object_auth
This commit is contained in:
parent
e696516aae
commit
e1450ec748
|
@ -1,4 +1,4 @@
|
||||||
class Admin::ObjectAuthsNewInterfaceController < ApplicationController
|
class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController
|
||||||
include OrbitCoreLib::PermissionUnility
|
include OrbitCoreLib::PermissionUnility
|
||||||
layout "new_admin"
|
layout "new_admin"
|
||||||
before_filter :force_order
|
before_filter :force_order
|
||||||
|
@ -33,8 +33,9 @@ class Admin::ObjectAuthsNewInterfaceController < ApplicationController
|
||||||
|
|
||||||
protected
|
protected
|
||||||
def update_setting_by_params
|
def update_setting_by_params
|
||||||
|
user_sat = []
|
||||||
oa = ObjectAuth.find params[:ob_auth][:id]
|
oa = ObjectAuth.find params[:ob_auth][:id]
|
||||||
user_sat = User.find params[:users].keys
|
user_sat += User.find params[:users].keys if params.has_key? :users
|
||||||
users_to_new = user_sat - oa.auth_users
|
users_to_new = user_sat - oa.auth_users
|
||||||
users_to_remove = oa.auth_users - user_sat
|
users_to_remove = oa.auth_users - user_sat
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,10 @@ class ApplicationController < ActionController::Base
|
||||||
helper :all
|
helper :all
|
||||||
before_filter :set_locale, :set_site
|
before_filter :set_locale, :set_site
|
||||||
|
|
||||||
|
def set_current_user
|
||||||
|
User.current = current_user
|
||||||
|
end
|
||||||
|
|
||||||
def front_end_available(module_app_title='')
|
def front_end_available(module_app_title='')
|
||||||
app_controller = ModuleApp.first(conditions: {:key => module_app_title} )
|
app_controller = ModuleApp.first(conditions: {:key => module_app_title} )
|
||||||
unless app_controller.enable_frontend?
|
unless app_controller.enable_frontend?
|
||||||
|
|
|
@ -10,6 +10,7 @@ class OrbitBackendController< ApplicationController
|
||||||
|
|
||||||
def setup_vars
|
def setup_vars
|
||||||
@app_title = request.fullpath.split('/')[2]
|
@app_title = request.fullpath.split('/')[2]
|
||||||
|
@app_title = request.fullpath.split('/')[1] if(@app_title == "back_end")
|
||||||
@module_app = ModuleApp.first(conditions: {:key => @app_title} )
|
@module_app = ModuleApp.first(conditions: {:key => @app_title} )
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
module Admin::PageContentHelper
|
||||||
|
include ActionView::Helpers::UrlHelper
|
||||||
|
|
||||||
|
|
||||||
|
def show_page_context_edit_auth_link(page_context)
|
||||||
|
type = 'Edit'
|
||||||
|
# debugger
|
||||||
|
# a=1
|
||||||
|
oa = page_context.get_object_auth_by_title(type)
|
||||||
|
if oa.nil?
|
||||||
|
page_context.object_auths.new(title: type ).save rescue
|
||||||
|
oa = page_context.get_object_auth_by_title(type)
|
||||||
|
end
|
||||||
|
# link_to t('announcement.bulletin.cate_auth'), edit_admin_object_auth_path(oa)
|
||||||
|
link_to t('admin.page_context.ob_auth.edit'),admin_object_auth_ob_auth_path(oa)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
|
@ -1,4 +1,5 @@
|
||||||
class AdBanner
|
class AdBanner
|
||||||
|
include OrbitCoreLib::ObjectAuthable
|
||||||
include Mongoid::Document
|
include Mongoid::Document
|
||||||
include Mongoid::Timestamps
|
include Mongoid::Timestamps
|
||||||
include Mongoid::MultiParameterAttributes
|
include Mongoid::MultiParameterAttributes
|
||||||
|
@ -14,6 +15,15 @@ class AdBanner
|
||||||
|
|
||||||
FX_TYPES = ["blindX","blindY","blindZ","cover","curtainX","curtainY","fade","fadeZoom","growX","growY","scrollUp","scrollDown","scrollLeft","scrollRight","scrollHorz","scrollVert","shuffle","slideX","slideY","toss","turnUp","turnDown","turnLeft","turnRight","uncover","wipe","zoom"]
|
FX_TYPES = ["blindX","blindY","blindZ","cover","curtainX","curtainY","fade","fadeZoom","growX","growY","scrollUp","scrollDown","scrollLeft","scrollRight","scrollHorz","scrollVert","shuffle","slideX","slideY","toss","turnUp","turnDown","turnLeft","turnRight","uncover","wipe","zoom"]
|
||||||
attr_writer :transition_sec
|
attr_writer :transition_sec
|
||||||
|
|
||||||
|
AfterObjectAuthUrl = '/panel/page_content/back_end/page_contexts'
|
||||||
|
APP_NAME = 'ad_banners'
|
||||||
|
ObjectAuthTitlesOptions = %W{edit}
|
||||||
|
|
||||||
|
def pp_object
|
||||||
|
title
|
||||||
|
end
|
||||||
|
|
||||||
def transition_sec
|
def transition_sec
|
||||||
self.transition_msec/1000 rescue nil
|
self.transition_msec/1000 rescue nil
|
||||||
end
|
end
|
||||||
|
|
|
@ -2,6 +2,7 @@ class ObjectAuth < PrototypeAuth
|
||||||
include OrbitCoreLib::ObjectTokenUnility
|
include OrbitCoreLib::ObjectTokenUnility
|
||||||
validates_uniqueness_of :title ,:scope => [:obj_authable_type,:obj_authable_id] #{ |c| }
|
validates_uniqueness_of :title ,:scope => [:obj_authable_type,:obj_authable_id] #{ |c| }
|
||||||
belongs_to :obj_authable, polymorphic: true
|
belongs_to :obj_authable, polymorphic: true
|
||||||
|
after_save :check_user_has_app_auth
|
||||||
# > - Something.find_with_auth(query)
|
# > - Something.find_with_auth(query)
|
||||||
# > - or Something.find(query).auth
|
# > - or Something.find(query).auth
|
||||||
def auth_obj
|
def auth_obj
|
||||||
|
@ -9,4 +10,15 @@ class ObjectAuth < PrototypeAuth
|
||||||
class_obj.find self.obj_authable_id
|
class_obj.find self.obj_authable_id
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def check_user_has_app_auth
|
||||||
|
sub_managing_users = auth_obj.app_auth.sub_managing_users
|
||||||
|
app_auth = auth_obj.app_auth
|
||||||
|
self.auth_users.each do |auth_user|
|
||||||
|
if !sub_managing_users.include? auth_user && !auth_user.admin?
|
||||||
|
app_auth.assign_sub_manager(auth_user,User.current)
|
||||||
|
app_auth.save!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
|
@ -21,6 +21,14 @@ class User
|
||||||
has_and_belongs_to_many :sub_roles
|
has_and_belongs_to_many :sub_roles
|
||||||
accepts_nested_attributes_for :attribute_values, :allow_destroy => true
|
accepts_nested_attributes_for :attribute_values, :allow_destroy => true
|
||||||
|
|
||||||
|
def self.current
|
||||||
|
Thread.current[:user]
|
||||||
|
end
|
||||||
|
|
||||||
|
def self.current=(user)
|
||||||
|
Thread.current[:user] = user
|
||||||
|
end
|
||||||
|
|
||||||
def avb_apps
|
def avb_apps
|
||||||
sub_role_ids_ary=self.sub_roles.collect{|t| t.id}
|
sub_role_ids_ary=self.sub_roles.collect{|t| t.id}
|
||||||
query1 = AppAuth.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: self.id)
|
query1 = AppAuth.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: self.id)
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
<div class="clear">
|
<div class="clear">
|
||||||
<%= content_tag :div do -%>
|
<%= content_tag :div do -%>
|
||||||
<% form_tag admin_object_auth_ob_auth_path do %>
|
<% form_tag admin_object_auth_ob_auth_path do %>
|
||||||
<%#= render :partial => "privilege_user", :locals => {:users => @users_array} %>
|
<%= render :partial => "privilege_user", :locals => {:users => @users_array} %>
|
||||||
<div class="form-actions form-fixed pagination-right">
|
<div class="form-actions form-fixed pagination-right">
|
||||||
<%= submit_tag "Update", :class => 'btn btn-primary' %>
|
<%= submit_tag "Update", :class => 'btn btn-primary' %>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -199,6 +199,10 @@ zh_tw:
|
||||||
options: 選項
|
options: 選項
|
||||||
orig_upload_file: 原上傳檔名
|
orig_upload_file: 原上傳檔名
|
||||||
page: 頁面管理
|
page: 頁面管理
|
||||||
|
page_context:
|
||||||
|
edit: 編輯
|
||||||
|
ob_auth:
|
||||||
|
edit: 分類授權
|
||||||
position: 位置
|
position: 位置
|
||||||
published?: 發布?
|
published?: 發布?
|
||||||
purchase: 購買
|
purchase: 購買
|
||||||
|
|
|
@ -19,6 +19,10 @@ module OrbitCoreLib
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def app_auth
|
||||||
|
ModuleApp.first(conditions: {:title => self.class::APP_NAME} )
|
||||||
|
end
|
||||||
|
|
||||||
def pp_object
|
def pp_object
|
||||||
"Object Auth method 'pp_object' need to be defined for class #{self.class}"
|
"Object Auth method 'pp_object' need to be defined for class #{self.class}"
|
||||||
end
|
end
|
||||||
|
@ -67,6 +71,7 @@ module OrbitCoreLib
|
||||||
module PermissionUnility
|
module PermissionUnility
|
||||||
private
|
private
|
||||||
def check_permission(type = :use)
|
def check_permission(type = :use)
|
||||||
|
setup_vars
|
||||||
permission_grant = current_user.admin?? true : false
|
permission_grant = current_user.admin?? true : false
|
||||||
module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
|
module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
|
||||||
unless permission_grant
|
unless permission_grant
|
||||||
|
|
|
@ -10,7 +10,7 @@ class BulletinCategory
|
||||||
# include Mongoid::MultiParameterAttributes
|
# include Mongoid::MultiParameterAttributes
|
||||||
|
|
||||||
PAYMENT_TYPES = [ "List", "Picture" ]
|
PAYMENT_TYPES = [ "List", "Picture" ]
|
||||||
|
APP_NAME = 'Announcement'
|
||||||
field :key
|
field :key
|
||||||
field :display
|
field :display
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ class NewsBulletinCategory
|
||||||
# include Mongoid::MultiParameterAttributes
|
# include Mongoid::MultiParameterAttributes
|
||||||
|
|
||||||
PAYMENT_TYPES = [ "List", "Picture" ]
|
PAYMENT_TYPES = [ "List", "Picture" ]
|
||||||
|
APP_NAME = 'news'
|
||||||
|
|
||||||
field :key
|
field :key
|
||||||
field :display
|
field :display
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController
|
class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController
|
||||||
|
before_filter :for_app_manager,:except => [:index,:edit,:update,:view,:show]
|
||||||
before_filter :authenticate_user!
|
before_filter :for_app_sub_manager,:only => [:edit,:update,:view,:show]
|
||||||
before_filter :is_admin?
|
:authenticate_user!
|
||||||
|
#before_filter :is_admin?
|
||||||
|
|
||||||
def index
|
def index
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,8 @@ class PageContext
|
||||||
include Mongoid::Timestamps
|
include Mongoid::Timestamps
|
||||||
include Mongoid::MultiParameterAttributes
|
include Mongoid::MultiParameterAttributes
|
||||||
|
|
||||||
|
include OrbitCoreLib::ObjectAuthable
|
||||||
|
|
||||||
|
|
||||||
has_one :context, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
|
has_one :context, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
|
||||||
|
|
||||||
|
@ -17,6 +19,14 @@ class PageContext
|
||||||
|
|
||||||
belongs_to :page
|
belongs_to :page
|
||||||
|
|
||||||
|
AfterObjectAuthUrl = '/panel/page_content/back_end/page_contexts'
|
||||||
|
APP_NAME = 'page_content'
|
||||||
|
ObjectAuthTitlesOptions = %W{Edit}
|
||||||
|
|
||||||
|
def pp_object
|
||||||
|
page.i18n_variable[I18n.locale]
|
||||||
|
end
|
||||||
|
|
||||||
def is_top?
|
def is_top?
|
||||||
self.is_top
|
self.is_top
|
||||||
end
|
end
|
||||||
|
|
|
@ -4,11 +4,20 @@
|
||||||
<%= page_context.page.i18n_variable[I18n.locale] %>
|
<%= page_context.page.i18n_variable[I18n.locale] %>
|
||||||
<div class="quick-edit">
|
<div class="quick-edit">
|
||||||
<ul class="nav nav-pills hide">
|
<ul class="nav nav-pills hide">
|
||||||
<li><%= link_to t('page_context.edit'), edit_panel_page_content_back_end_page_context_path(page_context) %></li>
|
<%if is_manager? || is_admin? || page_context.authed_users(:edit).include?(current_user)%>
|
||||||
|
<li><%= link_to t('admin.page_context.edit'), edit_panel_page_content_back_end_page_context_path(page_context) %></li>
|
||||||
|
<%if (is_manager? || is_admin?) %>
|
||||||
|
<li><%=show_page_context_edit_auth_link page_context%></li>
|
||||||
|
<% end%>
|
||||||
|
<% end -%>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
<td><%= link_to page_context.version, panel_page_content_back_end_view_path(page_context.page_id) %></td>
|
<td>
|
||||||
|
<%if is_manager? || is_admin? || page_context.authed_users(:edit).include?(current_user)%>
|
||||||
|
<%= link_to page_context.version, panel_page_content_back_end_view_path(page_context.page_id) %>
|
||||||
|
<%end -%>
|
||||||
|
</td>
|
||||||
<td><%= page_context.updated_at.strftime("%Y-%m-%d %H:%I:%S") %></td>
|
<td><%= page_context.updated_at.strftime("%Y-%m-%d %H:%I:%S") %></td>
|
||||||
<td><%= User.find(page_context.create_user_id).name %></td>
|
<td><%= User.find(page_context.create_user_id).name %></td>
|
||||||
</tr>
|
</tr>
|
Loading…
Reference in New Issue