orbit-basic/app/controllers/admin/module_apps_controller.rb

class Admin::ModuleAppsController < ApplicationController
  before_filter :user_has_manager_privilege?, :only => [ :assign_manager, :remove_manager ]
  before_filter :user_has_sub_manager_privilege?, :only => [ :assign_sub_manager, :remove_sub_manager ]

  layout "new_admin"
  helper Admin::PagePartsHelper
  def index
    @module_apps = ModuleApp.all.entries
  end


  
  def module_auth_proc
    @module_app = ModuleApp.find(params[:id])
  end
  
  def edit
    @module_app = ModuleApp.find(params[:id])
  end
  
  def show
    @module_app = ModuleApp.find(params[:id])
    
  end
  
  def update
    @module_app = ModuleApp.find(params[:id])
    unless params['module_app']['enable_frontend'].nil?
      @module_app.update_attribute('enable_frontend',params['module_app']['enable_frontend'])
      @module_app.save!
    end
    @attribute = @module_app
    respond_to do |format|
      format.html { redirect_to :action => :index }
      format.js  { render 'admin/attributes/toggle_enable' }
    end
  end
  
  
  def assign_sub_manager
      unless @assign_to_user.nil? || @assign_to_user.admin?
         if @module_app.assign_sub_manager(@assign_to_user,current_user)
            flash[:notice] = t('app_auth.assigning_manager.add_manager_ok')
          else
            flash[:notice] = t('app_auth.assigning_manager.add_manager_fail')
          end
        else
          flash[:notice] = t('app_auth.failed_no_user')
      end
        flash[:notice] = t('app_auth.can_not_add_this_user')
        redirect_to :action => "edit"
  end
  
  
  def assign_manager
    unless @assign_to_user.nil? || @assign_to_user.admin?
       if @module_app.assign_manager(@assign_to_user,current_user)
          flash[:notice] = t('app_auth.assigning_sub_manager.add_sub_manager_ok')
        else
          flash[:notice] = t('app_auth.assigning_sub_manager.add_sub_manager_fail')
        end
      else
        flash[:notice] = t('app_auth.failed_no_user')
    end
      flash[:notice] = t('app_auth.can_not_add_this_user')
      redirect_to :action => "edit"
  end
  
  
  def remove_manager
    @app_manager = AppManager.find(params[:app_manager_id])
    if @module_app.remove_manager(@app_manager.user)
      flash[:notice] = t('app_auth.delete_manager.success')
    else
      flash[:notice] = t('app_auth.delete_manager.fail')
    end
    redirect_to :action => "edit"
  end
  
  
  def remove_sub_manager
    @app_sub_manager = AppManager.find(params[:app_sub_manager_id])
    if @module_app.remove_sub_manager(@app_sub_manager.user) 
      flash[:notice] = t('app_auth.delete_sub_manager.success')
    else
      flash[:notice] = t('app_auth.delete_sub_manager.fail')
    end
    redirect_to :action => "edit"
  end
  
  
  private
  def user_has_manager_privilege?
    @module_app = ModuleApp.find(params[:id])
    @assign_to_user = User.find params[:manager][:id] rescue nil
    if current_user.admin?  #only admin can assign app's manager
      return
    end
      #user is not permited to do that
      flash[:notice] = t('app_auth.operation_not_permitted')
      render :nothing => true, :status => 403 
  end
  
  
  def user_has_sub_manager_privilege?
    @module_app = ModuleApp.find(params[:id])
    @assign_to_user = User.find params[:sub_manager][:id] rescue nil
    if current_user.admin? || @module_app.managing_users.include?(current_user) #admin or app's manager can assign app's subanager
      return
    end
      #user is not permited to do that
      flash[:notice] = t('app_auth.operation_not_permitted')
      render :nothing => true,:status => 403
    end
end