From 34e4928ee1441183ed8eeb043bb67efe83ac9e7e Mon Sep 17 00:00:00 2001 From: Harry Bomrah Date: Sat, 11 Aug 2012 17:28:49 +0800 Subject: [PATCH] authorization --- app/assets/javascripts/rss.js | 3 + app/views/layouts/_side_bar.html.erb | 2 +- .../app/assets/javascripts/galleryAPI.js.erb | 54 ++++++-- .../back_end/orbit_galleries_controller.rb | 58 ++++++-- .../back_end/gallery_categories_helper.rb | 16 +++ .../gallery/app/models/gallery_category.rb | 9 ++ .../orbit_galleries/categorylist.html.erb | 128 ++++++++++++------ .../back_end/orbit_galleries/index.html.erb | 26 ++-- .../gallery/config/locales/en.yml | 3 + 9 files changed, 222 insertions(+), 77 deletions(-) create mode 100644 vendor/built_in_modules/gallery/app/helpers/panel/gallery/back_end/gallery_categories_helper.rb diff --git a/app/assets/javascripts/rss.js b/app/assets/javascripts/rss.js index a82d86fa..b7e67fcb 100644 --- a/app/assets/javascripts/rss.js +++ b/app/assets/javascripts/rss.js @@ -346,6 +346,9 @@ getUrlVars : function(){ vars.push(hash[0]); vars[hash[0]] = hash[1]; } + if(vars[0] == window.location.href){ + vars =[]; + } return vars; }, /*function to open a modalwindow on a page.. self reliant no images, no css needed. diff --git a/app/views/layouts/_side_bar.html.erb b/app/views/layouts/_side_bar.html.erb index 614424d7..e6954af6 100644 --- a/app/views/layouts/_side_bar.html.erb +++ b/app/views/layouts/_side_bar.html.erb @@ -68,7 +68,7 @@ <% end -%> -<%= content_tag :li, :class => active_for_controllers('orbit_galleries','/panel/gallery/back_end/tags') do -%> +<%= content_tag :li, :class => active_for_controllers('orbit_galleries','/panel/gallery/back_end/tags') || active_for_app_auth("orbit_gallery") do -%> <%= link_to content_tag(:i, nil, :class => 'icons-picture') + t('admin.orbit_gallery'), panel_gallery_back_end_orbit_gallery_path %> <%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('orbit_galleries') ) do -%> <%#= content_tag :li, link_to(t('admin.ad.all_banners'), admin_ad_banners_path), :class => active_for_action('ad_banners', 'index') %> diff --git a/vendor/built_in_modules/gallery/app/assets/javascripts/galleryAPI.js.erb b/vendor/built_in_modules/gallery/app/assets/javascripts/galleryAPI.js.erb index b057a69d..b9bb3a47 100644 --- a/vendor/built_in_modules/gallery/app/assets/javascripts/galleryAPI.js.erb +++ b/vendor/built_in_modules/gallery/app/assets/javascripts/galleryAPI.js.erb @@ -4,6 +4,7 @@ var galleryAPI = function(){ this.urlVars = rcom.getUrlVars(); this.albumArea = $("#orbit_gallery"); this.loadArea = ""; + // this.authenticated = false; this.initialize = function(){ $(document).ready(function(){ bindHandlers(); @@ -19,6 +20,9 @@ var galleryAPI = function(){ }else if(typeof g.urlVars['edit']!= "undefined"){ g.editAlbum(g.urlVars['edit']); g.loadArea = "edit"; + }else if(typeof g.urlVars['tag']!= "undefined"){ + g.loadAlbums(g.urlVars['tag']); + g.loadArea = "albums"; }else{ g.loadAlbums("all"); g.loadArea = "albums"; @@ -28,7 +32,7 @@ var galleryAPI = function(){ $("#filter .filter_btns a").click(function(){ if(!$(this).hasClass("active")){ $(this).addClass("active"); - if(typeof g.urlVars['cat'] == "undefined") + if(g.urlVars.length == 0) window.location = "orbit_gallery?" + $(this).attr("href"); else window.location = window.location.href +"&"+ $(this).attr("href"); @@ -45,6 +49,22 @@ var galleryAPI = function(){ } }) } + $("#filter .filter-clear a").click(function(){ + var loc = window.location.href; + var url = null; + var forwhat = $(this).attr("for"); + $("#filter ."+forwhat+" a.active").each(function(){ + $(this).removeClass("active"); + url = loc.replace($(this).attr("href")+"&",""); + if(url == loc) + url = loc.replace($(this).attr("href"),""); + + if(url.charAt(url.length-1)=="&" || url.charAt(url.length-1)=="?") + url = url.substr(0,url.length-1); + loc = url; + }) + window.location = url; + }) } this.makeNewAlbum = function(){ $.get("add_album",function(html){ @@ -91,19 +111,29 @@ var galleryAPI = function(){ g.albumArea.find("#imgholder").empty(); var $addsign = $('
Add Album
'); $addsign.find("a").click(function(){g.makeNewAlbum();}) + if(id!="all"){ - var ids = []; + var cids = []; + var tids = []; + var href = null; var hashes = window.location.href.slice(window.location.href.indexOf('?') + 1).split('&'); for(var i = 0; i < hashes.length; i++){ hash = hashes[i].split('='); - ids.push(hash[1]); - var href = "cat="+hash[1]; + if(hash[0]=="cat"){ + cids.push(hash[1]); + href = "cat="+hash[1]; + }else if(hash[0]=="tag"){ + tids.push(hash[1]); + href = "tag="+hash[1]; + } $("#filter .filter_btns a[href='"+href+"']").addClass("active"); } + if(cids.length == 0) + cids = "all"; }else{ - var ids = "all"; + var cids = "all"; } - $.getJSON("get_albums",{cid:ids},function(categories){ + $.getJSON("get_albums",{cid:cids,tid:tids},function(categories){ $.each(categories,function(x,category){ $.each(category,function(i,album){ if(album.cover == "default") @@ -117,12 +147,13 @@ var galleryAPI = function(){ }) } this.loadImages = function(id){ - //'); @@ -401,6 +432,5 @@ var galleryAPI = function(){ bindHandlers(); }) } +} - -} \ No newline at end of file diff --git a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/orbit_galleries_controller.rb b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/orbit_galleries_controller.rb index a1441a8d..3a2a17f0 100644 --- a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/orbit_galleries_controller.rb +++ b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/orbit_galleries_controller.rb @@ -1,8 +1,14 @@ class Panel::Gallery::BackEnd::OrbitGalleriesController < OrbitBackendController - +include AdminHelper def index + if is_manager? || is_admin? || is_sub_manager? + @authenticated = true + else + @authenticated = false + end @categorylist = GalleryCategory.all @cid = params['cat'] + @tags = GalleryTag.all end def new_category @@ -28,7 +34,11 @@ class Panel::Gallery::BackEnd::OrbitGalleriesController < OrbitBackendController end def add_album - @categorylist = GalleryCategory.all + if is_manager? || is_admin? + @categorylist = GalleryCategory.all + elsif is_sub_manager? + @categorylist = GalleryCategory.authed_for_user(current_user,"new_album") + end render :layout => false end @@ -50,15 +60,41 @@ class Panel::Gallery::BackEnd::OrbitGalleriesController < OrbitBackendController def get_albums @categoryids = params["cid"] + @tags = params["tid"] @albums = Array.new if @categoryids == "all" - @albums << GalleryAlbum.all + if @tags + if @tags.kind_of?(Array) + @tags.each do |tag| + @albums << GalleryAlbum.where(tag_ids: tag) + end + else + @albums << GalleryAlbum.where(tag_ids: @tags) + end + else + @albums << GalleryAlbum.all + end else @categoryids.each do |id| category = GalleryCategory.find(id) - @albums << category.gallery_albums.all + if @tags + if @tags.kind_of?(Array) + @tags.each do |tag| + @albums << category.gallery_albums.where(tag_ids: tag) + end + else + @albums << category.gallery_albums.where(tag_ids: @tags) + end + else + @albums << category.gallery_albums.all + end end end + + + # @albums = GalleryAlbum.find("5017a7babd98eb049900000a") + # @albums.update_attributes({:tag_ids =>["501ba786bd98eb0232000126"]}) + render :json=>@albums.to_json end @@ -103,12 +139,14 @@ class Panel::Gallery::BackEnd::OrbitGalleriesController < OrbitBackendController end def edit_album - aid = params['aid'] - album = GalleryAlbum.find(aid) - @images = album.gallery_images.all - @album_name = album.name - @cover = album.cover - render :layout => false + if is_manager? || is_admin? || is_sub_manager? + aid = params['aid'] + album = GalleryAlbum.find(aid) + @images = album.gallery_images.all + @album_name = album.name + @cover = album.cover + render :layout => false + end end def set_cover diff --git a/vendor/built_in_modules/gallery/app/helpers/panel/gallery/back_end/gallery_categories_helper.rb b/vendor/built_in_modules/gallery/app/helpers/panel/gallery/back_end/gallery_categories_helper.rb new file mode 100644 index 00000000..36752353 --- /dev/null +++ b/vendor/built_in_modules/gallery/app/helpers/panel/gallery/back_end/gallery_categories_helper.rb @@ -0,0 +1,16 @@ +module Panel::Gallery::BackEnd::GalleryCategoriesHelper +include ActionView::Helpers::UrlHelper + + + def show_gallery_category_permission_link(gallery_category) + type = 'new_album' + oa = gallery_category.get_object_auth_by_title(type) + if oa.nil? + gallery_category.object_auths.new(title: type ).save + oa = gallery_category.get_object_auth_by_title(type) + end +# link_to t('announcement.bulletin.cate_auth'), edit_admin_object_auth_path(oa) + link_to t('gallery.cate_auth'),admin_object_auth_ob_auth_path(oa) + end + +end \ No newline at end of file diff --git a/vendor/built_in_modules/gallery/app/models/gallery_category.rb b/vendor/built_in_modules/gallery/app/models/gallery_category.rb index 283dc6c9..622ec4a4 100644 --- a/vendor/built_in_modules/gallery/app/models/gallery_category.rb +++ b/vendor/built_in_modules/gallery/app/models/gallery_category.rb @@ -2,7 +2,16 @@ class GalleryCategory include Mongoid::Document include Mongoid::Timestamps + include OrbitCoreLib::ObjectAuthable + + ObjectAuthTitlesOptions = %W{new_album} + APP_NAME = "album" + field :name, localize: true has_many :gallery_albums, :autosave => true, :dependent => :destroy + + def pp_object + name + end end \ No newline at end of file diff --git a/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/categorylist.html.erb b/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/categorylist.html.erb index 6ca50113..1103206b 100644 --- a/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/categorylist.html.erb +++ b/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/categorylist.html.erb @@ -1,51 +1,89 @@ - +
+ <% @categorylist.each do |category| %> +
+
+ + <% @site_valid_locales.each do |locale| %> + <%= category.name_translations[locale] %> + <% end %> +
+
+ <%= t("gallery.delete") %> + <%= t("gallery.edit") %> + <%= show_gallery_category_permission_link(category) %> +
+
+ <% end %> +
+
+
+ <%= t("gallery.new_category")+"["+ t("gallery.english")+"]" %> : + <%= t("gallery.new_category") +"["+ t("gallery.chinese")+"]" %> : + <%= t("gallery.save") %> +
+
\ No newline at end of file diff --git a/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/index.html.erb b/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/index.html.erb index 2ac01b05..0d976fbd 100644 --- a/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/index.html.erb +++ b/vendor/built_in_modules/gallery/app/views/panel/gallery/back_end/orbit_galleries/index.html.erb @@ -1,8 +1,6 @@ -<% content_for :page_specific_javascript do %> - <%= javascript_include_tag "galleryAPI" %> -<% end %> <%= stylesheet_link_tag "gallery" %> + +<% content_for :page_specific_javascript do %> + <%= javascript_include_tag "galleryAPI" %> +<% end %> \ No newline at end of file + + + + + + diff --git a/vendor/built_in_modules/gallery/config/locales/en.yml b/vendor/built_in_modules/gallery/config/locales/en.yml index abdff615..bb1fd9b1 100644 --- a/vendor/built_in_modules/gallery/config/locales/en.yml +++ b/vendor/built_in_modules/gallery/config/locales/en.yml @@ -22,4 +22,7 @@ en: del_album?: "Delete this album?" album_not_found: "Album not found" pic_not_found: "Picture not found" + save: Save + cate_auth: Category Authorization + cancel: Cancel