orbit-basic/app/controllers/admin/authorizations_controller.rb

151 lines
3.7 KiB
Ruby
Raw Normal View History

class Admin::AuthorizationsController < OrbitBackendController
before_filter :admin_or_manager
def index
@module_apps ||= ModuleApp.where(is_authorizable: true).order_by([:title, :asc])
if @module_apps && @module_apps.include?(@module_app)
if @type
case @type
when 'category', 'approval'
if @module_app.has_category
@objects = @module_app.categories
else
@error = t(:no_category)
end
else
@objects = @klass.all
end
unless @objects.blank?
@object ||= @objects.first
@users = @object.get_object_auth_by_title("#{@type}_#{@module_app.key}").auth_users
else
@error = t(:no_data)
end
else
@users = @module_app.managing_users
end
elsif @module_apps
@module_app = @module_apps.first
redirect_to admin_authorizations_url(@module_app.key)
else
redirect_to :root
end
end
def add(users)
unless users.blank?
if @type
if @object
object_auth = @object.get_object_auth_by_title("#{@type}_#{@module_app.key}")
add_users_to_object_auth(object_auth, users)
else
@error = t(:no_data)
end
else
add_managers(users) unless users.blank?
end
end
@users = users
render 'admin/authorizations/insert_users'
end
def add_users
users = User.find(params[:user_ids]) rescue []
add(users)
end
def add_roles
roles = Role.find(params[:role_ids]) rescue []
users = roles.inject([]) do |users, role|
users += role.users.all.entries
users
end
add(users)
end
def modal_select
existing_users = User.find(params[:ids]) rescue []
roles = Role.all
if @type
@object_id = @object.id if @object
@sorted_users = roles.inject({}) do |users, role|
users[role] = role.users.where(admin: false).not_guest_user - existing_users - @module_app.managing_users
users
end
else
@sorted_users = roles.inject({}) do |users, role|
users[role] = role.users.where(admin: false).not_guest_user - existing_users
users
end
end
end
def remove_users
@users = User.find(params[:ids]) rescue []
unless @users.blank?
if @type
if @object
object_auth = @object.get_object_auth_by_title("#{@type}_#{@module_app.key}")
remove_users_form_object_auth(object_auth, @users)
else
@error = t(:no_data)
end
else
remove_managers(@users)
end
end
render 'admin/authorizations/remove_users'
end
protected
def add_managers(users)
users.each do |user|
@module_app.assign_manager(user, current_user)
end
end
def add_users_to_object_auth(object_auth, users)
users.each do |user|
object_auth.add_user_to_privilege_list(user)
end
end
def remove_managers(users)
users.each do |user|
@module_app.remove_manager(user)
end
end
def remove_users_form_object_auth(object_auth, users)
users.each do |user|
object_auth.remove_user_from_privilege_list(user)
end
end
private
def admin_or_manager
setup_vars
authenticate_user!
user_is_manager?
end
def setup_vars
@module_app = ModuleApp.first(conditions: {:key => params[:module]} ) if params[:module]
@type = params[:type].underscore if params[:type]
if @type
@klass = @type.classify.constantize
@object = @klass.find(params[:id]) rescue nil
end
end
def user_is_manager?
unless is_admin?
@module_apps = current_user.managed_module_apps
redirect_to :root if @module_apps.blank?
end
end
end