orbit-basic/lib/orbit_core_lib.rb

module  OrbitCoreLib
  module  ObjectAuthable
    def self.included(base)
      base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
      
      base.define_singleton_method :authed_for_user do |user,title = nil|
        sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
        if title.nil?
          auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
        else
          auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
        end
        
        query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
        query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id)
        result = (query1 + query2).uniq
        result.collect{|t| t.obj_authable}
      end
        
    end
    
    def authed_users(title=nil)
      users = []
      unless title.nil?
        users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue []
      else
        users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue []
        users.flatten!.uniq!
      end
      users
    end
    
  end
  
  module PermissionUnility
  private
    def check_permission(type = :use)
      permission_grant =  current_user.admin?? true : false
      module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
      unless permission_grant
        permission_grant = case type
        when :use
          users_ary = module_app.app_auth.auth_users rescue nil
          users_ary = [] if users_ary.nil?
          (users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user))
        when :manager
          module_app.is_manager?(current_user)
        when :sub_manager  
          module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)
        end  
      end
      permission_grant
    end
    
  end
end
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`module OrbitCoreLib`
			`module ObjectAuthable`
			`def self.included(base)`
			`base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")`

			`base.define_singleton_method :authed_for_user do \|user,title = nil\|`
			`sub_role_ids_ary=user.sub_roles.collect{\|t\| t.id}`
			`if title.nil?`
			`auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)`
			`else`
			`auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)`
			`end`

			`query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)`
			`query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id)`
			`result = (query1 + query2).uniq`
			`result.collect{\|t\| t.obj_authable}`
			`end`

			`end`

			`def authed_users(title=nil)`
			`users = []`
			`unless title.nil?`
			`users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue []`
			`else`
			`users = self.object_auths.collect{\|t\| t.auth_users_after_block_list} rescue []`
			`users.flatten!.uniq!`
			`end`
			`users`
			`end`

			`end`
First version for App and Object auth.Taking Announcement as experiment 2012-02-15 10:20:44 +00:00
			`module PermissionUnility`
			`private`
			`def check_permission(type = :use)`
			`permission_grant = current_user.admin?? true : false`
			`module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app`
			`unless permission_grant`
			`permission_grant = case type`
			`when :use`
			`users_ary = module_app.app_auth.auth_users rescue nil`
			`users_ary = [] if users_ary.nil?`
			`(users_ary.include?(current_user) \|\| module_app.is_manager?(current_user) \|\| module_app.is_sub_manager?(current_user))`
			`when :manager`
			`module_app.is_manager?(current_user)`
			`when :sub_manager`
			`module_app.is_manager?(current_user) \|\| module_app.is_sub_manager?(current_user)`
			`end`
			`end`
			`permission_grant`
			`end`

			`end`
Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as 1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity. 2012-02-09 09:48:51 +00:00			`end`