Merge branch 'obj_auth'
This commit is contained in:
commit
3496a37a71
|
@ -0,0 +1,75 @@
|
|||
class Admin::ObjectAuthsController < ApplicationController
|
||||
layout "admin"
|
||||
before_filter :authenticate_user!
|
||||
# before_filter :is_admin? ,:only => :index
|
||||
|
||||
def index
|
||||
# if current_user.admin?
|
||||
@object_auths = ObjectAuth.all
|
||||
# else
|
||||
# @module_apps = current_user.managing_apps.collect{|t| t.managing_app}
|
||||
# end
|
||||
end
|
||||
|
||||
def new
|
||||
obj = eval(params[:type]).find params[:obj_id]
|
||||
@object_auth=obj.object_auths.build
|
||||
respond_to do |format|
|
||||
format.html # new.html.erb
|
||||
format.xml { render :xml => @post }
|
||||
end
|
||||
end
|
||||
|
||||
def create
|
||||
obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id]
|
||||
@object_auth=obj.object_auths.create :title=> params[:object_auth][:title]
|
||||
redirect_to edit_admin_object_auth_path(@object_auth)
|
||||
end
|
||||
|
||||
def create_role
|
||||
object_auth = ObjectAuth.find(params[:id])
|
||||
params[:new].each do |item|
|
||||
field = item[0]
|
||||
field_value = item[1]
|
||||
if field_value!=''
|
||||
case field
|
||||
when 'role'
|
||||
object_auth.send("add_#{field}",(Role.find field_value)) rescue nil
|
||||
when 'sub_role'
|
||||
object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
|
||||
when 'privilege_user'
|
||||
object_auth.add_user_to_privilege_list (User.find field_value) rescue nil
|
||||
when 'blocked_user'
|
||||
object_auth.add_user_to_black_list (User.find field_value) rescue nil
|
||||
end
|
||||
end
|
||||
end
|
||||
redirect_to edit_admin_object_auth_path(object_auth)
|
||||
end
|
||||
|
||||
def remove_role
|
||||
object_auth = ObjectAuth.find(params[:id])
|
||||
type = params[:type]
|
||||
field_value = params[:target_id]
|
||||
if field_value!=''
|
||||
case type
|
||||
when 'role'
|
||||
object_auth.remove_role(Role.find field_value) rescue nil
|
||||
when 'sub_role'
|
||||
object_auth.remove_sub_role(SubRole.find field_value) rescue nil
|
||||
when 'privilege_user'
|
||||
object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
|
||||
when 'blocked_user'
|
||||
object_auth.remove_user_from_black_list (User.find field_value) rescue nil
|
||||
end
|
||||
end
|
||||
redirect_to edit_admin_object_auth_path(object_auth)
|
||||
end
|
||||
|
||||
def edit
|
||||
@object_auth = ObjectAuth.find(params[:id])
|
||||
end
|
||||
|
||||
|
||||
|
||||
end
|
|
@ -1,94 +1,5 @@
|
|||
class AppAuth
|
||||
include Mongoid::Document
|
||||
include Mongoid::Timestamps
|
||||
# after_save :update_block_list,:update_privilage_list
|
||||
class AppAuth < PrototypeAuth
|
||||
|
||||
field :title
|
||||
field :token
|
||||
field :all ,type: Boolean,default: false
|
||||
belongs_to :module_app
|
||||
|
||||
belongs_to :users
|
||||
# belongs_to :users,as: :block_users, :inverse_of => :privilege_apps
|
||||
has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
|
||||
has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
|
||||
|
||||
|
||||
has_and_belongs_to_many :roles
|
||||
has_and_belongs_to_many :sub_roles
|
||||
|
||||
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
|
||||
|
||||
def add_role role
|
||||
add_operation(:roles,role)
|
||||
end
|
||||
|
||||
def add_sub_role role
|
||||
add_operation(:sub_roles,role)
|
||||
end
|
||||
|
||||
def remove_role role
|
||||
remove_operation(:roles,role)
|
||||
end
|
||||
|
||||
def remove_sub_role role
|
||||
remove_operation(:sub_roles,role)
|
||||
end
|
||||
|
||||
def add_user_to_black_list user
|
||||
add_operation(:blocked_users,user)
|
||||
end
|
||||
|
||||
def remove_user_from_black_list user
|
||||
remove_operation(:blocked_users,user)
|
||||
end
|
||||
|
||||
def add_user_to_privilege_list user
|
||||
add_operation(:privilege_users,user)
|
||||
end
|
||||
|
||||
def remove_user_from_privilege_list user
|
||||
remove_operation(:privilege_users,user)
|
||||
end
|
||||
|
||||
def remove_operation(item,obj)
|
||||
if (self.send item).include? obj
|
||||
(self.send item).delete obj
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user not existed in list
|
||||
end
|
||||
end
|
||||
|
||||
def add_operation(item,obj)
|
||||
unless (self.send item).include?(obj)
|
||||
(self.send item) << obj
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user existed in list already
|
||||
end
|
||||
end
|
||||
|
||||
def auth_users
|
||||
if self.all?
|
||||
User.all.entries
|
||||
else
|
||||
ary=[]
|
||||
[:roles,:sub_roles].each do |t_role|
|
||||
ary += (self.send t_role).collect do |role|
|
||||
role.users
|
||||
end
|
||||
end
|
||||
ary << self.privilege_users
|
||||
ary.flatten!.uniq
|
||||
end
|
||||
end
|
||||
|
||||
def auth_users_after_block_list
|
||||
auth_users - self.blocked_users
|
||||
end
|
||||
|
||||
# protected
|
||||
|
||||
|
||||
end
|
|
@ -0,0 +1,11 @@
|
|||
class ObjectAuth < PrototypeAuth
|
||||
|
||||
belongs_to :obj_authable, polymorphic: true
|
||||
# > - Something.find_with_auth(query)
|
||||
# > - or Something.find(query).auth
|
||||
def auth_obj
|
||||
class_obj = eval(self.obj_authable_type)
|
||||
class_obj.find self.obj_authable_id
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,93 @@
|
|||
class PrototypeAuth
|
||||
include Mongoid::Document
|
||||
include Mongoid::Timestamps
|
||||
# after_save :update_block_list,:update_privilage_list
|
||||
|
||||
field :title
|
||||
field :token
|
||||
field :all ,type: Boolean,default: false
|
||||
|
||||
belongs_to :users
|
||||
# belongs_to :users,as: :block_users, :inverse_of => :privilege_apps
|
||||
has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
|
||||
has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
|
||||
|
||||
|
||||
has_and_belongs_to_many :roles
|
||||
has_and_belongs_to_many :sub_roles
|
||||
|
||||
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
|
||||
|
||||
def add_role role
|
||||
add_operation(:roles,role)
|
||||
end
|
||||
|
||||
def add_sub_role role
|
||||
add_operation(:sub_roles,role)
|
||||
end
|
||||
|
||||
def remove_role role
|
||||
remove_operation(:roles,role)
|
||||
end
|
||||
|
||||
def remove_sub_role role
|
||||
remove_operation(:sub_roles,role)
|
||||
end
|
||||
|
||||
def add_user_to_black_list user
|
||||
add_operation(:blocked_users,user)
|
||||
end
|
||||
|
||||
def remove_user_from_black_list user
|
||||
remove_operation(:blocked_users,user)
|
||||
end
|
||||
|
||||
def add_user_to_privilege_list user
|
||||
add_operation(:privilege_users,user)
|
||||
end
|
||||
|
||||
def remove_user_from_privilege_list user
|
||||
remove_operation(:privilege_users,user)
|
||||
end
|
||||
|
||||
def remove_operation(item,obj)
|
||||
if (self.send item).include? obj
|
||||
(self.send item).delete obj
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user not existed in list
|
||||
end
|
||||
end
|
||||
|
||||
def add_operation(item,obj)
|
||||
unless (self.send item).include?(obj)
|
||||
(self.send item) << obj
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user existed in list already
|
||||
end
|
||||
end
|
||||
|
||||
def auth_users
|
||||
if self.all?
|
||||
User.all.entries
|
||||
else
|
||||
ary=[]
|
||||
[:roles,:sub_roles].each do |t_role|
|
||||
ary += (self.send t_role).collect do |role|
|
||||
role.users
|
||||
end
|
||||
end
|
||||
ary << self.privilege_users
|
||||
ary.flatten!.uniq
|
||||
end
|
||||
end
|
||||
|
||||
def auth_users_after_block_list
|
||||
auth_users - self.blocked_users
|
||||
end
|
||||
|
||||
# protected
|
||||
|
||||
|
||||
end
|
|
@ -0,0 +1,32 @@
|
|||
<div id="user_role_management">
|
||||
<h1>User Role</h1>
|
||||
<%= form_tag(submit_url) do %>
|
||||
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
||||
<%= submit_tag 'Add Role' %><br/>
|
||||
<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
|
||||
<%= submit_tag 'Add SubRole' %><br/>
|
||||
<%= collection_select(:new,:privilege_user, User.all, :id, :name, :prompt => true) %>
|
||||
<%= submit_tag 'Add PrivilegeList' %><br/>
|
||||
<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
|
||||
<%= submit_tag 'Add BlockedList' %><br/>
|
||||
<% end %>
|
||||
<ul>Roles </ul>
|
||||
<% unless auth.nil? %>
|
||||
<% auth.roles.each do |role| %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
|
||||
<%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'role',:target_id=>role.id),:method => :delete %></li>
|
||||
<% end %>
|
||||
<ul>Sub Roles </ul>
|
||||
<% auth.sub_roles.each do |role| %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'sub_role',:target_id=>role.id),:method => :delete %>
|
||||
<% end %>
|
||||
<ul>PrivilegeList </ul>
|
||||
<% auth.privilege_users.each do |user| %>
|
||||
<li> <%= user.name %> <%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'privilege_user',:target_id=>user.id),:method => :delete %> </li>
|
||||
<% end %>
|
||||
<ul>BlockedList </ul>
|
||||
<% auth.blocked_users.each do |user| %>
|
||||
<li> <%= user.name %><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'blocked_user',:target_id=>user.id),:method => :delete %> </li>
|
||||
<% end %>
|
||||
<% end %>
|
||||
</div>
|
|
@ -36,34 +36,5 @@
|
|||
</dd>
|
||||
</dl>
|
||||
</div>
|
||||
<div id="user_role_management">
|
||||
<h1>User Role</h1>
|
||||
<%= form_tag(admin_module_app_app_auths_path(@module_app),:method => :post) do %>
|
||||
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
||||
<%= submit_tag 'Add Role' %><br/>
|
||||
<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
|
||||
<%= submit_tag 'Add SubRole' %><br/>
|
||||
<%= collection_select(:new,:privilege_user, User.all, :id, :name, :prompt => true) %>
|
||||
<%= submit_tag 'Add PrivilegeList' %><br/>
|
||||
<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
|
||||
<%= submit_tag 'Add BlockedList' %><br/>
|
||||
<% end %>
|
||||
<ul>Roles </ul>
|
||||
<% unless @module_app.app_auth.nil? %>
|
||||
<% @module_app.app_auth.roles.each do |role| %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'role',role),:method => :delete %></li>
|
||||
<% end %>
|
||||
<ul>Sub Roles </ul>
|
||||
<% @module_app.app_auth.sub_roles.each do |role| %>
|
||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'sub_role',role),:method => :delete %>
|
||||
<% end %>
|
||||
<ul>PrivilegeList </ul>
|
||||
<% @module_app.app_auth.privilege_users.each do |user| %>
|
||||
<li> <%= user.name %> <%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'privilege_user',user),:method => :delete %> </li>
|
||||
<% end %>
|
||||
<ul>BlockedList </ul>
|
||||
<% @module_app.app_auth.blocked_users.each do |user| %>
|
||||
<li> <%= user.name %><%= link_to '[X]',remove_admin_module_app_app_auth_path(@module_app,@module_app.app_auth,'blocked_user',user),:method => :delete %> </li>
|
||||
<% end %>
|
||||
<% end %>
|
||||
</div>
|
||||
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth ,:submit_url=> admin_module_app_app_auths_path(@module_app),:ploy_route_ary=>['remove',:admin,@module_app,@module_app.app_auth] } %>
|
||||
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
<div class="auth_unit">
|
||||
<%= unit%>
|
||||
<div>
|
|
@ -0,0 +1,14 @@
|
|||
<% content_for :secondary do %>
|
||||
<% end %>
|
||||
|
||||
<!-- Remove if CSS done-->
|
||||
<br />
|
||||
<br />
|
||||
<br />
|
||||
<!-- Remove if CSS done-->
|
||||
<h3><%= @object_auth.title %></h3>
|
||||
|
||||
<%= render :partial => "admin/components/user_role_management", :locals => {
|
||||
:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
|
||||
|
||||
|
|
@ -0,0 +1,39 @@
|
|||
<% content_for :secondary do %>
|
||||
<% #render 'side_bar' %>
|
||||
<% end %>
|
||||
|
||||
<div class="main_list">
|
||||
<%= flash_messages %>
|
||||
<div class="button_bar up">
|
||||
<% #link_to t('admin.new_user'), new_admin_user_path, :class => 'new' %>
|
||||
</div>
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<td><%= t('admin.object_auth.title') %></td>
|
||||
<td><%= t('admin.object_auth.obj_type') %></td>
|
||||
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<% @object_auths.each do |object_auth| %>
|
||||
<tr>
|
||||
<td class="name"><%= object_auth.title %></td>
|
||||
<td class="name"><%= object_auth.obj_authable_type.to_s %></td>
|
||||
|
||||
<td class="action">
|
||||
<%= link_to t(:show), admin_object_auth_path(object_auth), :class => 'show' %>
|
||||
<%= link_to t(:edit), edit_admin_object_auth_path(object_auth), :class => 'edit' %>
|
||||
<%= link_to t(:delete), admin_object_auth_path(object_auth), :class => 'delete', :confirm => t('sure?'), :method => :delete %>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="5"></td>
|
||||
</tr>
|
||||
<% end %>
|
||||
</tbody>
|
||||
</table>
|
||||
<div class="button_bar">
|
||||
<%# link_to t('admin.new_user'), new_admin_user_path, :class => 'new' %>
|
||||
</div>
|
||||
</div>
|
|
@ -0,0 +1,23 @@
|
|||
<% content_for :secondary do %>
|
||||
<ul class="list">
|
||||
</ul>
|
||||
<% end -%>
|
||||
|
||||
<br/>
|
||||
<br/>
|
||||
<br/>
|
||||
<br/>
|
||||
|
||||
<%= flash_messages %>
|
||||
<h1><%= t('object_auth.new_object_auth') %></h1>
|
||||
<%= form_for @object_auth, :url => admin_object_auths_path do |f| %>
|
||||
<%= f.label :title %>
|
||||
<%= f.text_field :title, :class => 'text' %>
|
||||
<%= f.hidden_field :obj_id, :value => params[:obj_id] %>
|
||||
<%= f.hidden_field :type, :value => params[:type] %>
|
||||
|
||||
<%= submit_tag 'Add Auth' %><br/>
|
||||
|
||||
<% end %>
|
||||
|
||||
<%= link_back %>
|
|
@ -12,6 +12,16 @@ PrototypeR4::Application.routes.draw do
|
|||
namespace :admin do
|
||||
resources :assets
|
||||
resources :app_auths
|
||||
resources :object_auths do
|
||||
collection do
|
||||
match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
|
||||
end
|
||||
member do
|
||||
match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
|
||||
match 'remove/:type/:target_id' ,:action=> 'remove_role',:via => "delete",:as =>:remove
|
||||
end
|
||||
end
|
||||
|
||||
resources :ad_banners
|
||||
resources :designs do
|
||||
collection do
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
module OrbitCoreLib
|
||||
module ObjectAuthable
|
||||
def self.included(base)
|
||||
base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
|
||||
|
||||
base.define_singleton_method :authed_for_user do |user,title = nil|
|
||||
sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
|
||||
if title.nil?
|
||||
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
|
||||
else
|
||||
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
|
||||
end
|
||||
|
||||
query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
|
||||
query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id)
|
||||
result = (query1 + query2).uniq
|
||||
result.collect{|t| t.obj_authable}
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
def authed_users(title=nil)
|
||||
users = []
|
||||
unless title.nil?
|
||||
users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue []
|
||||
else
|
||||
users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue []
|
||||
users.flatten!.uniq!
|
||||
end
|
||||
users
|
||||
end
|
||||
|
||||
end
|
||||
end
|
|
@ -1,6 +1,8 @@
|
|||
class Post
|
||||
include Mongoid::Document
|
||||
include Mongoid::Timestamps
|
||||
include OrbitCoreLib::ObjectAuthable
|
||||
|
||||
field :title, :type => String
|
||||
field :body, :type => String
|
||||
embeds_many :comments
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
<tr>
|
||||
<td><%= post.title %></td>
|
||||
<td><%= truncate(post.body,:length=>15) %></td>
|
||||
<td><%= link_to t('blog.new_auth'), init_admin_object_auths_path("Post",post) %></td>
|
||||
<td><%= link_to t('blog.show'), panel_new_blog_back_end_post_path(post) %></td>
|
||||
<td><%= link_to t('blog.edit'), edit_panel_new_blog_back_end_post_path(post) %></td>
|
||||
<td><%= link_to t('blog.delete'), panel_new_blog_back_end_post_path(post), :confirm => t('blog.sure?'), :method => :delete %></td>
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
<%= flash_messages %>
|
||||
<h1><%= t('blog.new_post') %></h1>
|
||||
<%= form_for @post, :url => panel_new_blog_back_end_posts_path do |f| %>
|
||||
<%= render :partial => 'form', :locals => {:f => f} %>
|
||||
<%= f.text_field :title, :class => 'text' %>
|
||||
<% end %>
|
||||
|
||||
<%= link_back %>
|
||||
|
|
Loading…
Reference in New Issue