158 lines
3.8 KiB
Ruby
158 lines
3.8 KiB
Ruby
|
class Admin::AuthorizationsController < OrbitBackendController
|
||
|
|
||
|
before_filter :admin_or_manager
|
||
|
|
||
|
def index
|
||
|
@module_apps ||= ModuleApp.where(is_authorizable: true).order_by([:title, :asc])
|
||
|
if @module_apps && @module_apps.include?(@module_app)
|
||
|
case @type
|
||
|
when 'category'
|
||
|
type = 'submit'
|
||
|
when 'approval'
|
||
|
type = 'fact_check'
|
||
|
else
|
||
|
@users = @module_app.managing_users
|
||
|
end
|
||
|
if type
|
||
|
if @module_app.has_category
|
||
|
@categories = @module_app.categories
|
||
|
unless @categories.blank?
|
||
|
@category ||= @categories.first
|
||
|
@users = @category.get_object_auth_by_title("#{type}_#{@module_app.key}").auth_users
|
||
|
else
|
||
|
@error = t(:no_category)
|
||
|
end
|
||
|
else
|
||
|
@error = t(:no_category)
|
||
|
end
|
||
|
end
|
||
|
elsif @module_apps
|
||
|
@module_app = @module_apps.first
|
||
|
redirect_to admin_authorizations_url(@module_app.key)
|
||
|
else
|
||
|
redirect_to :root
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def add(users)
|
||
|
unless users.blank?
|
||
|
case @type
|
||
|
when 'category'
|
||
|
type = 'submit'
|
||
|
when 'approval'
|
||
|
type = 'fact_check'
|
||
|
else
|
||
|
add_managers(users) unless users.blank?
|
||
|
end
|
||
|
if type
|
||
|
if @category
|
||
|
object_auth = @category.get_object_auth_by_title("#{type}_#{@module_app.key}")
|
||
|
add_users_to_object_auth(object_auth, users)
|
||
|
else
|
||
|
@error = t(:no_category)
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
@users = users
|
||
|
render 'admin/authorizations/insert_users'
|
||
|
end
|
||
|
|
||
|
def add_users
|
||
|
users = User.find(params[:user_ids]) rescue []
|
||
|
add(users)
|
||
|
end
|
||
|
|
||
|
def add_roles
|
||
|
roles = Role.find(params[:role_ids]) rescue []
|
||
|
users = roles.inject([]) do |users, role|
|
||
|
users += role.users.all.entries
|
||
|
users
|
||
|
end
|
||
|
add(users)
|
||
|
end
|
||
|
|
||
|
def modal_select
|
||
|
existing_users = User.find(params[:ids]) rescue []
|
||
|
roles = Role.all
|
||
|
case @type
|
||
|
when 'category', 'approval'
|
||
|
@category_id = @category.id if @category
|
||
|
@sorted_users = roles.inject({}) do |users, role|
|
||
|
users[role] = role.users.where(admin: false).not_guest_user - existing_users - @module_app.managing_users
|
||
|
users
|
||
|
end
|
||
|
else
|
||
|
@sorted_users = roles.inject({}) do |users, role|
|
||
|
users[role] = role.users.where(admin: false).not_guest_user - existing_users
|
||
|
users
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def remove_users
|
||
|
@users = User.find(params[:ids]) rescue []
|
||
|
unless @users.blank?
|
||
|
case @type
|
||
|
when 'category'
|
||
|
type = 'submit'
|
||
|
when 'approval'
|
||
|
type = 'fact_check'
|
||
|
else
|
||
|
remove_managers(@users)
|
||
|
end
|
||
|
if type
|
||
|
object_auth = @category.get_object_auth_by_title("#{type}_#{@module_app.key}")
|
||
|
remove_users_form_object_auth(object_auth, @users)
|
||
|
end
|
||
|
end
|
||
|
render 'admin/authorizations/remove_users'
|
||
|
end
|
||
|
|
||
|
protected
|
||
|
|
||
|
def add_managers(users)
|
||
|
users.each do |user|
|
||
|
@module_app.assign_manager(user, current_user)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def add_users_to_object_auth(object_auth, users)
|
||
|
users.each do |user|
|
||
|
object_auth.add_user_to_privilege_list(user)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def remove_managers(users)
|
||
|
users.each do |user|
|
||
|
@module_app.remove_manager(user)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def remove_users_form_object_auth(object_auth, users)
|
||
|
users.each do |user|
|
||
|
object_auth.remove_user_from_privilege_list(user)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def admin_or_manager
|
||
|
setup_vars
|
||
|
authenticate_user!
|
||
|
user_is_manager?
|
||
|
end
|
||
|
|
||
|
def setup_vars
|
||
|
@module_app = ModuleApp.first(conditions: {:key => params[:module]} ) if params[:module]
|
||
|
@category = Category.find(params[:category]) rescue nil
|
||
|
@type = params[:type]
|
||
|
end
|
||
|
|
||
|
def user_is_manager?
|
||
|
unless is_admin?
|
||
|
@module_apps = current_user.managed_module_apps
|
||
|
redirect_to :root if @module_apps.blank?
|
||
|
end
|
||
|
end
|
||
|
end
|