From 17caa7cb1ba400cb1ca6c9eea59afe68d0198bc5 Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Mon, 13 Feb 2012 17:33:48 +0800
Subject: [PATCH 01/13] Exp with object_auth

---
 app/controllers/admin/app_auths_controller.rb |  4 +-
 .../admin/module_apps_controller.rb           |  4 ++
 .../admin/object_auths_controller.rb          |  1 +
 app/models/prototype_auth.rb                  |  6 +--
 .../admin/attributes/_app_selector.html.erb   |  1 +
 app/views/admin/module_apps/show.html.erb     | 37 ++++++++++++++
 app/views/admin/object_auths/new.html.erb     |  3 +-
 .../back_end/bulletins_controller.rb          |  2 +-
 .../back_end/fact_checks_controller.rb        | 29 +++++++++++
 .../announcement/app/models/bulletin.rb       |  1 +
 .../app/models/bulletin_category.rb           |  4 ++
 .../_bulletin_category.html.erb               |  6 +++
 .../back_end/bulletins/_bulletins.html.erb    | 15 +++++-
 .../back_end/bulletins/index.html.erb         |  2 +
 .../back_end/fact_checks/_list_table.html.erb | 15 ++++++
 .../back_end/fact_checks/index.html.erb       | 51 +++++++++++++++++++
 .../announcement/config/routes.rb             |  1 +
 17 files changed, 174 insertions(+), 8 deletions(-)
 create mode 100644 app/views/admin/attributes/_app_selector.html.erb
 create mode 100644 app/views/admin/module_apps/show.html.erb
 create mode 100644 vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
 create mode 100644 vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb
 create mode 100644 vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb

diff --git a/app/controllers/admin/app_auths_controller.rb b/app/controllers/admin/app_auths_controller.rb
index cb3340fd..56d0ae23 100644
--- a/app/controllers/admin/app_auths_controller.rb
+++ b/app/controllers/admin/app_auths_controller.rb
@@ -66,6 +66,8 @@ class Admin::AppAuthsController < ApplicationController
     @module_app = ModuleApp.find(params[:id])
   end
   
-  
+  def show
+    @module_app = ModuleApp.find(params[:id])
+  end
 
 end
\ No newline at end of file
diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb
index 56c2523f..a350c28b 100644
--- a/app/controllers/admin/module_apps_controller.rb
+++ b/app/controllers/admin/module_apps_controller.rb
@@ -20,6 +20,10 @@ class Admin::ModuleAppsController < ApplicationController
     @module_app = ModuleApp.find(params[:id])
   end
   
+  def show
+    @module_app = ModuleApp.find(params[:id])
+    
+  end
   
   def update
     @module_app = ModuleApp.find(params[:id])
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index ce404e53..3bff4374 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -14,6 +14,7 @@ class Admin::ObjectAuthsController < ApplicationController
   def new
     obj = eval(params[:type]).find params[:obj_id]
     @object_auth=obj.object_auths.build
+    @object_auth_title_option = eval(params[:type]+"::ObjectAuthTitlesOptions")
     respond_to do |format|
       format.html # new.html.erb
       format.xml  { render :xml => @post }
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
index 734268c4..893f402b 100644
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@@ -68,7 +68,7 @@ class PrototypeAuth
     end
   end
   
-  def auth_users
+  def auth_users_before_block_list
     if self.all?
       User.all.entries
     else
@@ -83,8 +83,8 @@ class PrototypeAuth
     end
   end
   
-  def auth_users_after_block_list
-    auth_users - self.blocked_users
+  def auth_users
+    auth_users_before_block_list - self.blocked_users
   end
   
  # protected
diff --git a/app/views/admin/attributes/_app_selector.html.erb b/app/views/admin/attributes/_app_selector.html.erb
new file mode 100644
index 00000000..c20a3885
--- /dev/null
+++ b/app/views/admin/attributes/_app_selector.html.erb
@@ -0,0 +1 @@
+<%= f.select :module_app_id, @apps.collect { |t| [t.title.capitalize, t.id] }, {:include_blank => true} ,{:rel => admin_module_apps_path }  %>
diff --git a/app/views/admin/module_apps/show.html.erb b/app/views/admin/module_apps/show.html.erb
new file mode 100644
index 00000000..27cfbc1a
--- /dev/null
+++ b/app/views/admin/module_apps/show.html.erb
@@ -0,0 +1,37 @@
+<br /><br /><br /><br />
+<%=@module_app.key %><br />
+<%=@module_app.title %><br />
+<%=@module_app.version %><br />
+<%=@module_app.organization %><br />
+<%=@module_app.author %><br />
+<%=@module_app.intro %><br />
+<%=@module_app.update_info %><br />
+<%=@module_app.create_date %><br />
+<%=@module_app.enable_frontend%><br />
+<%=@module_app.app_pages%><br />
+<%=@module_app.widgets%><br />
+
+Mangers:
+<ul>
+	<% @module_app.managers.each do |manager|%>
+		<li><%= manager.user.name %></li>
+	<%end%>
+</ul>
+
+
+SubManagers:
+<div>
+	<% @module_app.sub_managers.each do |manager|%>
+		<%= manager.user.name %>
+	<%end%>
+</div>
+<br />
+
+All User?:<%= @module_app.app_auth.all %><br />
+Blocked Users:<%= @module_app.app_auth.blocked_users.collect{|t| t.name} %><br />
+Privilege Users:<%= @module_app.app_auth.privilege_users.collect{|t| t.name}%><br />
+User Roles:<%= @module_app.app_auth.roles.collect{|t| t.key} %><br />
+User Sub Roles:<%= @module_app.app_auth.sub_roles.collect{|t| t.key} %><br />
+
+Available users after calculation:
+<%= @module_app.app_auth.auth_users.collect{|user| user.name}.join(',') %>
diff --git a/app/views/admin/object_auths/new.html.erb b/app/views/admin/object_auths/new.html.erb
index 25fd6fd5..b5b381fb 100644
--- a/app/views/admin/object_auths/new.html.erb
+++ b/app/views/admin/object_auths/new.html.erb
@@ -12,7 +12,8 @@
 <h1><%= t('object_auth.new_object_auth') %></h1>
 <%= form_for @object_auth, :url => admin_object_auths_path do |f| %>
 	<%= f.label :title   %>
-	<%= f.text_field :title, :class => 'text'   %>
+	<%= f.select :title,@object_auth_title_option  %>
+	
 	<%= f.hidden_field :obj_id, :value => params[:obj_id]   %>
 	<%= f.hidden_field :type, :value => params[:type]   %>
 
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
index c28e7e54..02135d66 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@@ -99,7 +99,7 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
 	end
 
     respond_to do |format|
-      if @bulletin.update_attributes(params[:bulletin])
+      if @bulletin.update_attributes(params[:bulletin]) && @bulletin.save
         # format.html { redirect_to(panel_announcement_back_end_bulletin_url(@bulletin), :notice => t('bulletin.update_bulletin_success')) }
         format.html { redirect_to(panel_announcement_back_end_bulletins_url, :notice => t('bulletin.update_bulletin_success')) }
 		format.js  { render 'toggle_enable' }
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
new file mode 100644
index 00000000..ef7e1943
--- /dev/null
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -0,0 +1,29 @@
+class Panel::Announcement::BackEnd::FactChecksController  < ApplicationController
+  layout 'admin'
+  
+  def index
+    @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
+    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'check')
+  end
+  
+  def new
+    
+  end
+  
+  def create
+    
+  end
+  
+  def update
+    
+  end
+  
+  def edit
+    
+  end
+  
+  def destroy
+    
+  end
+  
+end
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin.rb b/vendor/built_in_modules/announcement/app/models/bulletin.rb
index 4b621faf..6246f50c 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin.rb
@@ -7,6 +7,7 @@ class Bulletin
   
   # field :category_id, :type => Integer
   field :title
+  field :status , :type=> Boolean
   # has_one :title_variable, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
   # has_one :subtitle_variable, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
   # has_one :text_variable, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index f5da3ad7..152a6b57 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -3,6 +3,10 @@
 class BulletinCategory
   include Mongoid::Document
   include Mongoid::Timestamps
+  include OrbitCoreLib::ObjectAuthable
+  
+  ObjectAuthTitlesOptions = %W{preview fact_check}
+  
   # include Mongoid::MultiParameterAttributes
   
   PAYMENT_TYPES = [ "List", "Picture" ]
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
index 57998770..2e0e7ddf 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
@@ -6,6 +6,12 @@
 	<% end %>
 	<td><%= bulletin_category.display %></td>
 	<td>
+	<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category) %>  <br/ >
+	<% bulletin_category.object_auths.each do |obj_auth| %>
+		 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
+	<% end %>
+	</td>
+	<td>
 	<%= link_to t('bulletin_category.edit'), edit_panel_announcement_back_end_bulletin_category_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.quick_edit'), panel_announcement_back_end_bulletin_category_quick_edit_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.delete'), panel_announcement_back_end_bulletin_category_path(bulletin_category), :confirm => t('announcement.sure?'), :method => :delete, :remote => true %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb
index f94cac5b..e7f17709 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb
@@ -1,12 +1,23 @@
 
 <tr id="<%= dom_id post %>">
-	<td></td>
+	<td><% if (fact_check_allow rescue false) %>
+		<%#= link_to("#{post?? 'Check': 'Checked'}",panel_announcement_back_end_bulletin_path ) %>
+		<% attribute_type = "post"   %>
+		<% attribute = post %>
+		<%= link_to t(:ClickToCheck), panel_announcement_back_end_bulletin_path(attribute, :authenticity_token => form_authenticity_token, :bulletin => {:status => true}), :remote => true, :method => :put, :id => "disable_#{attribute.id}", :style => "display:#{attribute.status ? 'none' : ''}", :class => 'switch' %>
+	  <%= link_to t(:ClickToUnCheck), panel_announcement_back_end_bulletin_path(attribute, :authenticity_token => form_authenticity_token, :bulletin => {:status => false}), :remote => true, :method => :put, :id => "enable_#{attribute.id}", :style => "display:#{attribute.status ? '' : 'none'}", :class => 'switch' %>
+		
+		<% end %>
+		
+	</td>
 	<td><%= post.bulletin_category.i18n_variable[I18n.locale] %></td>
 	<td><%#= link_to post.title, panel_announcement_front_end_bulletin_path(post) %>
 	<%= link_to post.title, panel_announcement_back_end_bulletin_path(post) %>
 	</td>
 	<td><%= post.postdate %></td>
-	<td><%= (post.deadline) ? post.deadline : t('bulletin.no_deadline') %></td>
+	<td>
+	<%= (post.deadline) ? post.deadline : t('bulletin.no_deadline') %>
+	</td>
 	<td>
 	<%= link_to t('bulletin.edit'), edit_panel_announcement_back_end_bulletin_path(post) %> | 
 	
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index 3de0b1c2..59f126a0 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -8,6 +8,8 @@
 	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
 	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
 	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %></li>
+	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %></li>
+	
   </ul>
 <% end -%>
 
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb
new file mode 100644
index 00000000..59bac03a
--- /dev/null
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb
@@ -0,0 +1,15 @@
+<h1><%= bulletin_category.key %></h1>
+<table>
+  <tr>
+	<th><%= t('bulletin.status') %></th>
+	<th><%= t('bulletin.category') %></th>
+	<th><%= t('bulletin.title') %></th>
+	<th><%= t('bulletin.postdate') %></th>
+	<th><%= t('bulletin.deadline') %></th>
+	<th><%= t('bulletin.action') %></th>
+  </tr>
+
+<% bulletin_category.bulletins.each do |post| %>
+	<%= render :partial => 'panel/announcement/back_end/bulletins/bulletins', :locals => {:post => post,:fact_check_allow=>true} %>
+<% end %>	
+</table>
\ No newline at end of file
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
new file mode 100644
index 00000000..65ebeb28
--- /dev/null
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -0,0 +1,51 @@
+<% content_for :secondary do %>
+<br />
+<br />
+<br />
+<br />
+<br />
+  <ul class="list">
+	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
+	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
+	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %></li>
+	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %></li>
+	
+  </ul>
+<% end -%>
+
+<%= flash_messages %>
+
+<br />
+<br />
+<br />
+<br />
+<br />
+  
+  <fieldset><legend><%= t('bulletin.search') %></legend>	
+
+  <%= form_for :bulletin, :action => 'search', :method => 'get', :url => panel_announcement_back_end_bulletins_path do |f| %>
+  
+  <%#= f.select :bulletin_category_id, @bulletin_categorys.collect {|t| [ t.i18n_variable[I18n.locale], t.id ] },{ :include_blank => t('bulletin.select') }%>
+  
+  Category <%#= select_tag "category_id", options_for_select(@bulletin_categorys.collect{|t| [t.i18n_variable[I18n.locale], t.id]}), :prompt => t('bulletin.select') %>
+  
+  KeyWord <%#= text_field_tag :search, params[:search], :id => 'search_field' %>
+  
+  <%= submit_tag "Search", :name => nil %> 
+  
+  <% end %>
+
+  
+  </fieldset>
+
+<br />
+<br />
+
+<h1><%= t('bulletin.list_announcement') %></h1>
+
+	<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
+	
+	<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
+
+<br />
+
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index 05554bab..88bc3ae2 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -3,6 +3,7 @@ Rails.application.routes.draw do
   namespace :panel do
     namespace :announcement do
       namespace :back_end do
+        resources :fact_checks
         root :to => "bulletins#index"
         resources :bulletins
 		resources :bulletin_categorys, :controller => 'bulletin_categorys' do

From 5640e07733834099d76c5a89def137f8ea2de451 Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Wed, 15 Feb 2012 18:20:44 +0800
Subject: [PATCH 02/13] First version for App and Object auth.Taking
 Announcement as experiment

---
 .../admin/object_auths_controller.rb          | 12 ++++++++--
 app/controllers/obit_frontend_controller.rb   |  3 ---
 app/controllers/obit_widget_controller.rb     |  3 ---
 app/controllers/orbit_backend_controller.rb   | 24 +++++++++++++++++++
 ...=> orbit_frontend_component_controller.rb} |  2 +-
 app/controllers/orbit_frontend_controller.rb  |  3 +++
 app/controllers/orbit_widget_controller.rb    |  3 +++
 app/helpers/admin/app_auth_helper.rb          |  5 ++++
 app/helpers/admin_helper.rb                   | 13 ++++++++++
 app/models/app_auth.rb                        |  1 +
 app/models/module_app.rb                      |  8 +++++++
 app/models/prototype_auth.rb                  |  2 +-
 .../admin/module_apps/_app_selector.html.erb  |  1 -
 app/views/admin/object_auths/edit.html.erb    |  2 +-
 config/routes.rb                              |  2 +-
 lib/orbit_core_lib.rb                         | 22 +++++++++++++++++
 lib/tasks/anc_tasks.rake                      | 22 +++++++++++++++++
 lib/tasks/dev.rake                            |  6 +++++
 .../announcement/announcement.json            |  2 +-
 .../back_end/announcements_controller.rb      | 13 ++++++----
 .../back_end/bulletin_categorys_controller.rb |  6 ++---
 .../back_end/bulletins_controller.rb          |  9 +++----
 .../back_end/fact_checks_controller.rb        |  5 ++--
 .../app/models/bulletin_category.rb           |  2 +-
 .../_bulletin_category.html.erb               | 16 +++++++------
 .../back_end/bulletins/index.html.erb         |  5 ++--
 .../back_end/fact_checks/index.html.erb       | 10 +++++---
 .../announcement/config/routes.rb             |  3 ++-
 .../lib/tasks/announcement_tasks.rake         |  4 ----
 .../new_blog/front_end/comments_controller.rb |  2 +-
 .../new_blog/front_end/posts_controller.rb    |  2 +-
 31 files changed, 161 insertions(+), 52 deletions(-)
 delete mode 100644 app/controllers/obit_frontend_controller.rb
 delete mode 100644 app/controllers/obit_widget_controller.rb
 create mode 100644 app/controllers/orbit_backend_controller.rb
 rename app/controllers/{obit_frontend_component_controller.rb => orbit_frontend_component_controller.rb} (73%)
 create mode 100644 app/controllers/orbit_frontend_controller.rb
 create mode 100644 app/controllers/orbit_widget_controller.rb
 delete mode 100644 app/views/admin/module_apps/_app_selector.html.erb
 create mode 100644 lib/tasks/anc_tasks.rake
 delete mode 100644 vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake

diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index 3bff4374..573409b6 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -1,8 +1,12 @@
 class Admin::ObjectAuthsController < ApplicationController
+  include OrbitCoreLib::PermissionUnility
   layout "admin"
   before_filter :authenticate_user!
+  before_filter :check_if_user_can_do_object_auth
 #  before_filter :is_admin? ,:only => :index
   
+
+  
   def index
     # if current_user.admin?
       @object_auths = ObjectAuth.all
@@ -70,7 +74,11 @@ class Admin::ObjectAuthsController < ApplicationController
   def edit
     @object_auth = ObjectAuth.find(params[:id])
   end
-  
-
 
+private
+  def check_if_user_can_do_object_auth
+    unless  check_permission(:manager)
+      render :nothing => true, :status => 403 
+    end
+  end
 end
\ No newline at end of file
diff --git a/app/controllers/obit_frontend_controller.rb b/app/controllers/obit_frontend_controller.rb
deleted file mode 100644
index fb42ac78..00000000
--- a/app/controllers/obit_frontend_controller.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-class ObitFrontendController< ObitFrontendComponentController
-
-end
\ No newline at end of file
diff --git a/app/controllers/obit_widget_controller.rb b/app/controllers/obit_widget_controller.rb
deleted file mode 100644
index e0a9746d..00000000
--- a/app/controllers/obit_widget_controller.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-class ObitWidgetController< ObitFrontendComponentController
-
-end
\ No newline at end of file
diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb
new file mode 100644
index 00000000..49505c8f
--- /dev/null
+++ b/app/controllers/orbit_backend_controller.rb
@@ -0,0 +1,24 @@
+class OrbitBackendController< ApplicationController
+  before_filter :authenticate_user!
+  before_filter :setup_vars
+ # before_filter {|c| c.front_end_available(@app_title)}
+  before_filter :check_user_can_use,:except => [:public]
+  include OrbitCoreLib::PermissionUnility
+  
+  layout 'admin'
+  
+  def setup_vars
+    @app_title = request.fullpath.split('/')[2]
+    @module_app = ModuleApp.first(conditions: {:key => @app_title} )
+    
+  end
+  
+  private
+  
+  def check_user_can_use 
+    unless check_permission
+      redirect_to polymorphic_path(['panel',@app_title,'back_end','public'])
+    end
+  end
+  
+end
\ No newline at end of file
diff --git a/app/controllers/obit_frontend_component_controller.rb b/app/controllers/orbit_frontend_component_controller.rb
similarity index 73%
rename from app/controllers/obit_frontend_component_controller.rb
rename to app/controllers/orbit_frontend_component_controller.rb
index 06bb06a5..0650c16f 100644
--- a/app/controllers/obit_frontend_component_controller.rb
+++ b/app/controllers/orbit_frontend_component_controller.rb
@@ -1,4 +1,4 @@
-class ObitFrontendComponentController< ApplicationController
+class OrbitFrontendComponentController< ApplicationController
   before_filter :setup_vars
   before_filter {|c| c.front_end_available(@app_title)}
   layout 'production'
diff --git a/app/controllers/orbit_frontend_controller.rb b/app/controllers/orbit_frontend_controller.rb
new file mode 100644
index 00000000..e1be8167
--- /dev/null
+++ b/app/controllers/orbit_frontend_controller.rb
@@ -0,0 +1,3 @@
+class OrbitFrontendController< OrbitFrontendComponentController
+
+end
\ No newline at end of file
diff --git a/app/controllers/orbit_widget_controller.rb b/app/controllers/orbit_widget_controller.rb
new file mode 100644
index 00000000..c2be4691
--- /dev/null
+++ b/app/controllers/orbit_widget_controller.rb
@@ -0,0 +1,3 @@
+class ObitWidgetController< OrbitFrontendComponentController
+
+end
\ No newline at end of file
diff --git a/app/helpers/admin/app_auth_helper.rb b/app/helpers/admin/app_auth_helper.rb
index fe63a2a6..1a022e94 100644
--- a/app/helpers/admin/app_auth_helper.rb
+++ b/app/helpers/admin/app_auth_helper.rb
@@ -3,4 +3,9 @@ module Admin::AppAuthHelper
     link_to t(:enable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => true})"), :remote => true, :method => :put, :id => "disable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? 'none' : ''}", :class => 'switch' 
     link_to t(:disable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => false})"), :remote => true, :method => :put, :id => "enable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? '' : 'none'}", :class => 'switch'
   end
+  
+  def if_permitted_to(user,role)
+    
+  end
+  
 end
\ No newline at end of file
diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb
index 6ae3a213..021687da 100644
--- a/app/helpers/admin_helper.rb
+++ b/app/helpers/admin_helper.rb
@@ -5,4 +5,17 @@ module AdminHelper
     link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
   end
   
+  # Check if the current_user is manager in current module app
+  def is_manager?
+    @module_app.is_manager?(current_user) || is_admin?
+  end
+
+  # Check if the current_user is sub manager in current module app
+  def is_sub_manager?
+    @module_app.is_sub_manager?(current_user)|| is_admin?
+  end
+  
+  def is_admin?
+    current_user.admin?
+  end
 end
\ No newline at end of file
diff --git a/app/models/app_auth.rb b/app/models/app_auth.rb
index 5a3de60c..94af40bb 100644
--- a/app/models/app_auth.rb
+++ b/app/models/app_auth.rb
@@ -2,4 +2,5 @@ class AppAuth < PrototypeAuth
 
   belongs_to :module_app
   
+  
 end
\ No newline at end of file
diff --git a/app/models/module_app.rb b/app/models/module_app.rb
index d98ea206..6a678460 100644
--- a/app/models/module_app.rb
+++ b/app/models/module_app.rb
@@ -22,6 +22,14 @@ class ModuleApp
   
   before_save :set_key
   
+  def is_manager?(user)
+    managing_users.include?(user)
+  end
+  
+  def is_sub_manager?(user)
+    sub_managing_users.include?(user) || is_manager?(user)
+  end
+  
   def managing_users
     self.managers.collect{ |t| t.user }
   end
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
index 893f402b..6b22a1b3 100644
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@@ -16,7 +16,7 @@ class PrototypeAuth
   has_and_belongs_to_many :roles
   has_and_belongs_to_many :sub_roles
   
-  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
+  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
 
   def add_role role
     add_operation(:roles,role)
diff --git a/app/views/admin/module_apps/_app_selector.html.erb b/app/views/admin/module_apps/_app_selector.html.erb
deleted file mode 100644
index c20a3885..00000000
--- a/app/views/admin/module_apps/_app_selector.html.erb
+++ /dev/null
@@ -1 +0,0 @@
-<%= f.select :module_app_id, @apps.collect { |t| [t.title.capitalize, t.id] }, {:include_blank => true} ,{:rel => admin_module_apps_path }  %>
diff --git a/app/views/admin/object_auths/edit.html.erb b/app/views/admin/object_auths/edit.html.erb
index 67fb026e..fc824a64 100644
--- a/app/views/admin/object_auths/edit.html.erb
+++ b/app/views/admin/object_auths/edit.html.erb
@@ -11,4 +11,4 @@
 <%= render :partial => "admin/components/user_role_management", :locals => { 
 	:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
 
-
+<%= link_to 'Back to object',eval(@object_auth.obj_authable.class.to_s+"::AfterObjectAuthUrl")  %>
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index 9b653d7f..0d01eccb 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -14,7 +14,7 @@ PrototypeR4::Application.routes.draw do
     resources :app_auths 
     resources :object_auths  do
       collection do
-        match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
+        match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init
       end
       member do
         match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb
index bf1d66a3..2520e04c 100644
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@@ -31,4 +31,26 @@ module  OrbitCoreLib
     end
     
   end
+  
+  module PermissionUnility
+  private
+    def check_permission(type = :use)
+      permission_grant =  current_user.admin?? true : false
+      module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
+      unless permission_grant
+        permission_grant = case type
+        when :use
+          users_ary = module_app.app_auth.auth_users rescue nil
+          users_ary = [] if users_ary.nil?
+          (users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user))
+        when :manager
+          module_app.is_manager?(current_user)
+        when :sub_manager  
+          module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)
+        end  
+      end
+      permission_grant
+    end
+    
+  end
 end
diff --git a/lib/tasks/anc_tasks.rake b/lib/tasks/anc_tasks.rake
new file mode 100644
index 00000000..3145d119
--- /dev/null
+++ b/lib/tasks/anc_tasks.rake
@@ -0,0 +1,22 @@
+# encoding: utf-8 
+
+namespace :anc do
+  
+  task :build => :environment do
+    bulletin_category_1 = BulletinCategory.create(:key => "C1ChrisCheckANDPreivew",:display => "List" )
+    bulletin_category_1.create_i18n_variable(:en => "ChrisCheckANDPreivew", :zh_tw => 'ChrisCheckANDPreivew')
+    bulletin_category_2 = BulletinCategory.create(:key => "C2MattCheckANDPreivew",:display => "List"  )
+    bulletin_category_2.create_i18n_variable(:en => "MattCheckANDPreivew", :zh_tw => 'MattCheckANDPreivew')
+    bulletin_category_3 = BulletinCategory.create(:key => "C3MattCheckChrisPreview",:display => "List"  )
+    bulletin_category_3.create_i18n_variable(:en => "MattCheckChrisPreview", :zh_tw => 'MattCheckChrisPreview')
+    
+  
+    bulletin_1 = Bulletin.create(:title => "C1P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_1  )
+    bulletin_2 = Bulletin.create(:title => "C1P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_1  )
+    bulletin_3 = Bulletin.create(:title => "C2P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_2  )
+    bulletin_4 = Bulletin.create(:title => "C2P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_2  )
+    bulletin_5 = Bulletin.create(:title => "C3P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_3  )
+    bulletin_6 = Bulletin.create(:title => "C3P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_3  )
+  
+  end
+end
\ No newline at end of file
diff --git a/lib/tasks/dev.rake b/lib/tasks/dev.rake
index e6eabe1b..f1d1d78e 100644
--- a/lib/tasks/dev.rake
+++ b/lib/tasks/dev.rake
@@ -125,6 +125,12 @@ namespace :dev do
     AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[1].id, :key => 'last_name', :en => 'Fu', :zh_tw => '傅' )
     AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
     AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
+
+    user = User.create( :email => 'manager@rulingcom.com', :password => 'password', :password_confirmation => 'password', :admin => false, :role_id => r_2.id, :sub_role_ids => [sr_2_1.id ] )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[0].id, :key => 'first_name', :en => 'Manager', :zh_tw => '管理員' )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[1].id, :key => 'last_name', :en => 'Chen', :zh_tw => '陳' )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
     
     
     ad_banner = AdBanner.new(:title => 'banner_1',:post_date => Date.today,:context=> "context",:ad_fx=>'zoom',:direct_to_after_click=>true)
diff --git a/vendor/built_in_modules/announcement/announcement.json b/vendor/built_in_modules/announcement/announcement.json
index 9ad6951e..13e7e62c 100644
--- a/vendor/built_in_modules/announcement/announcement.json
+++ b/vendor/built_in_modules/announcement/announcement.json
@@ -1,5 +1,5 @@
 {
-	"title": "Announcement",
+	"title": "announcement",
   "version": "0.1",
   "organization": "Rulingcom",
   "author": "RD dep",
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb
index 8f88da9a..8faf23f6 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb
@@ -1,11 +1,12 @@
-class Panel::Announcement::BackEnd::AnnouncementsController < ApplicationController
-  
-  layout 'admin'
-  
-  def index
+class Panel::Announcement::BackEnd::AnnouncementsController < OrbitBackendController  
   
+  def public
+    render  :text => "This is an public_page need to be build"
   end
 
+  def index
+    
+  end
   # GET /announcements/1
   # GET /announcements/1.xml
   def show
@@ -76,4 +77,6 @@ class Panel::Announcement::BackEnd::AnnouncementsController < ApplicationControl
       format.xml  { head :ok }
     end
   end
+  
+
 end
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb
index 3bb7d54b..a9d26eb9 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb
@@ -1,7 +1,5 @@
-class Panel::Announcement::BackEnd::BulletinCategorysController < ApplicationController
-  
-  layout 'admin'
-  
+class Panel::Announcement::BackEnd::BulletinCategorysController < OrbitBackendController
+    
   def index
     @bulletin_categorys = BulletinCategory.all
     @bulletin_category = BulletinCategory.new(:display => 'List')
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
index 02135d66..2731ee39 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@@ -1,9 +1,6 @@
-class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
-  
-  layout 'admin'
-  
-  before_filter :authenticate_user!
-  before_filter :is_admin?
+class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
+    
+  #before_filter :is_admin?
 
   def index
     # @bulletins = Bulletin.all
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
index ef7e1943..1ef3b300 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -1,9 +1,10 @@
-class Panel::Announcement::BackEnd::FactChecksController  < ApplicationController
+class Panel::Announcement::BackEnd::FactChecksController  < OrbitBackendController
+  before_filter :authenticate_user!
   layout 'admin'
   
   def index
     @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
-    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'check')
+    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
   end
   
   def new
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index 152a6b57..1a086ebf 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -6,7 +6,7 @@ class BulletinCategory
   include OrbitCoreLib::ObjectAuthable
   
   ObjectAuthTitlesOptions = %W{preview fact_check}
-  
+  AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys'
   # include Mongoid::MultiParameterAttributes
   
   PAYMENT_TYPES = [ "List", "Picture" ]
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
index 2e0e7ddf..2cd097ed 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
@@ -5,13 +5,15 @@
 	<td><%= bulletin_category.i18n_variable[locale] rescue nil %></td>
 	<% end %>
 	<td><%= bulletin_category.display %></td>
-	<td>
-	<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category) %>  <br/ >
-	<% bulletin_category.object_auths.each do |obj_auth| %>
-		 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
-	<% end %>
-	</td>
-	<td>
+	<% if is_manager? %>
+		<td>
+		<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %>  <br/ >
+		<% bulletin_category.object_auths.each do |obj_auth| %>
+			 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
+		<% end %>
+		</td>
+		<td>
+	<% end %>	
 	<%= link_to t('bulletin_category.edit'), edit_panel_announcement_back_end_bulletin_category_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.quick_edit'), panel_announcement_back_end_bulletin_category_quick_edit_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.delete'), panel_announcement_back_end_bulletin_category_path(bulletin_category), :confirm => t('announcement.sure?'), :method => :delete, :remote => true %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index 59f126a0..72891095 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -7,9 +7,8 @@
   <ul class="list">
 	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
 	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
-	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %></li>
-	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %></li>
-	
+	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path if is_manager?%></li>
+	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path if is_sub_manager?%></li>
   </ul>
 <% end -%>
 
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
index 65ebeb28..0f42ed4b 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -42,10 +42,14 @@
 <br />
 
 <h1><%= t('bulletin.list_announcement') %></h1>
-
+<div id="preview_block">
+	<h1>Preview</h1>
 	<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
-	
+</div>
+===================================================================================================================
+<div id="check_block">	
+	<h1>Check Please</h1>
 	<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
-
+</div>
 <br />
 
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index 88bc3ae2..f0fd89d6 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -3,6 +3,7 @@ Rails.application.routes.draw do
   namespace :panel do
     namespace :announcement do
       namespace :back_end do
+        match 'public' => "announcements#public",:as => :public
         resources :fact_checks
         root :to => "bulletins#index"
         resources :bulletins
@@ -14,7 +15,7 @@ Rails.application.routes.draw do
         root :to => "bulletins#index"
         resources :bulletins
       end
-      namespace :widget do
+      namespace :widget do 
         root :to => "bulletins#index"
       end
     end
diff --git a/vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake b/vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake
deleted file mode 100644
index f097b1fa..00000000
--- a/vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake
+++ /dev/null
@@ -1,4 +0,0 @@
-# desc "Explaining what the task does"
-# task :announcement do
-#   # Task goes here
-# end
diff --git a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb
index 769f4665..9bb61778 100644
--- a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb
+++ b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb
@@ -1,4 +1,4 @@
-class Panel::NewBlog::FrontEnd::CommentsController < ObitFrontendController
+class Panel::NewBlog::FrontEnd::CommentsController < OrbitFrontendController
   def create
     @post = Post.find(params[:post_id])
     @comment = @post.comments.create!(params[:comment])
diff --git a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb
index 1aeb34b2..48b0c1c5 100644
--- a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb
+++ b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb
@@ -1,4 +1,4 @@
-class Panel::NewBlog::FrontEnd::PostsController < ObitFrontendController
+class Panel::NewBlog::FrontEnd::PostsController < OrbitFrontendController
   # GET /posts
   # GET /posts.xml
   def index

From d2689bc59c05a464626543fd8183a65e997337c2 Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Thu, 16 Feb 2012 13:57:28 +0800
Subject: [PATCH 03/13] fix bugs with token

---
 app/controllers/orbit_backend_controller.rb   |  1 -
 app/models/module_app.rb                      |  4 ++-
 app/models/object_auth.rb                     |  2 +-
 app/models/prototype_auth.rb                  |  5 ++--
 .../components/_user_role_management.html.erb |  3 +-
 config/environments/development.rb            | 30 +++++++++----------
 config/routes.rb                              |  2 +-
 lib/orbit_core_lib.rb                         | 22 ++++++++++++--
 .../_bulletin_category.html.erb               |  4 +--
 9 files changed, 46 insertions(+), 27 deletions(-)

diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb
index 49505c8f..d3639ebe 100644
--- a/app/controllers/orbit_backend_controller.rb
+++ b/app/controllers/orbit_backend_controller.rb
@@ -10,7 +10,6 @@ class OrbitBackendController< ApplicationController
   def setup_vars
     @app_title = request.fullpath.split('/')[2]
     @module_app = ModuleApp.first(conditions: {:key => @app_title} )
-    
   end
   
   private
diff --git a/app/models/module_app.rb b/app/models/module_app.rb
index 6a678460..b1b1237c 100644
--- a/app/models/module_app.rb
+++ b/app/models/module_app.rb
@@ -1,6 +1,7 @@
 class ModuleApp
   include Mongoid::Document
   include Mongoid::Timestamps
+  include OrbitCoreLib::ObjectTokenUnility
 
   field :key
 	field :title
@@ -14,7 +15,7 @@ class ModuleApp
   
   field :app_pages ,type: Array
   field :widgets ,type: Array
-  
+    
   has_many :managers,as: :managing_app ,:class_name => "AppManager" #,:dependent => :destroy,:foreign_key => "managing_app_id",:inverse_of => :managing_app
   has_many :sub_managers,as: :sub_managing_app ,:class_name => "AppManager"#, :dependent => :destroy,:foreign_key => "sub_managing_app_id",:inverse_of => :sub_managing_app
   
@@ -77,5 +78,6 @@ class ModuleApp
   def set_key
     self.key = self.title.underscore if self.title
   end
+
   
 end
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
index dab7acc7..f67f9984 100644
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@@ -1,5 +1,5 @@
 class ObjectAuth  < PrototypeAuth
-
+  include OrbitCoreLib::ObjectTokenUnility
   belongs_to :obj_authable, polymorphic: true
   # > - Something.find_with_auth(query)
   # > - or Something.find(query).auth
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
index 6b22a1b3..666bc7a8 100644
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@@ -4,7 +4,6 @@ class PrototypeAuth
  # after_save :update_block_list,:update_privilage_list
   
   field :title
-  field :token
   field :all ,type: Boolean,default: false
   
   belongs_to :users
@@ -12,12 +11,13 @@ class PrototypeAuth
   has_and_belongs_to_many :blocked_users,  :inverse_of => nil, :class_name => "User"
   has_and_belongs_to_many :privilege_users,  :inverse_of => nil, :class_name => "User"
 
-
   has_and_belongs_to_many :roles
   has_and_belongs_to_many :sub_roles
   
   attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
 
+
+
   def add_role role
     add_operation(:roles,role)
   end
@@ -87,7 +87,6 @@ class PrototypeAuth
     auth_users_before_block_list - self.blocked_users
   end
   
- # protected
   
 
 end
\ No newline at end of file
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index 59307351..ed7c3476 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,5 +1,7 @@
 <div id="user_role_management">
 	<h1>User Role</h1>
+	All User
+
 	<%= form_tag(submit_url) do %>
 		<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add Role' %><br/>
@@ -10,7 +12,6 @@
 		<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
 		<%= submit_tag 'Add BlockedList' %><br/>
 	<% end %>
-	<ul>Roles </ul>
 	<% unless auth.nil? %>
 		<% auth.roles.each do |role| %>
 			<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
diff --git a/config/environments/development.rb b/config/environments/development.rb
index d1b671e5..549fc11e 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -24,21 +24,21 @@ PrototypeR4::Application.configure do
   config.action_dispatch.best_standards_support = :builtin  
 
 
-  config.middleware.use ExceptionNotifier,
-    :email_prefix => "[R4_error]",
-    :sender_address => %{"notifier" <redmine@rulingcom.com>},
-    :exception_recipients => %w{chris@rulingcom.com}
-    
-  config.action_mailer.delivery_method = :smtp
-  config.action_mailer.smtp_settings = {
-    :tls => true,
-    :enable_starttls_auto => true,
-    :address => "smtp.gmail.com",
-    :port => '587',
-    :domain => "smtp.gmail.com",
-    :authentication => "plain",
-    :user_name => "redmine@rulingcom.com",
-    :password => "rulingredmine" }
+  # config.middleware.use ExceptionNotifier,
+  #   :email_prefix => "[R4_error]",
+  #   :sender_address => %{"notifier" <redmine@rulingcom.com>},
+  #   :exception_recipients => %w{chris@rulingcom.com}
+  #   
+  # config.action_mailer.delivery_method = :smtp
+  # config.action_mailer.smtp_settings = {
+  #   :tls => true,
+  #   :enable_starttls_auto => true,
+  #   :address => "smtp.gmail.com",
+  #   :port => '587',
+  #   :domain => "smtp.gmail.com",
+  #   :authentication => "plain",
+  #   :user_name => "redmine@rulingcom.com",
+  #   :password => "rulingredmine" }
 
 end
 
diff --git a/config/routes.rb b/config/routes.rb
index 0d01eccb..9b653d7f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -14,7 +14,7 @@ PrototypeR4::Application.routes.draw do
     resources :app_auths 
     resources :object_auths  do
       collection do
-        match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init
+        match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
       end
       member do
         match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb
index 2520e04c..561fceba 100644
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@@ -31,12 +31,28 @@ module  OrbitCoreLib
     end
     
   end
+  module  ObjectTokenUnility
+    def self.included(base)
+      base.instance_eval("field :s_token")
+      base.instance_eval("after_create :generate_token")
+    end
+    
+    def token
+      return self.s_token
+    end
+    
+    protected
+     def generate_token
+       self.s_token = ActiveSupport::SecureRandom.hex(16)
+       self.save!
+     end
+  end
   
   module PermissionUnility
   private
     def check_permission(type = :use)
       permission_grant =  current_user.admin?? true : false
-      module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
+      module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
       unless permission_grant
         permission_grant = case type
         when :use
@@ -51,6 +67,8 @@ module  OrbitCoreLib
       end
       permission_grant
     end
-    
+    def find_module_app_by_token(token)
+      ModuleApp.first(conditions: {s_token: token})
+    end
   end
 end
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
index 2cd097ed..e834ec60 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
@@ -7,9 +7,9 @@
 	<td><%= bulletin_category.display %></td>
 	<% if is_manager? %>
 		<td>
-		<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %>  <br/ >
+		<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,:token => @module_app.token) %>  <br/ >
 		<% bulletin_category.object_auths.each do |obj_auth| %>
-			 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
+			 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth,:token => @module_app.token)  %><br />
 		<% end %>
 		</td>
 		<td>

From 9305c2045cd28f69330a31d207a0e61f8db8053b Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Thu, 16 Feb 2012 14:59:26 +0800
Subject: [PATCH 04/13] add "all_user" for app&object auth

---
 app/controllers/admin/app_auths_controller.rb            | 5 ++++-
 app/controllers/admin/object_auths_controller.rb         | 5 ++++-
 .../admin/components/_user_role_management.html.erb      | 9 +++++++--
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/app/controllers/admin/app_auths_controller.rb b/app/controllers/admin/app_auths_controller.rb
index 56d0ae23..9e980e53 100644
--- a/app/controllers/admin/app_auths_controller.rb
+++ b/app/controllers/admin/app_auths_controller.rb
@@ -21,7 +21,10 @@ class Admin::AppAuthsController < ApplicationController
 
   def create
     app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id])
-    params[:new].each do |item|
+    auth_all = params[:auth_all] || false
+    app_auth.update_attribute(:all,auth_all)
+    new_array = params[:new] || []
+    new_array.each do |item|
       field = item[0]
       field_value = item[1]
       if field_value!=''
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index 573409b6..a7a8dc41 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -33,7 +33,10 @@ class Admin::ObjectAuthsController < ApplicationController
 
   def create_role
     object_auth = ObjectAuth.find(params[:id])
-    params[:new].each do |item|
+    auth_all = params[:auth_all] || false
+    object_auth.update_attribute(:all,auth_all)
+    new_array = params[:new] || []
+    new_array.each do |item|
       field = item[0]
       field_value = item[1]
       if field_value!=''
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index ed7c3476..99cd72d7 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,7 +1,12 @@
+<div id="open_for_all_user">
+	<h1>All User</h1>
+	<%= form_tag(submit_url) do %>
+	<%= check_box_tag 'auth_all',true,auth.all  %><%= submit_tag 'Add Role' %><br/>
+	<% end %>
+</div>
+
 <div id="user_role_management">
 	<h1>User Role</h1>
-	All User
-
 	<%= form_tag(submit_url) do %>
 		<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add Role' %><br/>

From 26cd6951dba43b1f6eaf5056160309c5c77a8716 Mon Sep 17 00:00:00 2001
From: Matt Fu <matt@rulingcom.com>
Date: Fri, 17 Feb 2012 17:50:23 +0800
Subject: [PATCH 05/13] change view and action for announcement ,Lin checked. 
 Also add validation for object_auth make sure for each object,the object will
 be unique for each action.

---
 .../admin/module_apps_controller.rb           |  4 ++--
 .../admin/object_auths_controller.rb          |  9 ++++++--
 app/models/object_auth.rb                     |  1 +
 .../components/_user_role_management.html.erb |  2 +-
 lib/tasks/user.rake                           |  2 +-
 .../back_end/announcements_controller.rb      |  4 ++--
 .../back_end/bulletins_controller.rb          |  9 ++++++--
 .../back_end/fact_checks_controller.rb        | 12 +++++++++--
 .../app/models/bulletin_category.rb           |  2 +-
 .../bulletin_categorys/index.html.erb         | 21 +++++++------------
 .../back_end/bulletin_categorys/new.html.erb  | 16 +++++++-------
 .../back_end/bulletins/edit.html.erb          | 15 ++++++++-----
 .../back_end/bulletins/index.html.erb         | 12 +----------
 .../back_end/bulletins/new.html.erb           | 15 +++++++------
 .../back_end/bulletins/show.html.erb          | 10 ++++++---
 .../back_end/fact_checks/index.html.erb       | 19 ++---------------
 .../announcement/config/routes.rb             |  1 +
 17 files changed, 76 insertions(+), 78 deletions(-)

diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb
index a350c28b..2386a1d1 100644
--- a/app/controllers/admin/module_apps_controller.rb
+++ b/app/controllers/admin/module_apps_controller.rb
@@ -100,7 +100,7 @@ class Admin::ModuleAppsController < ApplicationController
     end
       #user is not permited to do that
       flash[:notice] = t('admin.app_auth.operation_not_permitted')
-      redirect_to :action => "edit"   # [TODO] maybe need to redirect to some other page
+      render :nothing => true, :status => 403 
   end
   
   
@@ -112,7 +112,7 @@ class Admin::ModuleAppsController < ApplicationController
     end
       #user is not permited to do that
       flash[:notice] = t('admin.app_auth.operation_not_permitted')
-      redirect_to :action => "edit"   # [TODO] maybe need to redirect to some other page
+      render :nothing => true, :status => 403 
   end
   
 end
\ No newline at end of file
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index a7a8dc41..58219acf 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -27,8 +27,13 @@ class Admin::ObjectAuthsController < ApplicationController
   
   def create
     obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id]
-    @object_auth=obj.object_auths.create :title=> params[:object_auth][:title]
-    redirect_to edit_admin_object_auth_path(@object_auth)
+    @object_auth=obj.object_auths.build :title=> params[:object_auth][:title]
+    if @object_auth.save
+      redirect_to edit_admin_object_auth_path(@object_auth)
+    else
+      flash[:error] = t('admin.object.a_object_must_have_only_one_object_auth_profile_for_each_action')
+      redirect_to (:back)
+    end
   end
 
   def create_role
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
index f67f9984..8932bb76 100644
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@@ -1,5 +1,6 @@
 class ObjectAuth  < PrototypeAuth
   include OrbitCoreLib::ObjectTokenUnility
+  validates_uniqueness_of :obj_authable_type,:scope => :title #{ |c| }
   belongs_to :obj_authable, polymorphic: true
   # > - Something.find_with_auth(query)
   # > - or Something.find(query).auth
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index 99cd72d7..cd9ca8ae 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,7 +1,7 @@
 <div id="open_for_all_user">
 	<h1>All User</h1>
 	<%= form_tag(submit_url) do %>
-	<%= check_box_tag 'auth_all',true,auth.all  %><%= submit_tag 'Add Role' %><br/>
+	<%= check_box_tag 'auth_all',true,(auth.all rescue true)  %><%= submit_tag 'Add Role' %><br/>
 	<% end %>
 </div>
 
diff --git a/lib/tasks/user.rake b/lib/tasks/user.rake
index 31ed7c24..5189ee14 100644
--- a/lib/tasks/user.rake
+++ b/lib/tasks/user.rake
@@ -5,7 +5,7 @@ namespace :user do
     User.all(conditions: {email: /nor/}).destroy_all
     
     username_list = %w{nor1 nor2 nor3 nor4 nor5 nor6 nor7}
-    userfirstname_list_en = %w{ One Two Thre For Fiv Six Sen }
+    userfirstname_list_en = %w{ UserOne UserTwo Thre For Fiv Six Sen }
     userlastname_list_en = %w{ Aa Bb Cc Dd Ee Ff Gg }
     
     userfirstname_list_ct = %w{  一一 二二 三三 四四 五五 六六 七七 }
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb
index 8faf23f6..f7f51b4d 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/announcements_controller.rb
@@ -4,8 +4,8 @@ class Panel::Announcement::BackEnd::AnnouncementsController < OrbitBackendContro
     render  :text => "This is an public_page need to be build"
   end
 
-  def index
-    
+  def list_mine
+    @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
   end
   # GET /announcements/1
   # GET /announcements/1.xml
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
index 2731ee39..6880f8e6 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@@ -1,5 +1,5 @@
 class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
-    
+  include AdminHelper
   #before_filter :is_admin?
 
   def index
@@ -136,7 +136,12 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
   protected
   
   def get_categorys(id = nil)
-    @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
+    @bulletin_categorys = []
+    if(is_manager? || is_admin?)
+      @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
+    elsif is_sub_manager?
+      @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
+    end
   end
   
   
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
index 1ef3b300..dd471958 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -1,10 +1,18 @@
 class Panel::Announcement::BackEnd::FactChecksController  < OrbitBackendController
   before_filter :authenticate_user!
+  include AdminHelper
   layout 'admin'
   
   def index
-    @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
-    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
+    @bulletin_categorys_submit_new = []
+    @bulletin_categorys_check =[]
+    if is_admin? || is_manager?
+      #@bulletin_categorys_submit_new = BulletinCategory.all
+      @bulletin_categorys_check = BulletinCategory.all
+    # elsif is_sub_manager?
+    #   @bulletin_categorys_submit_new = BulletinCategory.authed_for_user(current_user,'submit_new')
+    #   @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
+    end
   end
   
   def new
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index 1a086ebf..ee2767f5 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -5,7 +5,7 @@ class BulletinCategory
   include Mongoid::Timestamps
   include OrbitCoreLib::ObjectAuthable
   
-  ObjectAuthTitlesOptions = %W{preview fact_check}
+  ObjectAuthTitlesOptions = %W{submit_new fact_check}
   AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys'
   # include Mongoid::MultiParameterAttributes
   
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
index 87a2993c..87b30a04 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
@@ -1,22 +1,17 @@
 <% content_for :secondary do %>
-<br />
-<br />
-<br />
-<br />
-<br />
-  <ul class="list">
-	  <li><%#= link_to t('bulletin_category.new_announcement_class'), new_panel_announcement_back_end_bulletin_category_path, :class => 'seclink1' %></li>
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
 
+<br />
+<br />
+<br />
+<br />
+<br />
+
 <h1><%= t('bulletin_category.list_announcement_class') %></h1>
-<br />
-<br />
-<br />
-<br />
-<br />
+
 <table id="bulletin_categorys">
   <tr>
     <th><%= t('bulletin_category.key') %></th>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
index 5f8d064b..296afb09 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
@@ -1,15 +1,15 @@
-<br />
-<br />
-<br />
-<br />
-
 <% content_for :secondary do %>
-  <ul class="list">
-	  <li><%= link_to t('bulletin_category.index'), panel_announcement_back_end_bulletin_categorys_path, :class => 'seclink2' %></li>
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
+
+<br />
+<br />
+<br />
+<br />
+<br />
+
 <h1><%= t('bulletin_category.new_announcement_class') %></h1>
 <%= form_for @bulletin_category, :url => panel_announcement_back_end_bulletin_categorys_path do |f| %>
 	<%= render :partial => 'form', :locals => {:f => f} %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
index 1bdd8063..9350d0fb 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
@@ -1,9 +1,14 @@
-<br />
-<br />
-<br />
-<br />
+<% content_for :secondary do %>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
+<% end -%>
 
-<h1><%= t('announcement.editing_announcement') %></h1>
+<%= flash_messages %>
+
+<br />
+<br />
+<br />
+<br />
+<br />
 
 <%= form_for @bulletin, :url => panel_announcement_back_end_bulletin_path(@bulletin) do |f| %>
 	<%= render :partial => 'form', :locals => {:f => f} %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index 72891095..dd88f5c0 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -1,15 +1,5 @@
 <% content_for :secondary do %>
-<br />
-<br />
-<br />
-<br />
-<br />
-  <ul class="list">
-	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
-	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
-	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path if is_manager?%></li>
-	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path if is_sub_manager?%></li>
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
index e23ecfba..d200bb66 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
@@ -1,15 +1,14 @@
-<br />
-<br />
-<br />
-<br />
-
 <% content_for :secondary do %>
-  <ul class="list">
-	  <li><%= link_to t('bulletin.index'), panel_announcement_back_end_bulletins_path, :class => 'seclink2' %></li>
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
+
+<br />
+<br />
+<br />
+<br />
+<br />
 <h1><%= t('bulletin.new_announcement') %></h1>
 <%= form_for @bulletin, :url => panel_announcement_back_end_bulletins_path do |f| %>
 	<%= render :partial => 'form', :locals => {:f => f} %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
index c3ba2c09..5aff4bbd 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
@@ -1,10 +1,14 @@
-<% # encoding: utf-8 %>
+<% content_for :secondary do %>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
+<% end -%>
+
+<%= flash_messages %>
 
 <br />
 <br />
 <br />
-
-<p id="notice"><%= flash_messages %></p>
+<br />
+<br />
 
 <ul>
 	<li>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
index 0f42ed4b..6f878b06 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -1,16 +1,5 @@
 <% content_for :secondary do %>
-<br />
-<br />
-<br />
-<br />
-<br />
-  <ul class="list">
-	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
-	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
-	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %></li>
-	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %></li>
-	
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
@@ -42,11 +31,7 @@
 <br />
 
 <h1><%= t('bulletin.list_announcement') %></h1>
-<div id="preview_block">
-	<h1>Preview</h1>
-	<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
-</div>
-===================================================================================================================
+
 <div id="check_block">	
 	<h1>Check Please</h1>
 	<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index f0fd89d6..a7b23ff0 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -5,6 +5,7 @@ Rails.application.routes.draw do
       namespace :back_end do
         match 'public' => "announcements#public",:as => :public
         resources :fact_checks
+        match 'list_mine' => "announcements#list_mine"
         root :to => "bulletins#index"
         resources :bulletins
 		resources :bulletin_categorys, :controller => 'bulletin_categorys' do

From 0a23ce7b24f3a83af6397c5210746a90d678f6fa Mon Sep 17 00:00:00 2001
From: Christophe Vilayphiou <chris.vilayphiou@gmail.com>
Date: Wed, 29 Feb 2012 12:00:16 +0800
Subject: [PATCH 06/13] Add missing i18n for announcement

---
 vendor/built_in_modules/announcement/config/locales/en.yml    | 1 +
 vendor/built_in_modules/announcement/config/locales/zh_tw.yml | 1 +
 2 files changed, 2 insertions(+)

diff --git a/vendor/built_in_modules/announcement/config/locales/en.yml b/vendor/built_in_modules/announcement/config/locales/en.yml
index 0f591413..1f544b28 100644
--- a/vendor/built_in_modules/announcement/config/locales/en.yml
+++ b/vendor/built_in_modules/announcement/config/locales/en.yml
@@ -32,6 +32,7 @@ en:
     list_announcement: List Announcement
     bulletin:
       category: Category
+      list_lower: " list"
       title: Title
       postdate: Postdate
   # admin:
diff --git a/vendor/built_in_modules/announcement/config/locales/zh_tw.yml b/vendor/built_in_modules/announcement/config/locales/zh_tw.yml
index 4ac92fa8..a9da545b 100644
--- a/vendor/built_in_modules/announcement/config/locales/zh_tw.yml
+++ b/vendor/built_in_modules/announcement/config/locales/zh_tw.yml
@@ -27,6 +27,7 @@ zh_tw:
     list_announcement: 公告列表
     bulletin:
       category: 分類
+      list_lower: 列表
       title: 標題
       postdate: 張貼日期
 #  admin:

From 5223a7a3e97e25bad2faa743574bcd258ac312e4 Mon Sep 17 00:00:00 2001
From: Christophe Vilayphiou <chris.vilayphiou@gmail.com>
Date: Wed, 29 Feb 2012 12:45:47 +0800
Subject: [PATCH 07/13] Css and js changes

---
 app/assets/javascripts/orbit-1.0.js  | 33 +++++++++++++++++++++++++---
 app/assets/stylesheets/style.css.erb | 18 ++++++++-------
 2 files changed, 40 insertions(+), 11 deletions(-)

diff --git a/app/assets/javascripts/orbit-1.0.js b/app/assets/javascripts/orbit-1.0.js
index 44183d11..a32f6c9f 100644
--- a/app/assets/javascripts/orbit-1.0.js
+++ b/app/assets/javascripts/orbit-1.0.js
@@ -9,6 +9,13 @@ function resize() {
 	}
 }
 $(document).ready(function(){
+	$(document).on('click', '.language-menu li', function(){
+		$(this).each(function(i){
+			$(this).siblings().removeClass('active')
+			$(this).addClass('active')
+		})
+		return false;
+	});
 	$(document).on('click', '.orbit-bar-member', function(){
 		$(this).hasClass('open') ? $(this).removeClass('open') : $(this).addClass('open');
 		$('.bar-login .dropdown-menu').toggle();
@@ -70,8 +77,28 @@ $(document).ready(function(){
 });
 $(window).resize(function(){
 	resize();
-	$('#main-sidebar').css("height", viewportheight-40);
-	$('#main-sidebar .viewport').css("height", viewportheight-40);
+	var $mainWrapMarginLeft = parseInt($('#main-wrap').css("margin-left"))-2;
+	$('#main-sidebar').css("height", viewportheight-30);
+	$('#main-sidebar .viewport').css("height", viewportheight-30);
 	$('.post-title').css("width", viewportwidth-495);
-	$('#main-sidebar').tinyscrollbar({ size:(viewportheight-44)});
+	$('#main-wrap > .subnav').css("width", viewportwidth-$mainWrapMarginLeft)
+	$('#main-sidebar').tinyscrollbar({size:(viewportheight-34)});
+	mainTablePosition()
+});
+/*main-table position*/
+function mainTablePosition() {
+	var $height = $('#main-wrap > .subnav').height()
+	var $table = $('#main-wrap > .table')
+	//alert ($table.height())
+	$table.stop().animate({marginTop:$height},500)
+	//$table.css({marginTop : $height})
+}
+$(window).scroll(function () {
+	//var $mainWrapMarginLeft = parseInt($('#main-wrap').css("margin-left"))-1;
+	//var $subnavWidth = parseInt($('#main-wrap > .subnav').css("width"));
+	var $winLeft = $(window).scrollLeft()
+	$(".table-label").css({left:$winLeft*-1} );
+	//$(".table-label").css({left:$mainWrapMarginLeft+($winLeft*-1)} );
+	//$("#main-wrap > .subnav").css({width:$subnavWidth+($winLeft)} );
+	//console.log($mainWrapMarginLeft+($winLeft*-1)+5);
 });
diff --git a/app/assets/stylesheets/style.css.erb b/app/assets/stylesheets/style.css.erb
index c5fcfcd1..912df36a 100644
--- a/app/assets/stylesheets/style.css.erb
+++ b/app/assets/stylesheets/style.css.erb
@@ -1,10 +1,10 @@
 @font-face{ 
 	font-family: 'WebSymbolsRegular';
-	src: url(<%= asset_path 'fonts/websymbols-regular-webfont.eot' %>);
-	src: url(<%= asset_path 'fonts/websymbols-regular-webfont.eot?#iefix' %>) format('embedded-opentype'),
-	     url(<%= asset_path 'fonts/websymbols-regular-webfont.woff' %>) format('woff'),
-	     url(<%= asset_path 'fonts/websymbols-regular-webfont.ttf' %>) format('truetype'),
-	     url(<%= asset_path 'fonts/websymbols-regular-webfont.svg#WebSymbolsRegular' %>) format('svg');
+	src: url(<%= asset_path 'websymbols-regular-webfont.eot' %>);
+	src: url(<%= asset_path 'websymbols-regular-webfont.eot?#iefix' %>) format('embedded-opentype'),
+	     url(<%= asset_path 'websymbols-regular-webfont.woff' %>) format('woff'),
+	     url(<%= asset_path 'websymbols-regular-webfont.ttf' %>) format('truetype'),
+	     url(<%= asset_path 'websymbols-regular-webfont.svg#WebSymbolsRegular' %>) format('svg');
 }
 .login-logo {
 	text-indent: -9999px;
@@ -78,6 +78,9 @@
 #orbit-bar .orbit-logo .dropdown-menu {
 	left: -15px;
 }
+#orbit-bar .nav > li {
+	height: 28px;
+}
 #orbit-bar .nav > li > a:hover {
 	background-color: rgba(0,157,220,1);
 }
@@ -121,7 +124,6 @@
 }
 #orbit-bar .nav span.member-name {
 	display: inline-block;
-	float: right;
 	line-height: 22px;
 	padding: 0 10px;
 }
@@ -212,7 +214,7 @@
 	padding-right: 4px;
 	border-right: 1px solid rgba(0,0,0,.2);
 	position:fixed;
-	top: 42px;
+	top: 32px;
 	z-index: 88;
 }
 #main-sidebar .nav {
@@ -250,7 +252,7 @@
 #main-wrap {
 	background-color: #FFF;
 	margin-left:160px;
-	padding-top: 42px;
+	padding-top: 32px;
 	padding-bottom: 18px;
 	position: relative;
 	min-height: 100%;

From 6b2aeadde6e98a1d3d8ed70a040b5b3bf8ca178e Mon Sep 17 00:00:00 2001
From: Christophe Vilayphiou <chris@rulingcom.com>
Date: Wed, 29 Feb 2012 16:01:50 +0800
Subject: [PATCH 08/13] Changes for nccu

---
 Gemfile                                       |    2 +-
 Gemfile.lock                                  |    4 +
 app/assets/images/nccu_logo.png               |  Bin 0 -> 1964 bytes
 app/assets/javascripts/orbit-1.0.js           |  201 +-
 app/assets/stylesheets/bootstrap.css.erb      |   29 +-
 app/assets/stylesheets/style.css.erb          | 1647 +++++++++--------
 app/views/layouts/_orbit_bar.html.erb         |   10 +-
 app/views/layouts/_side_bar.html.erb          |    4 +-
 config/application.rb                         |    2 +-
 config/environments/development.rb            |   28 +-
 config/locales/en.yml                         |    1 +
 config/locales/zh_tw.yml                      |    5 +-
 lib/parsers/parser_front_end.rb               |    2 +-
 .../front_end/bulletins_controller.rb         |    4 +-
 .../app/models/bulletin_category.rb           |    4 +
 .../front_end/bulletins/index.html.erb        |    6 +-
 .../widget/bulletins/index.html.erb           |    2 +-
 .../widget/web_links_controller.rb            |    4 +-
 18 files changed, 999 insertions(+), 956 deletions(-)
 create mode 100644 app/assets/images/nccu_logo.png

diff --git a/Gemfile b/Gemfile
index 9eca9186..eb1f5434 100644
--- a/Gemfile
+++ b/Gemfile
@@ -20,7 +20,7 @@ gem 'rubyzip'
 gem 'sinatra'
 gem 'sprockets'
 gem 'tinymce-rails'
-# gem 'therubyracer'
+gem 'therubyracer'
 
 # Gems used only for assets and not required
 # in production environments by default.
diff --git a/Gemfile.lock b/Gemfile.lock
index 18f66fbf..8889b1d5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -84,6 +84,7 @@ GEM
       railties (~> 3.0)
       thor (~> 0.14)
     json (1.6.5)
+    libv8 (3.3.10.4)
     linecache19 (0.5.12)
       ruby_core_source (>= 0.1.4)
     mail (2.3.0)
@@ -179,6 +180,8 @@ GEM
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
     subexec (0.2.1)
+    therubyracer (0.9.9)
+      libv8 (~> 3.3.10)
     thor (0.14.6)
     tilt (1.3.3)
     tinymce-rails (3.4.8)
@@ -234,6 +237,7 @@ DEPENDENCIES
   sinatra
   spork
   sprockets
+  therubyracer
   tinymce-rails
   uglifier
   watchr
diff --git a/app/assets/images/nccu_logo.png b/app/assets/images/nccu_logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..68b9a72f669226970e3634612793a79e99a2625f
GIT binary patch
literal 1964
zcmaJ?Yg7|w8Xh%;7zL#Cpn%9QNL!F3lf)2+iGYMi&>&*u5^Eus2}H<DoD34Mh&Mb7
z#4WZcS}xwDQWPl2ikB79x*`ZDMFqSea8MA@qTH6A-H8?3AIr`;Gw=6(=Xsv@eZTiP
zXEMV=S6a~=X#fCNNrFY;WL!wTPE-r>i&2NX$lyQ(MG@;T4Uw$C5g<T~DG^YjQ^X<R
zh(evRxgHS!z${QJiz1?=tNAKS$55Ct45Lm@vH?KgXVfcH2?zlykvJ_XgoZ9&fk3TV
z2t{(Guv8z2#A}07ab#U;s7#fbpz>8ie#=3DkxvTf5JCYOb&05fZxllBb@}Ale9VNv
z_YfjM2>nr1lr#(s#Bc=UGGMw2_J%=k7K6oE%H#38KsL;RnJ}BlV$)eXK8MYRVerEP
zk=byyh952xf5=7dgit&|==n@$a&j^wnZv;FI3~;2*VnAUX46Ro-H?J33L_mgxJ@aD
z5Q7TW>Ip4|f@Vd95=$b45LxLTE$H+gWl_V2Ya%a<X;kQ$ECy_DX$mNn{(q=W_YrL%
z!jV7g{hz`HS&ANEh9d?n30IMW)3}*a>G^>;q98C_hGB_Qw-^?W5ttz!(}RKQxL~9f
zRb$D9_h_k<FF_520#zXrkq{#J46Rnp7sEdA(xqaSH``|^ixtH3VT;%S+(3>f5a#)^
zcmY#f5vEGgAt*7$RsYFlPs=qML8m7(ix6D91yPG}Ob5Pin6I6-mLT!8dLOvz>1%<f
z<ub`)nC7wmWz17Yq<75AkESIzA8n7Iq}OrM)WrPkUjcvuNkjoMV}~h15<1{NF9~ei
zW!in6_DgiR=t<1N?LCwnyTt`$=&_jn1rX{FRj3q|%7ITd?6!5Hd^*Ny9v|Yi9qsmU
zrSI?9VpG=t?x#%~&O|ggw&3My4|D^?g;z`9tu1M#&CSgLrL=^16`X_1sImRO|Ndy=
z<bDNrVATHV&o2mmKhNXcZ@=Be9_}fW_yu=5J2`bepEEW#_5iy?>+Fxp2|0JT?GW*g
zn)>?sqP3@9y?WJ{JU=4$@qw>*%(b%e_})He1uc^q6BFZith}_P+$~C_(VQCe?;jb7
z@Vno0iSO7XnlXczU)D+Cc=sh|A<jqg;bpFycIqBfKMETzD=TXsstwuPPxTfER<D^8
zrg;74&7Gj`$;rvlvuo9>I(imtUa=$=bxTS~k;pHNJ->OAI>SM_s18@w&F+0PX;1g^
zqC`eU-Wp%DPt*E3m6ItJEpRQdGOdJ*dOb}|gIB+?ZC%@#31}m_+UK-6XZ`C=F7<p7
zg<7r)vlICFEvaePW2$1*3Od)*9hb*^_0?E*c6QhJc#3<I<G0jmaji8>6Uidew{ERe
z7u@n}G5B;V1a;4JV#Z9`>$Fur`FvkLR$N@XBckSU-T}=?*9+F^1d$6af9xjy;>o+{
zj0I%?{7qU~lKQ1h;$GTDxtzuYMsz=Hmk*j?c-)>jORPO``Sj`25LDeIvcAlGEC12U
z_TKq<(bv>j|Gp7KHRWt?Jmc(q^6h`3s;n*ykB*L>NNxUdp5V&o?fx+{^d1%qemQ>p
zDK$9YvwfInde0=ARhwqAoD_SP*Vu$e()ZRucF#B3=32<+#yUqoy|Aa-XPewxq1^h=
zGz7>#O9<(5rezeytzS|27LdhSEpl-gJ&>0-TwuWQyGKJxd)wu$t*xGi4=Fw6p8Fzc
zf{7)(UDqyJfiDB;+VETX85UvL11O4i0OHJFZTpGg%J#&6o{6}7L;B!a;)rQ(Zd*@&
z$)}Xw%2ONtoPc|8-c%gBGkl5d;lAPg!n(gN<Tcgr-CvS)x@`HE5AT6?c6K`~TAJ_v
zU}Ix5($#e|;cIOybbnvp4QzMe>x7C~4Lh1Vvnt*D<ahF_b1N{1zTu?k?iZI&%=Ens
zy=;pzIX51k=~h&T%1Tg6OH22fXB}Q^3&X3@fuNIbi^i`nuC_ZnKfKC=d(I=jr9e~p
z;?_aC7?J;pj3=MOS6S4C2)DT;)*NZrHTe)kWQWwZr4;qfXNTgx3v|F2yIk~EhLms0
zk(c;tt*@(Z-@aW@FnG4Kbn(iYi;mdhKLegy;PzgJ7d?HSuU1YTo>y)ibYab!HNLdJ
zJ*8-51)OEe8lG?2cz<wW*Q)$J_j9@HUBAshWO-bltI&~xfG4#DLVJu~H!<5XOV2JY
lb7@>>0PY1Jo45kZ0;-IeY1<BRW}E+?lAuu0*%h%n{|g+y74!fA

literal 0
HcmV?d00001

diff --git a/app/assets/javascripts/orbit-1.0.js b/app/assets/javascripts/orbit-1.0.js
index a32f6c9f..efb7042e 100644
--- a/app/assets/javascripts/orbit-1.0.js
+++ b/app/assets/javascripts/orbit-1.0.js
@@ -1,104 +1,97 @@
-var viewportwidth,
-	viewportheight;
-function resize() {
-	viewportheight=$(window).height();
-	viewportwidth=$(window).width();
-	if(window.navigator.userAgent.indexOf("MSIE")>0){
-		windH=document.clientHeight;
-		windW=document.clientWidht;
-	}
-}
-$(document).ready(function(){
-	$(document).on('click', '.language-menu li', function(){
-		$(this).each(function(i){
-			$(this).siblings().removeClass('active')
-			$(this).addClass('active')
-		})
-		return false;
-	});
-	$(document).on('click', '.orbit-bar-member', function(){
-		$(this).hasClass('open') ? $(this).removeClass('open') : $(this).addClass('open');
-		$('.bar-login .dropdown-menu').toggle();
-		return false;
-	});
-
-	$(document).click(function() {
-		$('.orbit-bar-member').removeClass("open");
-		$('.bar-login .dropdown-menu').hide();
-	});
-
-	$(document).on('click', '.bar-login .dropdown-menu', function(e) {
-		e.stopPropagation();
-		$('.bar-login .dropdown-menu').show();
-	});
-	
-	$('.tip').tooltip({
-		placement: "left"
-	});
-	
-	$(document).on('click', '.privacy', function() {
-		switch ($(this).val()) {
-			case 'true':
-			$(this).parents('.controls').children('.select-role').slideUp(300);
-			break;
-			case 'false':
-			$(this).parents('.controls').children('.select-role').slideDown(300);
-			break;
-		}
-	});
-	
-	$(document).on('click', '.toggle-tr-edit', function() {
-		$(this).parents('tr').next('.qe-block').removeClass('hide');
-		$(this).parents('tr').next('.qe-block').find('.qe-edit-div').addClass('hide');
-		$(this).parents('tr').next('.qe-block').find('#qe-' + $(this).attr('rel')).toggleClass('hide');
-	});
-
-	$(document).on('click', '.sort-header > .sort', function() {
-		$.getScript($(this).attr('rel'));
-	});
-
-	/*tinyscrollbar&windows-Size*/
-	resize();
-	$('#main-sidebar').css("height", viewportheight-40);
-	$('#main-sidebar .viewport').css("height", viewportheight-40);
-	$('.post-title').css("width", viewportwidth-495);
-	$('#main-sidebar').tinyscrollbar();
-	$('.detal-list').tinyscrollbar();
-	$('#main-sidebar').tinyscrollbar({size:(viewportheight-44)});
-
-	/*isotope*/
-  var $container = $('#isotope');
-  $container.isotope({
-      itemSelector : '.item',
-      layoutMode : 'masonry',
-  });
-	
-	
-});
-$(window).resize(function(){
-	resize();
-	var $mainWrapMarginLeft = parseInt($('#main-wrap').css("margin-left"))-2;
-	$('#main-sidebar').css("height", viewportheight-30);
-	$('#main-sidebar .viewport').css("height", viewportheight-30);
-	$('.post-title').css("width", viewportwidth-495);
-	$('#main-wrap > .subnav').css("width", viewportwidth-$mainWrapMarginLeft)
-	$('#main-sidebar').tinyscrollbar({size:(viewportheight-34)});
-	mainTablePosition()
-});
-/*main-table position*/
-function mainTablePosition() {
-	var $height = $('#main-wrap > .subnav').height()
-	var $table = $('#main-wrap > .table')
-	//alert ($table.height())
-	$table.stop().animate({marginTop:$height},500)
-	//$table.css({marginTop : $height})
-}
-$(window).scroll(function () {
-	//var $mainWrapMarginLeft = parseInt($('#main-wrap').css("margin-left"))-1;
-	//var $subnavWidth = parseInt($('#main-wrap > .subnav').css("width"));
-	var $winLeft = $(window).scrollLeft()
-	$(".table-label").css({left:$winLeft*-1} );
-	//$(".table-label").css({left:$mainWrapMarginLeft+($winLeft*-1)} );
-	//$("#main-wrap > .subnav").css({width:$subnavWidth+($winLeft)} );
-	//console.log($mainWrapMarginLeft+($winLeft*-1)+5);
-});
+var viewportwidth,
+	viewportheight;
+function resize() {
+	viewportheight=$(window).height();
+	viewportwidth=$(window).width();
+	if(window.navigator.userAgent.indexOf("MSIE")>0){
+		windH=document.clientHeight;
+		windW=document.clientWidht;
+	}
+}
+$(document).ready(function(){
+	$(document).on('click', '.orbit-bar-member', function(){
+		$(this).hasClass('open') ? $(this).removeClass('open') : $(this).addClass('open');
+		$('.bar-login .dropdown-menu').toggle();
+		return false;
+	});
+
+	$(document).click(function() {
+		$('.orbit-bar-member').removeClass("open");
+		$('.bar-login .dropdown-menu').hide();
+	});
+
+	$(document).on('click', '.bar-login .dropdown-menu', function(e) {
+		e.stopPropagation();
+		$('.bar-login .dropdown-menu').show();
+	});
+	
+	$('.tip').tooltip({
+		placement: "left"
+	});
+	
+	$(document).on('click', '.privacy', function() {
+		switch ($(this).val()) {
+			case 'true':
+			$(this).parents('.controls').children('.select-role').slideUp(300);
+			break;
+			case 'false':
+			$(this).parents('.controls').children('.select-role').slideDown(300);
+			break;
+		}
+	});
+	
+	$(document).on('click', '.toggle-tr-edit', function() {
+		$(this).parents('tr').next('.qe-block').removeClass('hide');
+		$(this).parents('tr').next('.qe-block').find('.qe-edit-div').addClass('hide');
+		$(this).parents('tr').next('.qe-block').find('#qe-' + $(this).attr('rel')).toggleClass('hide');
+	});
+
+	$(document).on('click', '.sort-header > .sort', function() {
+		$.getScript($(this).attr('rel'));
+	});
+
+	/*tinyscrollbar&windows-Size*/
+	resize();
+	$('#main-sidebar').css("height", viewportheight-40);
+	$('#main-sidebar .viewport').css("height", viewportheight-40);
+	$('.post-title').css("width", viewportwidth-495);
+	$('#main-sidebar').tinyscrollbar();
+	$('.detal-list').tinyscrollbar();
+	$('#main-sidebar').tinyscrollbar({size:(viewportheight-44)});
+
+	/*isotope*/
+  var $container = $('#isotope');
+  $container.isotope({
+      itemSelector : '.item',
+      layoutMode : 'masonry',
+  });
+	
+	
+});
+$(window).resize(function(){
+	resize();
+	var $mainWrapMarginLeft = parseInt($('#main-wrap').css("margin-left"))-2;
+	$('#main-sidebar').css("height", viewportheight-30);
+	$('#main-sidebar .viewport').css("height", viewportheight-30);
+	$('.post-title').css("width", viewportwidth-495);
+	$('#main-wrap > .subnav').css("width", viewportwidth-$mainWrapMarginLeft)
+	$('#main-sidebar').tinyscrollbar({size:(viewportheight-34)});
+	mainTablePosition()
+});
+/*main-table position*/
+function mainTablePosition() {
+	var $height = $('#main-wrap > .subnav').height()
+	var $table = $('#main-wrap > .table')
+	//alert ($table.height())
+	$table.stop().animate({marginTop:$height},500)
+	//$table.css({marginTop : $height})
+}
+$(window).scroll(function () {
+	//var $mainWrapMarginLeft = parseInt($('#main-wrap').css("margin-left"))-1;
+	//var $subnavWidth = parseInt($('#main-wrap > .subnav').css("width"));
+	var $winLeft = $(window).scrollLeft()
+	$(".table-label").css({left:$winLeft*-1} );
+	//$(".table-label").css({left:$mainWrapMarginLeft+($winLeft*-1)} );
+	//$("#main-wrap > .subnav").css({width:$subnavWidth+($winLeft)} );
+	//console.log($mainWrapMarginLeft+($winLeft*-1)+5);
+});
diff --git a/app/assets/stylesheets/bootstrap.css.erb b/app/assets/stylesheets/bootstrap.css.erb
index 9ad62e96..ee2ae5a4 100644
--- a/app/assets/stylesheets/bootstrap.css.erb
+++ b/app/assets/stylesheets/bootstrap.css.erb
@@ -2642,8 +2642,8 @@ button.btn.small, input[type="submit"].btn.small {
   color: #333333;
 }
 .pagination {
-  height: 36px;
-  margin: 18px 0;
+    height: 36px;
+    margin: 18px 0;
 }
 .pagination ul {
   display: inline-block;
@@ -2663,7 +2663,8 @@ button.btn.small, input[type="submit"].btn.small {
 .pagination li {
   display: inline;
 }
-.pagination a {
+
+.pagination .page{
   float: left;
   padding: 0 14px;
   line-height: 34px;
@@ -2671,6 +2672,28 @@ button.btn.small, input[type="submit"].btn.small {
   border: 1px solid #ddd;
   border-left-width: 0;
 }
+.pagination a {
+  float: left;
+}
+.pagination .next{
+  float: left;
+  padding: 0 14px;
+  line-height: 34px;
+  text-decoration: none;
+  border: 1px solid #ddd;
+  border-left-width: 0;
+}
+.pagination .last{
+  float: left;
+  padding: 0 14px;
+  line-height: 34px;
+  text-decoration: none;
+  border: 1px solid #ddd;
+  border-left-width: 0;
+}
+.pagination .current{
+  border-left-width: 1px;
+}
 .pagination a:hover, .pagination .active a {
   background-color: #f5f5f5;
 }
diff --git a/app/assets/stylesheets/style.css.erb b/app/assets/stylesheets/style.css.erb
index 912df36a..beae5a8e 100644
--- a/app/assets/stylesheets/style.css.erb
+++ b/app/assets/stylesheets/style.css.erb
@@ -1,819 +1,830 @@
-@font-face{ 
-	font-family: 'WebSymbolsRegular';
-	src: url(<%= asset_path 'websymbols-regular-webfont.eot' %>);
-	src: url(<%= asset_path 'websymbols-regular-webfont.eot?#iefix' %>) format('embedded-opentype'),
-	     url(<%= asset_path 'websymbols-regular-webfont.woff' %>) format('woff'),
-	     url(<%= asset_path 'websymbols-regular-webfont.ttf' %>) format('truetype'),
-	     url(<%= asset_path 'websymbols-regular-webfont.svg#WebSymbolsRegular' %>) format('svg');
-}
-.login-logo {
-	text-indent: -9999px;
-	background: url(<%= asset_path 'sign-in-logo.png' %>) no-repeat center 40px;
-	padding-top: 40px;
-	height: 160px;
-}
-#orbit-bar {
-	margin-bottom: 0;
-	position:fixed;
-	width:100%;
-	z-index: 99;
-	top: 0;
-	left: 0;
-}
-#orbit-bar .navbar-inner {
-	height: 28px;
-	-moz-border-radius: 0px;
-	-webkit-border-radius: 0px;
-	border-radius: 0px;
-	padding-top: 2px;
-	padding-bottom: 1px;
-	-webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.8), inset 0 1px 0 rgba(127, 149, 165, 1), 0 -1px 0 rgba(31, 32, 36, 1) inset;
-	-moz-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.8), inset 0 1px 0 rgba(127, 149, 165, 1), 0 -1px 0 rgba(31, 32, 36, 1) inset;
-	box-shadow: 0 1px 3px rgba(0, 0, 0, 0.8), inset 0 1px 0 rgba(127, 149, 165, 1), 0 -1px 0 rgba(31, 32, 36, 1) inset;
-	background-image: -moz-linear-gradient(top, #545b60, #191a1c);
-	background-image: -ms-linear-gradient(top, #545b60, #191a1c);
-	background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#545b60), to(#191a1c));
-	background-image: -webkit-linear-gradient(top, #545b60, #191a1c);
-	background-image: -o-linear-gradient(top, #545b60, #191a1c);
-	background-image: linear-gradient(top, #545b60, #191a1c);
-	filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#545b60', endColorstr='#191a1c', GradientType=0);
-}
-#orbit-bar .navbar-search {
-	float: none;
-	margin: 0 auto;
-	text-align: center;
-}
-#orbit-bar .nav.pull-right {
-	margin-right: -20px;
-}
-#orbit-bar .search-query {
-	background-image: url(<%= asset_path 'main-search.png' %>);
-	background-repeat: no-repeat;
-	background-position: 5px 6px;
-	padding-left: 25px;
-	/*background-color: rgba(255, 255, 255, 0.8);
-	color: #333;
-	text-shadow: 0px 1px 0px #FFF;*/
-	box-shadow: 0 1px 1px rgba(0, 0, 0, 0.3) inset, 0 1px 0 rgba(255, 255, 255, 0.15);
-}
-#orbit-bar .search-query:focus {
-	/*background-color: rgba(255, 255, 255, 0.9);
-	text-shadow: 0px 1px 0px #FFF;*/
-	background-position: 6px 7px;
-}
-#orbit-bar .container {
-	width:100%;
-}
-#orbit-bar .orbit-logo .brand {
-	background: url(<%= asset_path 'orbit-bar.png' %>) no-repeat -162px -5px;
-	text-indent:-9999px;
-	padding: 5px 20px 4px;
-}
-#orbit-bar .orbit-logo .brand:hover {
-	background-color: rgba(0,157,220,1);
-}
-#orbit-bar .orbit-logo.open .brand {
-	background-color: rgba(0,157,220,1);
-}
-#orbit-bar .orbit-logo .dropdown-menu {
-	left: -15px;
-}
-#orbit-bar .nav > li {
-	height: 28px;
-}
-#orbit-bar .nav > li > a:hover {
-	background-color: rgba(0,157,220,1);
-}
-#orbit-bar .nav > li > a {
-	background-image: url(<%= asset_path 'orbit-bar.png' %>);
-	background-repeat:no-repeat;
-	display: inline-block;
-	width: 16px;
-	height: 16px;
-	text-indent: -9999px;
-	padding:6px;
-}
-#orbit-bar .nav > li > a.orbit-bar-home {
-	background-position: -10px -10px;
-}
-#orbit-bar .nav > li > a.orbit-bar-desktop {
-	background-position: -100px -4px;
-}
-#orbit-bar .nav > li > a.orbit-bar-member {
-	background-position: -4px -37px;
-}
-#orbit-bar .nav > li > a.orbit-bar-member {
-	background-position: -10px -43px;
-}
-#orbit-bar .nav > li > a.orbit-bar-language {
-	background-position: -42px -42px;
-}
-.language-menu .active {
-  color: #ffffff;
-  text-decoration: none;
-  background-color: #0088cc;
-}
-#orbit-bar .nav > li > a.orbit-bar-account {
-	background-image: none;
-	height: 22px;
-	padding: 3px;
-	text-indent: inherit;
-	min-width: 110px;
-	width: auto !important;
-	text-align: left;
-}
-#orbit-bar .nav span.member-name {
-	display: inline-block;
-	line-height: 22px;
-	padding: 0 10px;
-}
-#orbit-bar .nav img.member-img {
-	display: inline-block;
-	float: left;
-	max-width: 22px;
-}
-#orbit-bar .account-menu {
-	right: 5px;
-}
-#orbit-bar .bar-login {
-	
-}
-#orbit-bar .bar-login .open, #orbit-bar .open .orbit-bar-account {
-	background-color: #009DDC;
-}
-#orbit-bar .bar-login .dropdown-menu {
-	padding: 0 0 10px;
-	max-width: 260px;
-}
-#orbit-bar .bar-login .dropdown-menu .log {
-	margin: 10px 15px 0;
-	list-style: none outside none;
-}
-#orbit-bar .bar-login .dropdown-menu .log .title {
-	background: url(<%= asset_path 'sign-in-logo2.png' %>) no-repeat center center;
-	height: 70px;
-}
-#orbit-bar .bar-login .dropdown-menu .log form {
-	margin: 0 0 8px;
-}
-#orbit-bar .bar-login .dropdown-menu .log input {
-	display: inline-block;
-	margin: 0;
-}
-#orbit-bar .bar-login .dropdown-menu .log .span2 {
-	width: 183px;
-}
-#orbit-bar .bar-login .dropdown-menu .log .forgot {
-	margin-bottom: 20px;
-	padding: 3px 0 0;
-	float: right;
-	display: inline-block;
-	color: #0088CC;
-}
-#orbit-bar .bar-login .dropdown-menu .log .input-prepend {
-	margin-top: 20px;
-}
-#orbit-bar .bar-login .dropdown-menu .log .remember {
-	margin-top: 5px;
-}
-#orbit-bar .bar-login .dropdown-menu .log .forgot:hover {
-	padding: 3px 0 0;
-	float: right;
-	display: inline-block;
-	color: #005580;
-	text-decoration: underline;
-	background-color: transparent;
-}
-#orbit-bar .bar-login .dropdown-menu .log .btn {
-	width: 220px;
-}
-#orbit-bar .bar-login .dropdown-menu .log .divider {
-	position:relative;
-	overflow: inherit;
-	margin: 20px 0;
-}
-#orbit-bar .bar-login .dropdown-menu .log .divider span {
-	position: absolute;
-	width: 20px;
-	height: 20px;
-	background-color: #FFF;
-	color: #666;
-	top: -9px;
-	left: 100px;
-	font-size:16px;
-	text-align: center;
-}
-#orbit-bar .bar-login .dropdown-menu .register {
-	color: #FFFFFF;
-	margin: 0 15px;
-	width: 188px;
-}
-#main-sidebar {
-    background: url(<%= asset_path 'background.jpg' %>) repeat left top;
-	width: 155px;
-	padding-right: 4px;
-	border-right: 1px solid rgba(0,0,0,.2);
-	position:fixed;
-	top: 32px;
-	z-index: 88;
-}
-#main-sidebar .nav {
-    padding-top: 5px;
-}
-#main-sidebar .nav > li.active > a [class^="icons-"] {
-	background-image: url(<%= asset_path 'icons_pack_white.png' %>);
-}
-#main-sidebar .nav > li > .nav {
-	margin-left: -14px;
-	margin-bottom: 5px;
-	width: 155px;
-	padding: 0;
-	background-color: #FFF;
-	/*border-radius: 0px 0px 8px 0px;
-	-webkit-border-radius: 0px 0px 8px 0px;
-	-moz-border-radius: 0px 0px 8px 0px;*/
-	box-shadow: 0px 2px 1px rgba(0,0,0,0.1);
-	-moz-box-shadow: 0px 2px 1px rgba(0,0,0,0.1);
-	-webkit-box-shadow: 0px 2px 1px rgba(0,0,0,0.1);
-}
-#main-sidebar .nav > li > .nav > li > a {
-	margin-left: 0;
-	padding-left: 19px;
-	color: #999;
-}
-#main-sidebar .nav > li > .nav > li > a:hover {
-	color: #000;
-	background-color: #d7eeff;
-}
-#main-sidebar .nav > li > .nav > li.active > a {
-	background-color: #b7b7b7;
-	color: #fff;
-}
-#main-wrap {
-	background-color: #FFF;
-	margin-left:160px;
-	padding-top: 32px;
-	padding-bottom: 18px;
-	position: relative;
-	min-height: 100%;
-}
-#main-wrap > .form-actions {
-	background-color: #FFF;
-	text-align: center;
-    padding: 17px 20px 0;
-	margin: 0;
-	border-top: none;
-}
-#main-wrap .subnav {
-	height: auto;
-	min-height: 36px;
-}
-#main-wrap .pagination {
-	margin: 18px 0 0;
-	text-align: center;
-}
-.main-list .route-group td {
-	border: none;
-}
-#main-wrap .route-group .breadcrumb {
-	background-image: none;
-	border-radius: 0;
-	-moz-border-radius: 0;
-	-webkit-border-radius: 0;
-	border-width: 0 0 1px 0;
-    box-shadow: none;
-	-webkit-box-shadow: none;
-	-moz-box-shadow: none;
-	margin-bottom: 0px;
-	padding: 7px 8px 5px;
-}
-#main-wrap .breadcrumb li {
-	font-size: 12px;
-	color: #999;
-}
-#sub-wiget {
-	clear: right;
-	float: right;
-	padding-right: 10px;
-	padding-top: 8px;
-	position: relative;
-	margin-bottom: 13px;
-	width: 304px;
-}
-.main-wiget .widget-box {
-    margin: 5px 0;
-    width: 100%;
-}
-#poststuff .form-actions {
-	background-color: transparent;
-	text-align: right;
-	padding-left: 10px;
-	padding-right: 10px;
-	margin-bottom: 0;
-	clear: both;
-}
-#poststuff form {
-	margin-bottom: 0;
-}
-#post-body {
-	float: left;
-	clear: left;
-	width: 100%;
-	margin-right: -340px;
-}
-#post-body .title input[type=text] {
-	margin-bottom: 0;
-	width: 100%;
-	height: 30px;
-}
-#post-body .btn-group {
-	margin-left: 5px;
-}
-#post-body .well {
-	margin: 0;
-	border-radius: 0px;
-	-moz-border-radius: 0px;
-	box-shadow: none;
-	-moz-box-shadow: none;
-	-webkit-box-shadow: none;
-	border-top: none;
-}
-#post-body .editor {
-	background-color: #333333;
-	height: 20px;
-	margin: 8px 0;
-	width: 100%;
-}
-#post-body-content {
-	margin-right: 320px;
-	padding: 8px 0 8px 6px;
-}
-.filter .accordion-heading > a:hover {
-  text-decoration: none;
-}
-.filter .accordion-group {
-    border-bottom: none;
-    border-top: none;
-    border-left: 1px solid rgba(0,0,0,0.07);
-    border-right: none;
-	-moz-border-radius: 0;
-	-webkit-border-radius: 0;
-    border-radius: 0;
-    margin-bottom: -1px;
-	position: relative;
-	left: 0;
-	top: 0;
-}
-.filter .accordion-group:last-child {
-	border-right: 1px solid rgba(0,0,0,0.07);
-}
-.filter .accordion-heading .accordion-toggle {
-    padding: 9px 15px;
-}
-.accordion-group .accordion-toggle .caret {
-    border-top-color: #0088CC;
-    margin-top: 6px;
-}
-.filter .active {
-	background-color: #0088CC;
-}
-.filter .active a {
-	color: #FFF;
-}
-.filters {
-	background-color: rgba(0,0,0,0.075);
-	-webkit-box-shadow: inset 0 2px 3px rgba(0, 0, 0, 0.2);
-	-moz-box-shadow: inset 0 2px 3px rgba(0, 0, 0, 0.2);
-	box-shadow: inset 0 2px 3px rgba(0, 0, 0, 0.2);
-}
-.filters > div {
-	background-color: #dadada;
-}
-.filters .btn {
-	margin-bottom: 5px;
-}
-.filters .accordion-inner {
-    border-top: none;
-	padding: 9px 15px 4px;
-}
-.filters .filter-clear {
-	padding: 5px 5px 0;
-	border-top: 1px solid rgba(0,0,0,0.1);
-	text-align: right;
-	margin: 0 5px;
-	-webkit-box-shadow: inset 0 1px 0px rgba(255, 255, 255, 0.5);
-	-moz-box-shadow: inset 0 1px 0px rgba(255, 255, 255, 0.5);
-	box-shadow: inset 0 1px 0px rgba(255, 255, 255, 0.5);
-}
-.filters .in {
-	/*border-bottom: 1px solid rgba(0,0,0,0.07)*/
-}
-.sign-in {
-	width: 360px;
-	margin: 0 auto 70px;
-	background-color: #FFF;
-	-moz-border-radius: 0 0 5px 5px;
-	-webkit-border-radius: 0 0 5px 5px;
-	border-radius: 0 0 5px 5px;
-	-moz-box-shadow: 0 2px 2px rgba(143, 143, 143, 0.38);
-	-webkit-box-shadow: 0 2px 2px rgba(143, 143, 143, 0.38);
-	box-shadow: 0 2px 2px rgba(143, 143, 143, 0.38);
-	border-width: 0px 1px 1px 1px;
-	border-style: none solid solid solid;
-	border-color: transparent #c6c6c6 #c6c6c6 #c6c6c6;
-}
-#signin-header {
-	width: 340px;
-	margin: 30px auto 0;
-	line-height: 25px;
-	padding: 5px 10px;
-	border-width: 1px 1px 0px 1px;
-	border-style: solid solid none solid;
-	border-color: #c6c6c6 #c6c6c6 transparent #c6c6c6;
-	background-color: #006dcc;
-	background-image: -moz-linear-gradient(top, #dadada, #c0c0c0);
-	background-image: -ms-linear-gradient(top, #dadada, #c0c0c0);
-	background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#dadada), to(#c0c0c0));
-	background-image: -webkit-linear-gradient(top, #dadada, #c0c0c0);
-	background-image: -o-linear-gradient(top, #dadada, #c0c0c0);
-	background-image: linear-gradient(top, #dadada, #c0c0c0);
-	-moz-border-radius: 5px 5px 0px 0px ;
-	-webkit-border-radius: 5px 5px 0px 0px;
-	border-radius: 5px 5px 0px 0px;
-	-moz-box-shadow: 0 1px 0px rgba(20, 20, 20, 0.3);
-	-webkit-box-shadow: 0 1px 0px rgba(20, 20, 20, 0.3);
-	box-shadow: 0 1px 0px rgba(20, 20, 20, 0.3);
-}
-#signin-header h3 {
-	color: #848484;
-	text-shadow: 0 1px 0 #e9e9e9;
-}
-#sign-footer {
-	width: 100%;
-	position:fixed;
-	bottom: 0;
-	height: 40px;
-	background-color: #dadada;
-	color: #7a7a7a;
-	box-shadow: 0 -1px 3px rgba(0, 0, 0, 0.3);
-	-moz-box-shadow: 0 -1px 3px rgba(0, 0, 0, 0.3);
-	-webkit-box-shadow: 0 -1px 3px rgba(0, 0, 0, 0.3);
-}
-#sign-footer p {
-	line-height: 40px;
-	padding: 0 10px;
-	text-align: right;
-}
-.sign-in .control-group label {
-	text-align: left;
-	width: auto;
-	font-size: 15px;
-}
-.sign-in .forgot {
-	padding-top: 5px;
-}
-.sign-in .content {
-	padding: 10px;
-}
-.sign-in .form-actions {
-	padding: 17px 10px 18px;
-	margin: 0;
-	-moz-border-radius: 0px 0px 5px 5px;
-	-webkit-border-radius: 0px 0px 5px 5px;
-	border-radius: 0px 0px 5px 5px;
-}
-.sign-in form {
-	margin: 0;
-}
-.sign-in .control-group .help-inline {
-	display:none;
-}
-.sign-in .error .help-inline {
-	display:inline-block;	
-}
-.web-symbol:after {
-	font-family: 'WebSymbolsRegular';
-	content: "{";
-    margin-left: 2px;
-    margin-top: 8px;
-}
-.active .web-symbol:after {
-	content: "}";
-}
-/*icons*/
-.the-icons i:after {
-	content: attr(class);
-	display: block;
-	font-style: normal;
-	margin-left: 20px;
-	width: 140px;
-}
-.the-icons i {
-	display: block;
-	margin-bottom: 5px;
-}
-[class^="text-"] {
-	font-size: 15px !important;
-}
-.text-blue {
-	color: #0088CC !important;
-}
-.text-red {
-	color: #CC3300 !important;
-}
-.text-yellow {
-	color: #ffcc00 !important;
-}
-.text-orange {
-	color: #f7941d !important;
-}
-.text-purple {
-	color: #a864a8 !important;
-}
-.text-palm {
-	color: #a67c52 !important;
-}
-.text-green {
-	color: #39b54a !important;
-}
-[class^="icons-"] {
-	display: inline-block;
-	width: 16px;
-	height: 16px;
-	vertical-align: text-top;
-	background-image: url(<%= asset_path 'icons_pack.png' %>);
-	background-position: 16px 16px;
-	background-repeat: no-repeat;
-	*margin-right: .3em;
-	margin-right:10px;
-}
-[class^="icons-"]:last-child {
- 	*margin-left: 0;
-}
-.icons-white {
-	background-image: url(<%= asset_path 'icons_pack_white.png' %>);
-}
-/*1*/
-.icons-pencil {
-	background-position: 0 0;
-}
-.icons-brush {
-	background-position: -32px 0;
-}
-.icons-pen {
-	background-position: -64px 0;
-}
-.icons-brush-large {
-	background-position: -128px 0;
-}
-.icons-pen-small {
-	background-position: -96px 0;
-}
-.icons-bucket {
-	background-position: -160px 0;
-}
-.icons-eye {
-	background-position: -192px 0;
-}
-.icons-ban {
-	background-position: -224px 0;
-}
-.icons-trash {
-	background-position: -256px 0;
-}
-.icons-zoom {
-	background-position: -288px 0;
-}
-.icons-zoom-out {
-	background-position: -320px 0;
-}
-.icons-zoom-in {
-	background-position: -352px 0;
-}
-.icons-magic {
-	background-position: -384px 0;
-}
-.icons-aim {
-	background-position: -416px 0;
-}
-/*2*/
-.icons-flag {
-	background-position: 0 -32px;
-}
-.icons-paperclip {
-	background-position: -32px -32px;
-}
-.icons-share {
-	background-position: -64px -32px;
-}
-.icons-link {
-	background-position: -96px -32px;
-}
-.icons-tag {
-	background-position: -128px -32px;
-}
-.icons-lock {
-	background-position: -160px -32px;
-}
-.icons-unlock {
-	background-position: -192px -32px;
-}
-/*3*/
-.icons-content {
-	background-position: -160px -66px;
-}
-.icons-announcement {
-	background-position: -576px -64px;
-}
-/*4*/
-.icons-contact {
-	background-position: 0 -96px;
-}
-.icons-roll {
-	background-position: -32px -96px;
-}
-.icons-member {
-	background-position: -288px -96px;
-}
-.icons-member-user {
-	background-position: -64px -96px;
-}
-.icons-member-admin {
-	background-position: -96px -96px;
-}
-.icons-member-manager{
-	background-position: -128px -96px;
-}
-.icons-member-plus{
-	background-position: -160px -96px;
-}
-.icons-member-minus{
-	background-position: -192px -96px;
-}
-.icons-member-blockade{
-	background-position: -224px -96px;
-}
-.icons-carte {
-	background-position: -256px -96px;
-}
-.icons-building {
-	background-position: -320px -96px;
-}
-.icons-calendar {
-	background-position: -352px -96px;
-}
-.icons-calendars {
-	background-position: -384px -96px;
-}
-.icons-out {
-	background-position: -416px -96px;
-}
-.icons-desktop {
-	background-position: -448px -96px;
-}
-/*5*/
-.icons-page-blank {
-	background-position: 0px -128px;
-}
-.icons-page {
-	background-position: -32px -128px;
-}
-.icons-page-copy {
-	background-position: -64px -128px;
-}
-.icons- {
-	background-position: -0px -128px;
-}
-/*6*/
-.icons-globe {
-	background-position: -96px -160px;
-}
-.icons-structure {
-	background-position: -352px -160px;
-}
-/*7*/
-.icons-purchase {
-	background-position: -64px -192px;
-}
-/*8*/
-.icons-dashboard {
-	background-position: 0 -224px;
-}
-.icons-cog {
-	background-position: -32px -224px;
-}
-.icons-cogs {
-	background-position: -64px -224px;
-}
-.icons-tool {
-	background-position: -96px -224px;
-}
-.icons-screwdriver {
-	background-position: -128px -224px;
-}
-.icons-wrench {
-	background-position: -160px -224px;
-}
-.icons-toolbox {
-	background-position: -192px -224px;
-}
-.icons-switch {
-	background-position: -224px -224px;
-}
-.icons-valve {
-	background-position: -256px -224px;
-}
-/*9*/
-.icons-picture {
-	background-position: -256px -256px;
-}
-.icons-asset {
-	background-position: -384px -256px;
-}
-.icons-asset-upload {
-	background-position: -448px -256px;
-}
-.icons-asset-download {
-	background-position: -416px -256px;
-}
-/*10*/
-.icons- {
-	background-position: -0px -288px;
-}
-/*11*/
-.icons-pie {
-	background-position: 0px -320px;
-}
-.icons-histogram {
-	background-position: -32px -320px;
-}
-.icons-window {
-	background-position: -64px -320px;
-}
-.icons-window-line{
-	background-position: -96px -320px;
-}
-.icons-window-command{
-	background-position: -128px -320px;
-}
-.icons-window-list{
-	background-position: -160px -320px;
-}
-.icons-window-block{
-	background-position: -192px -320px;
-}
-.icons-terminal{
-	background-position: -224px -320px;
-}
-/*12*/
-.icons-star-thin {
-	background-position: -416px -352px;
-}
-.icons- {
-	background-position: -0px -352px;
-}
-/*13*/
-.icons- {
-	background-position: -0px -384px;
-}
-/*14*/
-.icons- {
-	background-position: -0px -416px;
-}
-/*15*/
-.icons- {
-	background-position: -0px -448px;
-}
-/*16*/
-.icons- {
-	background-position: -0px -480px;
-}
-/*17*/
-.icons- {
-	background-position: -0px -512px;
-}
-/*18*/
-.icons-help {
-	background-position: -160px -544px;
-}
-.icons- {
-	background-position: -0px -544px;
-}
-/*19*/
-.icons-plus-cube {
-	background-position: -192px -576px;
-}
-.icons-plus {
-	background-position: -288px -576px;
-}
-.icons-power {
-	background-position: -0px -608px;
-}
-/*20*/
-.icons- {
-	background-position: -0px -608px;
-}
-/*21*/
-.icons- {
-	background-position: -0px -640px;
+@font-face{ 
+	font-family: 'WebSymbolsRegular';
+	src: url(<%= asset_path 'websymbols-regular-webfont.eot' %>);
+	src: url(<%= asset_path 'websymbols-regular-webfont.eot?#iefix' %>) format('embedded-opentype'),
+	     url(<%= asset_path 'websymbols-regular-webfont.woff' %>) format('woff'),
+	     url(<%= asset_path 'websymbols-regular-webfont.ttf' %>) format('truetype'),
+	     url(<%= asset_path 'websymbols-regular-webfont.svg#WebSymbolsRegular' %>) format('svg');
+}
+.login-logo {
+	text-indent: -9999px;
+	background: url(<%= asset_path 'sign-in-logo.png' %>) no-repeat center 40px;
+	padding-top: 40px;
+	height: 160px;
+}
+#orbit-bar {
+	margin-bottom: 0;
+	position:fixed;
+	width:100%;
+	z-index: 99;
+	top: 0;
+	left: 0;
+}
+#orbit-bar .navbar-inner {
+	height: 28px;
+	-moz-border-radius: 0px;
+	-webkit-border-radius: 0px;
+	border-radius: 0px;
+	padding-top: 2px;
+	padding-bottom: 1px;
+	-webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.8), inset 0 1px 0 rgba(127, 149, 165, 1), 0 -1px 0 rgba(31, 32, 36, 1) inset;
+	-moz-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.8), inset 0 1px 0 rgba(127, 149, 165, 1), 0 -1px 0 rgba(31, 32, 36, 1) inset;
+	box-shadow: 0 1px 3px rgba(0, 0, 0, 0.8), inset 0 1px 0 rgba(127, 149, 165, 1), 0 -1px 0 rgba(31, 32, 36, 1) inset;
+	
+	background-image: -moz-linear-gradient(top, #5282A6, #133757);
+	background-image: -ms-linear-gradient(top, #5282A6, #133757);
+	background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#5282A6), to(#133757));
+	background-image: -webkit-linear-gradient(top, #5282A6, #133757);
+	background-image: -o-linear-gradient(top, #5282A6, #133757);
+	background-image: linear-gradient(top, #5282A6, #133757);
+	filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#5282A6', endColorstr='#133757', GradientType=0);
+	/*
+	background-image: -moz-linear-gradient(top, #545b60, #191a1c);
+	background-image: -ms-linear-gradient(top, #545b60, #191a1c);
+	background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#545b60), to(#191a1c));
+	background-image: -webkit-linear-gradient(top, #545b60, #191a1c);
+	background-image: -o-linear-gradient(top, #545b60, #191a1c);
+	background-image: linear-gradient(top, #545b60, #191a1c);
+	filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#545b60', endColorstr='#191a1c', GradientType=0);
+	*/
+}
+#orbit-bar .navbar-search {
+	float: none;
+	margin: 0 auto;
+	text-align: center;
+}
+#orbit-bar .nav.pull-right {
+	margin-right: -20px;
+}
+#orbit-bar .search-query {
+	background-image: url(<%= asset_path 'main-search.png' %>);
+	background-repeat: no-repeat;
+	background-position: 5px 6px;
+	padding-left: 25px;
+	/*background-color: rgba(255, 255, 255, 0.8);
+	color: #333;
+	text-shadow: 0px 1px 0px #FFF;*/
+	box-shadow: 0 1px 1px rgba(0, 0, 0, 0.3) inset, 0 1px 0 rgba(255, 255, 255, 0.15);
+}
+#orbit-bar .search-query:focus {
+	/*background-color: rgba(255, 255, 255, 0.9);
+	text-shadow: 0px 1px 0px #FFF;*/
+	background-position: 6px 7px;
+}
+#orbit-bar .container {
+	width:100%;
+}
+#orbit-bar .orbit-logo .brand {
+	/* background: url(<%= asset_path 'orbit-bar.png' %>) no-repeat -162px -5px; */
+	background: url(<%= asset_path 'nccu_logo.png' %>) no-repeat 6px 0px;
+	text-indent:-9999px;
+	padding: 5px 20px 4px;
+}
+#orbit-bar .orbit-logo .brand:hover {
+	background-color: rgba(0,157,220,1);
+}
+#orbit-bar .orbit-logo.open .brand {
+	background-color: rgba(0,157,220,1);
+}
+#orbit-bar .orbit-logo .dropdown-menu {
+	left: -15px;
+}
+#orbit-bar .nav > li {
+	height: 28px;
+}
+#orbit-bar .nav > li > a:hover {
+	background-color: rgba(0,157,220,1);
+}
+#orbit-bar .nav > li > a {
+	background-image: url(<%= asset_path 'orbit-bar.png' %>);
+	background-repeat:no-repeat;
+	display: inline-block;
+	width: 16px;
+	height: 16px;
+	text-indent: -9999px;
+	padding:6px;
+}
+#orbit-bar .nav > li > a.orbit-bar-home {
+	background-position: -10px -10px;
+}
+#orbit-bar .nav > li > a.orbit-bar-desktop {
+	background-position: -100px -4px;
+}
+#orbit-bar .nav > li > a.orbit-bar-member {
+	background-position: -4px -37px;
+}
+#orbit-bar .nav > li > a.orbit-bar-member {
+	background-position: -10px -43px;
+}
+#orbit-bar .nav > li > a.orbit-bar-language {
+	background-position: -42px -42px;
+}
+.language-menu .active {
+  color: #ffffff;
+  text-decoration: none;
+  background-color: #0088cc;
+}
+#orbit-bar .nav > li > a.orbit-bar-account {
+	background-image: none;
+	height: 22px;
+	padding: 3px;
+	text-indent: inherit;
+	min-width: 110px;
+	width: auto !important;
+	text-align: left;
+}
+#orbit-bar .nav span.member-name {
+	display: inline-block;
+	line-height: 22px;
+	padding: 0 10px;
+}
+#orbit-bar .nav img.member-img {
+	display: inline-block;
+	float: left;
+	max-width: 22px;
+}
+#orbit-bar .account-menu {
+	right: 5px;
+}
+#orbit-bar .bar-login {
+	
+}
+#orbit-bar .bar-login .open, #orbit-bar .open .orbit-bar-account {
+	background-color: #009DDC;
+}
+#orbit-bar .bar-login .dropdown-menu {
+	padding: 0 0 10px;
+	max-width: 260px;
+}
+#orbit-bar .bar-login .dropdown-menu .log {
+	margin: 10px 15px 0;
+	list-style: none outside none;
+}
+#orbit-bar .bar-login .dropdown-menu .log .title {
+	background: url(<%= asset_path 'sign-in-logo2.png' %>) no-repeat center center;
+	height: 70px;
+}
+#orbit-bar .bar-login .dropdown-menu .log form {
+	margin: 0 0 8px;
+}
+#orbit-bar .bar-login .dropdown-menu .log input {
+	display: inline-block;
+	margin: 0;
+}
+#orbit-bar .bar-login .dropdown-menu .log .span2 {
+	width: 183px;
+}
+#orbit-bar .bar-login .dropdown-menu .log .forgot {
+	margin-bottom: 20px;
+	padding: 3px 0 0;
+	float: right;
+	display: inline-block;
+	color: #0088CC;
+}
+#orbit-bar .bar-login .dropdown-menu .log .input-prepend {
+	margin-top: 20px;
+}
+#orbit-bar .bar-login .dropdown-menu .log .remember {
+	margin-top: 5px;
+}
+#orbit-bar .bar-login .dropdown-menu .log .forgot:hover {
+	padding: 3px 0 0;
+	float: right;
+	display: inline-block;
+	color: #005580;
+	text-decoration: underline;
+	background-color: transparent;
+}
+#orbit-bar .bar-login .dropdown-menu .log .btn {
+	width: 220px;
+}
+#orbit-bar .bar-login .dropdown-menu .log .divider {
+	position:relative;
+	overflow: inherit;
+	margin: 20px 0;
+}
+#orbit-bar .bar-login .dropdown-menu .log .divider span {
+	position: absolute;
+	width: 20px;
+	height: 20px;
+	background-color: #FFF;
+	color: #666;
+	top: -9px;
+	left: 100px;
+	font-size:16px;
+	text-align: center;
+}
+#orbit-bar .bar-login .dropdown-menu .register {
+	color: #FFFFFF;
+	margin: 0 15px;
+	width: 188px;
+}
+#main-sidebar {
+    background: url(<%= asset_path 'background.jpg' %>) repeat left top;
+	width: 155px;
+	padding-right: 4px;
+	border-right: 1px solid rgba(0,0,0,.2);
+	position:fixed;
+	top: 32px;
+	z-index: 88;
+}
+#main-sidebar .nav {
+    padding-top: 5px;
+}
+#main-sidebar .nav > li.active > a [class^="icons-"] {
+	background-image: url(<%= asset_path 'icons_pack_white.png' %>);
+}
+#main-sidebar .nav > li > .nav {
+	margin-left: -14px;
+	margin-bottom: 5px;
+	width: 155px;
+	padding: 0;
+	background-color: #FFF;
+	/*border-radius: 0px 0px 8px 0px;
+	-webkit-border-radius: 0px 0px 8px 0px;
+	-moz-border-radius: 0px 0px 8px 0px;*/
+	box-shadow: 0px 2px 1px rgba(0,0,0,0.1);
+	-moz-box-shadow: 0px 2px 1px rgba(0,0,0,0.1);
+	-webkit-box-shadow: 0px 2px 1px rgba(0,0,0,0.1);
+}
+#main-sidebar .nav > li > .nav > li > a {
+	margin-left: 0;
+	padding-left: 19px;
+	color: #999;
+}
+#main-sidebar .nav > li > .nav > li > a:hover {
+	color: #000;
+	background-color: #d7eeff;
+}
+#main-sidebar .nav > li > .nav > li.active > a {
+	background-color: #b7b7b7;
+	color: #fff;
+}
+#main-wrap {
+	background-color: #FFF;
+	margin-left:160px;
+	padding-top: 32px;
+	padding-bottom: 18px;
+	position: relative;
+	min-height: 100%;
+}
+#main-wrap > .form-actions {
+	background-color: #FFF;
+	text-align: center;
+    padding: 17px 20px 0;
+	margin: 0;
+	border-top: none;
+}
+#main-wrap .subnav {
+	height: auto;
+	min-height: 36px;
+}
+#main-wrap .pagination {
+	margin: 18px 0 0;
+	text-align: center;
+}
+.main-list .route-group td {
+	border: none;
+}
+#main-wrap .route-group .breadcrumb {
+	background-image: none;
+	border-radius: 0;
+	-moz-border-radius: 0;
+	-webkit-border-radius: 0;
+	border-width: 0 0 1px 0;
+    box-shadow: none;
+	-webkit-box-shadow: none;
+	-moz-box-shadow: none;
+	margin-bottom: 0px;
+	padding: 7px 8px 5px;
+}
+#main-wrap .breadcrumb li {
+	font-size: 12px;
+	color: #999;
+}
+#sub-wiget {
+	clear: right;
+	float: right;
+	padding-right: 10px;
+	padding-top: 8px;
+	position: relative;
+	margin-bottom: 13px;
+	width: 304px;
+}
+.main-wiget .widget-box {
+    margin: 5px 0;
+    width: 100%;
+}
+#poststuff .form-actions {
+	background-color: transparent;
+	text-align: right;
+	padding-left: 10px;
+	padding-right: 10px;
+	margin-bottom: 0;
+	clear: both;
+}
+#poststuff form {
+	margin-bottom: 0;
+}
+#post-body {
+	float: left;
+	clear: left;
+	width: 100%;
+	margin-right: -340px;
+}
+#post-body .title input[type=text] {
+	margin-bottom: 0;
+	width: 100%;
+	height: 30px;
+}
+#post-body .btn-group {
+	margin-left: 5px;
+}
+#post-body .well {
+	margin: 0;
+	border-radius: 0px;
+	-moz-border-radius: 0px;
+	box-shadow: none;
+	-moz-box-shadow: none;
+	-webkit-box-shadow: none;
+	border-top: none;
+}
+#post-body .editor {
+	background-color: #333333;
+	height: 20px;
+	margin: 8px 0;
+	width: 100%;
+}
+#post-body-content {
+	margin-right: 320px;
+	padding: 8px 0 8px 6px;
+}
+.filter .accordion-heading > a:hover {
+  text-decoration: none;
+}
+.filter .accordion-group {
+    border-bottom: none;
+    border-top: none;
+    border-left: 1px solid rgba(0,0,0,0.07);
+    border-right: none;
+	-moz-border-radius: 0;
+	-webkit-border-radius: 0;
+    border-radius: 0;
+    margin-bottom: -1px;
+	position: relative;
+	left: 0;
+	top: 0;
+}
+.filter .accordion-group:last-child {
+	border-right: 1px solid rgba(0,0,0,0.07);
+}
+.filter .accordion-heading .accordion-toggle {
+    padding: 9px 15px;
+}
+.accordion-group .accordion-toggle .caret {
+    border-top-color: #0088CC;
+    margin-top: 6px;
+}
+.filter .active {
+	background-color: #0088CC;
+}
+.filter .active a {
+	color: #FFF;
+}
+.filters {
+	background-color: rgba(0,0,0,0.075);
+	-webkit-box-shadow: inset 0 2px 3px rgba(0, 0, 0, 0.2);
+	-moz-box-shadow: inset 0 2px 3px rgba(0, 0, 0, 0.2);
+	box-shadow: inset 0 2px 3px rgba(0, 0, 0, 0.2);
+}
+.filters > div {
+	background-color: #dadada;
+}
+.filters .btn {
+	margin-bottom: 5px;
+}
+.filters .accordion-inner {
+    border-top: none;
+	padding: 9px 15px 4px;
+}
+.filters .filter-clear {
+	padding: 5px 5px 0;
+	border-top: 1px solid rgba(0,0,0,0.1);
+	text-align: right;
+	margin: 0 5px;
+	-webkit-box-shadow: inset 0 1px 0px rgba(255, 255, 255, 0.5);
+	-moz-box-shadow: inset 0 1px 0px rgba(255, 255, 255, 0.5);
+	box-shadow: inset 0 1px 0px rgba(255, 255, 255, 0.5);
+}
+.filters .in {
+	/*border-bottom: 1px solid rgba(0,0,0,0.07)*/
+}
+.sign-in {
+	width: 360px;
+	margin: 0 auto 70px;
+	background-color: #FFF;
+	-moz-border-radius: 0 0 5px 5px;
+	-webkit-border-radius: 0 0 5px 5px;
+	border-radius: 0 0 5px 5px;
+	-moz-box-shadow: 0 2px 2px rgba(143, 143, 143, 0.38);
+	-webkit-box-shadow: 0 2px 2px rgba(143, 143, 143, 0.38);
+	box-shadow: 0 2px 2px rgba(143, 143, 143, 0.38);
+	border-width: 0px 1px 1px 1px;
+	border-style: none solid solid solid;
+	border-color: transparent #c6c6c6 #c6c6c6 #c6c6c6;
+}
+#signin-header {
+	width: 340px;
+	margin: 30px auto 0;
+	line-height: 25px;
+	padding: 5px 10px;
+	border-width: 1px 1px 0px 1px;
+	border-style: solid solid none solid;
+	border-color: #c6c6c6 #c6c6c6 transparent #c6c6c6;
+	background-color: #006dcc;
+	background-image: -moz-linear-gradient(top, #dadada, #c0c0c0);
+	background-image: -ms-linear-gradient(top, #dadada, #c0c0c0);
+	background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#dadada), to(#c0c0c0));
+	background-image: -webkit-linear-gradient(top, #dadada, #c0c0c0);
+	background-image: -o-linear-gradient(top, #dadada, #c0c0c0);
+	background-image: linear-gradient(top, #dadada, #c0c0c0);
+	-moz-border-radius: 5px 5px 0px 0px ;
+	-webkit-border-radius: 5px 5px 0px 0px;
+	border-radius: 5px 5px 0px 0px;
+	-moz-box-shadow: 0 1px 0px rgba(20, 20, 20, 0.3);
+	-webkit-box-shadow: 0 1px 0px rgba(20, 20, 20, 0.3);
+	box-shadow: 0 1px 0px rgba(20, 20, 20, 0.3);
+}
+#signin-header h3 {
+	color: #848484;
+	text-shadow: 0 1px 0 #e9e9e9;
+}
+#sign-footer {
+	width: 100%;
+	position:fixed;
+	bottom: 0;
+	height: 40px;
+	background-color: #dadada;
+	color: #7a7a7a;
+	box-shadow: 0 -1px 3px rgba(0, 0, 0, 0.3);
+	-moz-box-shadow: 0 -1px 3px rgba(0, 0, 0, 0.3);
+	-webkit-box-shadow: 0 -1px 3px rgba(0, 0, 0, 0.3);
+}
+#sign-footer p {
+	line-height: 40px;
+	padding: 0 10px;
+	text-align: right;
+}
+.sign-in .control-group label {
+	text-align: left;
+	width: auto;
+	font-size: 15px;
+}
+.sign-in .forgot {
+	padding-top: 5px;
+}
+.sign-in .content {
+	padding: 10px;
+}
+.sign-in .form-actions {
+	padding: 17px 10px 18px;
+	margin: 0;
+	-moz-border-radius: 0px 0px 5px 5px;
+	-webkit-border-radius: 0px 0px 5px 5px;
+	border-radius: 0px 0px 5px 5px;
+}
+.sign-in form {
+	margin: 0;
+}
+.sign-in .control-group .help-inline {
+	display:none;
+}
+.sign-in .error .help-inline {
+	display:inline-block;	
+}
+.web-symbol:after {
+	font-family: 'WebSymbolsRegular';
+	content: "{";
+    margin-left: 2px;
+    margin-top: 8px;
+}
+.active .web-symbol:after {
+	content: "}";
+}
+/*icons*/
+.the-icons i:after {
+	content: attr(class);
+	display: block;
+	font-style: normal;
+	margin-left: 20px;
+	width: 140px;
+}
+.the-icons i {
+	display: block;
+	margin-bottom: 5px;
+}
+[class^="text-"] {
+	font-size: 15px !important;
+}
+.text-blue {
+	color: #0088CC !important;
+}
+.text-red {
+	color: #CC3300 !important;
+}
+.text-yellow {
+	color: #ffcc00 !important;
+}
+.text-orange {
+	color: #f7941d !important;
+}
+.text-purple {
+	color: #a864a8 !important;
+}
+.text-palm {
+	color: #a67c52 !important;
+}
+.text-green {
+	color: #39b54a !important;
+}
+[class^="icons-"] {
+	display: inline-block;
+	width: 16px;
+	height: 16px;
+	vertical-align: text-top;
+	background-image: url(<%= asset_path 'icons_pack.png' %>);
+	background-position: 16px 16px;
+	background-repeat: no-repeat;
+	*margin-right: .3em;
+	margin-right:10px;
+}
+[class^="icons-"]:last-child {
+ 	*margin-left: 0;
+}
+.icons-white {
+	background-image: url(<%= asset_path 'icons_pack_white.png' %>);
+}
+/*1*/
+.icons-pencil {
+	background-position: 0 0;
+}
+.icons-brush {
+	background-position: -32px 0;
+}
+.icons-pen {
+	background-position: -64px 0;
+}
+.icons-brush-large {
+	background-position: -128px 0;
+}
+.icons-pen-small {
+	background-position: -96px 0;
+}
+.icons-bucket {
+	background-position: -160px 0;
+}
+.icons-eye {
+	background-position: -192px 0;
+}
+.icons-ban {
+	background-position: -224px 0;
+}
+.icons-trash {
+	background-position: -256px 0;
+}
+.icons-zoom {
+	background-position: -288px 0;
+}
+.icons-zoom-out {
+	background-position: -320px 0;
+}
+.icons-zoom-in {
+	background-position: -352px 0;
+}
+.icons-magic {
+	background-position: -384px 0;
+}
+.icons-aim {
+	background-position: -416px 0;
+}
+/*2*/
+.icons-flag {
+	background-position: 0 -32px;
+}
+.icons-paperclip {
+	background-position: -32px -32px;
+}
+.icons-share {
+	background-position: -64px -32px;
+}
+.icons-link {
+	background-position: -96px -32px;
+}
+.icons-tag {
+	background-position: -128px -32px;
+}
+.icons-lock {
+	background-position: -160px -32px;
+}
+.icons-unlock {
+	background-position: -192px -32px;
+}
+/*3*/
+.icons-content {
+	background-position: -160px -66px;
+}
+.icons-announcement {
+	background-position: -576px -64px;
+}
+/*4*/
+.icons-contact {
+	background-position: 0 -96px;
+}
+.icons-roll {
+	background-position: -32px -96px;
+}
+.icons-member {
+	background-position: -288px -96px;
+}
+.icons-member-user {
+	background-position: -64px -96px;
+}
+.icons-member-admin {
+	background-position: -96px -96px;
+}
+.icons-member-manager{
+	background-position: -128px -96px;
+}
+.icons-member-plus{
+	background-position: -160px -96px;
+}
+.icons-member-minus{
+	background-position: -192px -96px;
+}
+.icons-member-blockade{
+	background-position: -224px -96px;
+}
+.icons-carte {
+	background-position: -256px -96px;
+}
+.icons-building {
+	background-position: -320px -96px;
+}
+.icons-calendar {
+	background-position: -352px -96px;
+}
+.icons-calendars {
+	background-position: -384px -96px;
+}
+.icons-out {
+	background-position: -416px -96px;
+}
+.icons-desktop {
+	background-position: -448px -96px;
+}
+/*5*/
+.icons-page-blank {
+	background-position: 0px -128px;
+}
+.icons-page {
+	background-position: -32px -128px;
+}
+.icons-page-copy {
+	background-position: -64px -128px;
+}
+.icons- {
+	background-position: -0px -128px;
+}
+/*6*/
+.icons-globe {
+	background-position: -96px -160px;
+}
+.icons-structure {
+	background-position: -352px -160px;
+}
+/*7*/
+.icons-purchase {
+	background-position: -64px -192px;
+}
+/*8*/
+.icons-dashboard {
+	background-position: 0 -224px;
+}
+.icons-cog {
+	background-position: -32px -224px;
+}
+.icons-cogs {
+	background-position: -64px -224px;
+}
+.icons-tool {
+	background-position: -96px -224px;
+}
+.icons-screwdriver {
+	background-position: -128px -224px;
+}
+.icons-wrench {
+	background-position: -160px -224px;
+}
+.icons-toolbox {
+	background-position: -192px -224px;
+}
+.icons-switch {
+	background-position: -224px -224px;
+}
+.icons-valve {
+	background-position: -256px -224px;
+}
+/*9*/
+.icons-picture {
+	background-position: -256px -256px;
+}
+.icons-asset {
+	background-position: -384px -256px;
+}
+.icons-asset-upload {
+	background-position: -448px -256px;
+}
+.icons-asset-download {
+	background-position: -416px -256px;
+}
+/*10*/
+.icons- {
+	background-position: -0px -288px;
+}
+/*11*/
+.icons-pie {
+	background-position: 0px -320px;
+}
+.icons-histogram {
+	background-position: -32px -320px;
+}
+.icons-window {
+	background-position: -64px -320px;
+}
+.icons-window-line{
+	background-position: -96px -320px;
+}
+.icons-window-command{
+	background-position: -128px -320px;
+}
+.icons-window-list{
+	background-position: -160px -320px;
+}
+.icons-window-block{
+	background-position: -192px -320px;
+}
+.icons-terminal{
+	background-position: -224px -320px;
+}
+/*12*/
+.icons-star-thin {
+	background-position: -416px -352px;
+}
+.icons- {
+	background-position: -0px -352px;
+}
+/*13*/
+.icons- {
+	background-position: -0px -384px;
+}
+/*14*/
+.icons- {
+	background-position: -0px -416px;
+}
+/*15*/
+.icons- {
+	background-position: -0px -448px;
+}
+/*16*/
+.icons- {
+	background-position: -0px -480px;
+}
+/*17*/
+.icons- {
+	background-position: -0px -512px;
+}
+/*18*/
+.icons-help {
+	background-position: -160px -544px;
+}
+.icons- {
+	background-position: -0px -544px;
+}
+/*19*/
+.icons-plus-cube {
+	background-position: -192px -576px;
+}
+.icons-plus {
+	background-position: -288px -576px;
+}
+.icons-power {
+	background-position: -0px -608px;
+}
+/*20*/
+.icons- {
+	background-position: -0px -608px;
+}
+/*21*/
+.icons- {
+	background-position: -0px -640px;
 }
\ No newline at end of file
diff --git a/app/views/layouts/_orbit_bar.html.erb b/app/views/layouts/_orbit_bar.html.erb
index c2ba7fbd..e9a91f48 100644
--- a/app/views/layouts/_orbit_bar.html.erb
+++ b/app/views/layouts/_orbit_bar.html.erb
@@ -26,10 +26,10 @@
           </ul>
         </li>
 				<% if user_signed_in? %>
-					<li class="dropdown active clear">
+					<li class="dropdown active">
 						<a class="orbit-bar-account" href="#" data-toggle="dropdown">
-							<!-- <img src="images/menber-pic.png" /> -->
-							<%= image_tag current_user.avatar.thumb.url, :class => 'member-img' %>
+							<img class="member-img" src="/assets/menber-pic.png" />
+							<%#= image_tag current_user.avatar.thumb.url, :class => 'member-img' %>
 							<span class="member-name"><%= current_user.name %></span>
 						</a>
 						<ul class="dropdown-menu account-menu">
@@ -45,7 +45,7 @@
 									<%= t(:desktop) %>
 								</a>
 							</li>
-							<li><%= link_to content_tag(:i, nil, :class => 'icons-out') + t(:logout), destroy_user_session_path %></li>
+							<li><%= link_to content_tag(:i, nil, :class => 'icons-out') + ' ' +  t(:logout), destroy_user_session_path %></li>
 							
 							<li class="divider"></li>
 							<li>
@@ -95,7 +95,7 @@
 				<% end %>
 			</ul>
 			<form class="navbar-search span6" action="">
-          <input class="search-query span4" type="text" placeholder="Search NCCU">
+          <input class="search-query span4" type="text" placeholder="<%= t(:search_nccu) %>">
       </form>
 		</div>
 	</div>
diff --git a/app/views/layouts/_side_bar.html.erb b/app/views/layouts/_side_bar.html.erb
index 15948578..33e41597 100644
--- a/app/views/layouts/_side_bar.html.erb
+++ b/app/views/layouts/_side_bar.html.erb
@@ -13,7 +13,7 @@
 <% end -%>
 
 <%= content_tag :li, :class => active_for_controllers('users') do -%>
-	<%= link_to content_tag(:i, nil, :class => 'icons-member') + t('admin.member'), panel_web_resource_back_end_web_links_path %>
+	<%= link_to content_tag(:i, nil, :class => 'icons-member') + t('admin.member'), admin_users_path %>
 <% end -%>
 
 <%= content_tag :li, :class => active_for_controllers(nil) do -%>
@@ -25,7 +25,7 @@
 <% end -%>
 
 <%= content_tag :li, :class => active_for_controllers(nil) do -%>
-	<%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.link'), nil %>
+	<%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.link'), panel_web_resource_back_end_web_links_path %>
 <% end -%>
 
 <%= content_tag :li, :class => active_for_controllers(nil) do -%>
diff --git a/config/application.rb b/config/application.rb
index 3a7fb91f..50b9f4a7 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -47,7 +47,7 @@ module PrototypeR4
     # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
-    config.i18n.default_locale = :en
+    config.i18n.default_locale = :zh_tw
 
     # JavaScript files you want as :defaults (application.js is always included).
     # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
diff --git a/config/environments/development.rb b/config/environments/development.rb
index d1b671e5..c2b4c930 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -24,21 +24,21 @@ PrototypeR4::Application.configure do
   config.action_dispatch.best_standards_support = :builtin  
 
 
-  config.middleware.use ExceptionNotifier,
-    :email_prefix => "[R4_error]",
-    :sender_address => %{"notifier" <redmine@rulingcom.com>},
-    :exception_recipients => %w{chris@rulingcom.com}
+  # config.middleware.use ExceptionNotifier,
+  #   :email_prefix => "[R4_error]",
+  #   :sender_address => %{"notifier" <redmine@rulingcom.com>},
+  #   :exception_recipients => %w{chris@rulingcom.com}
     
-  config.action_mailer.delivery_method = :smtp
-  config.action_mailer.smtp_settings = {
-    :tls => true,
-    :enable_starttls_auto => true,
-    :address => "smtp.gmail.com",
-    :port => '587',
-    :domain => "smtp.gmail.com",
-    :authentication => "plain",
-    :user_name => "redmine@rulingcom.com",
-    :password => "rulingredmine" }
+  # config.action_mailer.delivery_method = :smtp
+  # config.action_mailer.smtp_settings = {
+  #   :tls => true,
+  #   :enable_starttls_auto => true,
+  #   :address => "smtp.gmail.com",
+  #   :port => '587',
+  #   :domain => "smtp.gmail.com",
+  #   :authentication => "plain",
+  #   :user_name => "redmine@rulingcom.com",
+  #   :password => "rulingredmine" }
 
 end
 
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 3d293783..da72a4eb 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -32,6 +32,7 @@ en:
   password: Password
   register: Register
   remember_me: Remember me
+  search_nccu: Search NCCU
   show: Show
   submit: Submit
   sure?: Are you sure?
diff --git a/config/locales/zh_tw.yml b/config/locales/zh_tw.yml
index e4d1366d..049be66b 100644
--- a/config/locales/zh_tw.yml
+++ b/config/locales/zh_tw.yml
@@ -17,7 +17,7 @@ zh_tw:
   edit: 編輯
   email: 電子郵件
   enable: 啟用
-  forget_password: 忘記密碼?
+  forgot_password: 忘記密碼?
   help: 協助
   hide: 隱藏
   homepage: 首頁
@@ -25,10 +25,11 @@ zh_tw:
   logout: 登出
   no_: "No"
   nothing: 無
-  or_lower: 或者
+  or_lower: 或
   password: 密碼
   register: 註冊
   remember_me: 記住我
+  search_nccu: 搜尋政大
   show: 顯示
   submit: 送出
   sure?: 您肯定嗎?
diff --git a/lib/parsers/parser_front_end.rb b/lib/parsers/parser_front_end.rb
index d1334b06..305596ed 100644
--- a/lib/parsers/parser_front_end.rb
+++ b/lib/parsers/parser_front_end.rb
@@ -81,7 +81,7 @@ module ParserFrontEnd
         res << "<script type='text/javascript' src='/assets/orbit_bar.js'></script>"
         res << "<script type='text/javascript' src='/assets/event.js'></script>"
         page.design.javascripts.each do |js|
-          res << "<script type='text/javascript' src='#{js.file.url}'></script>"
+          # res << "<script type='text/javascript' src='#{js.file.url}'></script>"
         end
         res
       end
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb
index cf4e1801..b71a4609 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb
@@ -17,7 +17,9 @@ class Panel::Announcement::FrontEnd::BulletinsController < ObitWidgetController
       @bulletins = Bulletin.any_of( {deadline: nil,:postdate.lte => date_now} , {:deadline.gte => date_now,:postdate.lte => date_now} ).desc( :is_top, :postdate).page( params[:page]).per(10)
     end
 
-	get_categorys
+	  get_categorys
+	  
+	  @current_category = BulletinCategory.from_id(params[:bulletin_category_id]) rescue nil
   end
   
   def show
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index f5da3ad7..0161847d 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -14,4 +14,8 @@ class BulletinCategory
   
   has_many :bulletins
   
+  def self.from_id(id)
+    BulletinCategory.find(id) rescue nil
+  end
+  
 end
\ No newline at end of file
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/front_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/front_end/bulletins/index.html.erb
index d7aefeab..d4335e9a 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/front_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/front_end/bulletins/index.html.erb
@@ -2,7 +2,11 @@
 
 <%= flash_messages %>
 
-<h1 class="h1"><%= t('announcement.list_announcement') %></h1>
+<% if @current_category %>
+	<h1 class="h1"><%= @current_category.i18n_variable[I18n.locale] + t('announcement.bulletin.list_lower') %></h1>
+<% else %>
+	<h1 class="h1"><%= t('announcement.list_announcement') %></h1>
+<% end %>
 
 
 <table class="table table-bordered">
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/widget/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/widget/bulletins/index.html.erb
index e3ba9d48..33166165 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/widget/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/widget/bulletins/index.html.erb
@@ -11,7 +11,7 @@
 		<li>
 			<div class="news_img"><%= image_tag(post.image.url, :size => "290x130") if post.image.file %></div>
 			<h3 class="h3 news_title"><%= link_to post.title[I18n.locale], panel_announcement_front_end_bulletin_path(post, :category_id => post.bulletin_category_id) %></h3>
-			<p class="news_wrap"><%= post.subtitle[I18n.locale] %></p>
+			<p class="news_wrap"><%= post.subtitle[I18n.locale].html_safe %></p>
 		</li>
 		<% end %>
 	</ul>
diff --git a/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/widget/web_links_controller.rb b/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/widget/web_links_controller.rb
index 66b74799..bbe4a8d9 100644
--- a/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/widget/web_links_controller.rb
+++ b/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/widget/web_links_controller.rb
@@ -14,7 +14,7 @@ class Panel::WebResource::Widget::WebLinksController < ObitWidgetController
   
     # @web_link = WebLink.where( :is_hidden => false ).desc(:is_top, :name).first
 
-    @web_links = WebLink.widget_datas.page(params[:page]).per(9)
+    @web_links = WebLink.widget_datas.page(params[:page]).per(5)
 	
 	# get_categorys
   	
@@ -24,7 +24,7 @@ class Panel::WebResource::Widget::WebLinksController < ObitWidgetController
   end
 
   def reload_web_links
-    @web_links = WebLink.widget_datas.page(params[:page]).per(9)
+    @web_links = WebLink.widget_datas.page(params[:page]).per(5)
   end
   
   

From 3bcd7ea349c814b64e401fb0868ec31ed2788aa9 Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Mon, 13 Feb 2012 17:33:48 +0800
Subject: [PATCH 09/13] Exp with object_auth

---
 app/controllers/admin/app_auths_controller.rb |  4 +-
 .../admin/module_apps_controller.rb           |  4 ++
 .../admin/object_auths_controller.rb          |  1 +
 app/models/prototype_auth.rb                  |  6 +--
 .../admin/attributes/_app_selector.html.erb   |  1 +
 app/views/admin/module_apps/show.html.erb     | 37 ++++++++++++++
 app/views/admin/object_auths/new.html.erb     |  3 +-
 .../back_end/bulletins_controller.rb          |  2 +-
 .../back_end/fact_checks_controller.rb        | 29 +++++++++++
 .../announcement/app/models/bulletin.rb       |  2 +-
 .../app/models/bulletin_category.rb           |  4 ++
 .../_bulletin_category.html.erb               |  6 +++
 .../back_end/bulletins/_bulletins.html.erb    |  2 +-
 .../back_end/bulletins/index.html.erb         |  1 -
 .../back_end/fact_checks/_list_table.html.erb | 15 ++++++
 .../back_end/fact_checks/index.html.erb       | 51 +++++++++++++++++++
 .../announcement/config/routes.rb             |  3 +-
 17 files changed, 161 insertions(+), 10 deletions(-)
 create mode 100644 app/views/admin/attributes/_app_selector.html.erb
 create mode 100644 app/views/admin/module_apps/show.html.erb
 create mode 100644 vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
 create mode 100644 vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb
 create mode 100644 vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb

diff --git a/app/controllers/admin/app_auths_controller.rb b/app/controllers/admin/app_auths_controller.rb
index cb3340fd..56d0ae23 100644
--- a/app/controllers/admin/app_auths_controller.rb
+++ b/app/controllers/admin/app_auths_controller.rb
@@ -66,6 +66,8 @@ class Admin::AppAuthsController < ApplicationController
     @module_app = ModuleApp.find(params[:id])
   end
   
-  
+  def show
+    @module_app = ModuleApp.find(params[:id])
+  end
 
 end
\ No newline at end of file
diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb
index e80d4023..440f8100 100644
--- a/app/controllers/admin/module_apps_controller.rb
+++ b/app/controllers/admin/module_apps_controller.rb
@@ -21,6 +21,10 @@ class Admin::ModuleAppsController < ApplicationController
     @module_app = ModuleApp.find(params[:id])
   end
   
+  def show
+    @module_app = ModuleApp.find(params[:id])
+    
+  end
   
   def update
     @module_app = ModuleApp.find(params[:id])
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index ce404e53..3bff4374 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -14,6 +14,7 @@ class Admin::ObjectAuthsController < ApplicationController
   def new
     obj = eval(params[:type]).find params[:obj_id]
     @object_auth=obj.object_auths.build
+    @object_auth_title_option = eval(params[:type]+"::ObjectAuthTitlesOptions")
     respond_to do |format|
       format.html # new.html.erb
       format.xml  { render :xml => @post }
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
index 734268c4..893f402b 100644
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@@ -68,7 +68,7 @@ class PrototypeAuth
     end
   end
   
-  def auth_users
+  def auth_users_before_block_list
     if self.all?
       User.all.entries
     else
@@ -83,8 +83,8 @@ class PrototypeAuth
     end
   end
   
-  def auth_users_after_block_list
-    auth_users - self.blocked_users
+  def auth_users
+    auth_users_before_block_list - self.blocked_users
   end
   
  # protected
diff --git a/app/views/admin/attributes/_app_selector.html.erb b/app/views/admin/attributes/_app_selector.html.erb
new file mode 100644
index 00000000..c20a3885
--- /dev/null
+++ b/app/views/admin/attributes/_app_selector.html.erb
@@ -0,0 +1 @@
+<%= f.select :module_app_id, @apps.collect { |t| [t.title.capitalize, t.id] }, {:include_blank => true} ,{:rel => admin_module_apps_path }  %>
diff --git a/app/views/admin/module_apps/show.html.erb b/app/views/admin/module_apps/show.html.erb
new file mode 100644
index 00000000..27cfbc1a
--- /dev/null
+++ b/app/views/admin/module_apps/show.html.erb
@@ -0,0 +1,37 @@
+<br /><br /><br /><br />
+<%=@module_app.key %><br />
+<%=@module_app.title %><br />
+<%=@module_app.version %><br />
+<%=@module_app.organization %><br />
+<%=@module_app.author %><br />
+<%=@module_app.intro %><br />
+<%=@module_app.update_info %><br />
+<%=@module_app.create_date %><br />
+<%=@module_app.enable_frontend%><br />
+<%=@module_app.app_pages%><br />
+<%=@module_app.widgets%><br />
+
+Mangers:
+<ul>
+	<% @module_app.managers.each do |manager|%>
+		<li><%= manager.user.name %></li>
+	<%end%>
+</ul>
+
+
+SubManagers:
+<div>
+	<% @module_app.sub_managers.each do |manager|%>
+		<%= manager.user.name %>
+	<%end%>
+</div>
+<br />
+
+All User?:<%= @module_app.app_auth.all %><br />
+Blocked Users:<%= @module_app.app_auth.blocked_users.collect{|t| t.name} %><br />
+Privilege Users:<%= @module_app.app_auth.privilege_users.collect{|t| t.name}%><br />
+User Roles:<%= @module_app.app_auth.roles.collect{|t| t.key} %><br />
+User Sub Roles:<%= @module_app.app_auth.sub_roles.collect{|t| t.key} %><br />
+
+Available users after calculation:
+<%= @module_app.app_auth.auth_users.collect{|user| user.name}.join(',') %>
diff --git a/app/views/admin/object_auths/new.html.erb b/app/views/admin/object_auths/new.html.erb
index 25fd6fd5..b5b381fb 100644
--- a/app/views/admin/object_auths/new.html.erb
+++ b/app/views/admin/object_auths/new.html.erb
@@ -12,7 +12,8 @@
 <h1><%= t('object_auth.new_object_auth') %></h1>
 <%= form_for @object_auth, :url => admin_object_auths_path do |f| %>
 	<%= f.label :title   %>
-	<%= f.text_field :title, :class => 'text'   %>
+	<%= f.select :title,@object_auth_title_option  %>
+	
 	<%= f.hidden_field :obj_id, :value => params[:obj_id]   %>
 	<%= f.hidden_field :type, :value => params[:type]   %>
 
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
index 48b9ac88..6f4c1b7b 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@@ -105,7 +105,7 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
 	end
 
     respond_to do |format|
-      if @bulletin.update_attributes(params[:bulletin])
+      if @bulletin.update_attributes(params[:bulletin]) && @bulletin.save
         # format.html { redirect_to(panel_announcement_back_end_bulletin_url(@bulletin), :notice => t('bulletin.update_bulletin_success')) }
         format.html { redirect_to(panel_announcement_back_end_bulletins_url, :notice => t('bulletin.update_bulletin_success')) }
 		format.js  { render 'toggle_enable' }
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
new file mode 100644
index 00000000..ef7e1943
--- /dev/null
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -0,0 +1,29 @@
+class Panel::Announcement::BackEnd::FactChecksController  < ApplicationController
+  layout 'admin'
+  
+  def index
+    @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
+    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'check')
+  end
+  
+  def new
+    
+  end
+  
+  def create
+    
+  end
+  
+  def update
+    
+  end
+  
+  def edit
+    
+  end
+  
+  def destroy
+    
+  end
+  
+end
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin.rb b/vendor/built_in_modules/announcement/app/models/bulletin.rb
index 7c258f23..188142ea 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin.rb
@@ -4,7 +4,7 @@ class Bulletin
   include Mongoid::Document
   include Mongoid::Timestamps
   include Mongoid::MultiParameterAttributes
-  
+
   has_one :title, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
   has_one :subtitle, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
   has_one :text, :class_name => "I18nVariable", :as => :language_value, :autosave => true, :dependent => :destroy
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index 0161847d..4e3dd186 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -3,6 +3,10 @@
 class BulletinCategory
   include Mongoid::Document
   include Mongoid::Timestamps
+  include OrbitCoreLib::ObjectAuthable
+  
+  ObjectAuthTitlesOptions = %W{preview fact_check}
+  
   # include Mongoid::MultiParameterAttributes
   
   PAYMENT_TYPES = [ "List", "Picture" ]
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
index 57998770..2e0e7ddf 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
@@ -6,6 +6,12 @@
 	<% end %>
 	<td><%= bulletin_category.display %></td>
 	<td>
+	<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category) %>  <br/ >
+	<% bulletin_category.object_auths.each do |obj_auth| %>
+		 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
+	<% end %>
+	</td>
+	<td>
 	<%= link_to t('bulletin_category.edit'), edit_panel_announcement_back_end_bulletin_category_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.quick_edit'), panel_announcement_back_end_bulletin_category_quick_edit_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.delete'), panel_announcement_back_end_bulletin_category_path(bulletin_category), :confirm => t('announcement.sure?'), :method => :delete, :remote => true %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb
index 9fec31f3..bbe383bc 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletins.html.erb
@@ -36,4 +36,4 @@
 </thead>
 <tbody class="sort-holder">
 	<%= render :partial => 'bulletin', :collection => @bulletins %>
-</tbody>
\ No newline at end of file
+</tbody>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index d37d2134..fd2b29b5 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -6,4 +6,3 @@
 <div class="form-actions">
 	<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_announcement_back_end_bulletin_path, :class => 'btn btn-primary' %>
 </div>
-
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb
new file mode 100644
index 00000000..59bac03a
--- /dev/null
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/_list_table.html.erb
@@ -0,0 +1,15 @@
+<h1><%= bulletin_category.key %></h1>
+<table>
+  <tr>
+	<th><%= t('bulletin.status') %></th>
+	<th><%= t('bulletin.category') %></th>
+	<th><%= t('bulletin.title') %></th>
+	<th><%= t('bulletin.postdate') %></th>
+	<th><%= t('bulletin.deadline') %></th>
+	<th><%= t('bulletin.action') %></th>
+  </tr>
+
+<% bulletin_category.bulletins.each do |post| %>
+	<%= render :partial => 'panel/announcement/back_end/bulletins/bulletins', :locals => {:post => post,:fact_check_allow=>true} %>
+<% end %>	
+</table>
\ No newline at end of file
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
new file mode 100644
index 00000000..65ebeb28
--- /dev/null
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -0,0 +1,51 @@
+<% content_for :secondary do %>
+<br />
+<br />
+<br />
+<br />
+<br />
+  <ul class="list">
+	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
+	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
+	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %></li>
+	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %></li>
+	
+  </ul>
+<% end -%>
+
+<%= flash_messages %>
+
+<br />
+<br />
+<br />
+<br />
+<br />
+  
+  <fieldset><legend><%= t('bulletin.search') %></legend>	
+
+  <%= form_for :bulletin, :action => 'search', :method => 'get', :url => panel_announcement_back_end_bulletins_path do |f| %>
+  
+  <%#= f.select :bulletin_category_id, @bulletin_categorys.collect {|t| [ t.i18n_variable[I18n.locale], t.id ] },{ :include_blank => t('bulletin.select') }%>
+  
+  Category <%#= select_tag "category_id", options_for_select(@bulletin_categorys.collect{|t| [t.i18n_variable[I18n.locale], t.id]}), :prompt => t('bulletin.select') %>
+  
+  KeyWord <%#= text_field_tag :search, params[:search], :id => 'search_field' %>
+  
+  <%= submit_tag "Search", :name => nil %> 
+  
+  <% end %>
+
+  
+  </fieldset>
+
+<br />
+<br />
+
+<h1><%= t('bulletin.list_announcement') %></h1>
+
+	<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
+	
+	<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
+
+<br />
+
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index c3a60f74..cc877749 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -2,6 +2,7 @@ Rails.application.routes.draw do
   namespace :panel do
     namespace :announcement do
       namespace :back_end do
+        resources :fact_checks
         root :to => "bulletins#index"
         resources :bulletins
         resources :bulletin_categorys, :controller => 'bulletin_categorys' do
@@ -21,4 +22,4 @@ Rails.application.routes.draw do
       end
     end
   end
-end
\ No newline at end of file
+end

From cc550c57459bdb3efcddc402096a1101a40d35a3 Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Wed, 15 Feb 2012 18:20:44 +0800
Subject: [PATCH 10/13] First version for App and Object auth.Taking
 Announcement as experiment

---
 .../admin/object_auths_controller.rb          | 12 ++++++++--
 app/controllers/obit_frontend_controller.rb   |  3 ---
 app/controllers/obit_widget_controller.rb     |  3 ---
 app/controllers/orbit_backend_controller.rb   | 24 +++++++++++++++++++
 ...=> orbit_frontend_component_controller.rb} |  2 +-
 app/controllers/orbit_frontend_controller.rb  |  3 +++
 app/controllers/orbit_widget_controller.rb    |  3 +++
 app/helpers/admin/app_auth_helper.rb          |  5 ++++
 app/helpers/admin_helper.rb                   | 13 ++++++++++
 app/models/app_auth.rb                        |  1 +
 app/models/module_app.rb                      |  8 +++++++
 app/models/prototype_auth.rb                  |  2 +-
 .../admin/module_apps/_app_selector.html.erb  |  1 -
 app/views/admin/object_auths/edit.html.erb    |  2 +-
 config/routes.rb                              |  2 +-
 lib/orbit_core_lib.rb                         | 22 +++++++++++++++++
 lib/tasks/anc_tasks.rake                      | 22 +++++++++++++++++
 lib/tasks/dev.rake                            |  6 +++++
 .../announcement/announcement.json            |  2 +-
 .../back_end/fact_checks_controller.rb        |  5 ++--
 .../app/models/bulletin_category.rb           |  2 +-
 .../_bulletin_category.html.erb               | 16 +++++++------
 .../back_end/bulletins/index.html.erb         |  2 +-
 .../back_end/fact_checks/index.html.erb       | 10 +++++---
 .../announcement/config/routes.rb             |  1 +
 .../lib/tasks/announcement_tasks.rake         |  4 ----
 .../new_blog/front_end/comments_controller.rb |  2 +-
 .../new_blog/front_end/posts_controller.rb    |  2 +-
 28 files changed, 146 insertions(+), 34 deletions(-)
 delete mode 100644 app/controllers/obit_frontend_controller.rb
 delete mode 100644 app/controllers/obit_widget_controller.rb
 create mode 100644 app/controllers/orbit_backend_controller.rb
 rename app/controllers/{obit_frontend_component_controller.rb => orbit_frontend_component_controller.rb} (74%)
 create mode 100644 app/controllers/orbit_frontend_controller.rb
 create mode 100644 app/controllers/orbit_widget_controller.rb
 delete mode 100644 app/views/admin/module_apps/_app_selector.html.erb
 create mode 100644 lib/tasks/anc_tasks.rake
 delete mode 100644 vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake

diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index 3bff4374..573409b6 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -1,8 +1,12 @@
 class Admin::ObjectAuthsController < ApplicationController
+  include OrbitCoreLib::PermissionUnility
   layout "admin"
   before_filter :authenticate_user!
+  before_filter :check_if_user_can_do_object_auth
 #  before_filter :is_admin? ,:only => :index
   
+
+  
   def index
     # if current_user.admin?
       @object_auths = ObjectAuth.all
@@ -70,7 +74,11 @@ class Admin::ObjectAuthsController < ApplicationController
   def edit
     @object_auth = ObjectAuth.find(params[:id])
   end
-  
-
 
+private
+  def check_if_user_can_do_object_auth
+    unless  check_permission(:manager)
+      render :nothing => true, :status => 403 
+    end
+  end
 end
\ No newline at end of file
diff --git a/app/controllers/obit_frontend_controller.rb b/app/controllers/obit_frontend_controller.rb
deleted file mode 100644
index fb42ac78..00000000
--- a/app/controllers/obit_frontend_controller.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-class ObitFrontendController< ObitFrontendComponentController
-
-end
\ No newline at end of file
diff --git a/app/controllers/obit_widget_controller.rb b/app/controllers/obit_widget_controller.rb
deleted file mode 100644
index e0a9746d..00000000
--- a/app/controllers/obit_widget_controller.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-class ObitWidgetController< ObitFrontendComponentController
-
-end
\ No newline at end of file
diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb
new file mode 100644
index 00000000..49505c8f
--- /dev/null
+++ b/app/controllers/orbit_backend_controller.rb
@@ -0,0 +1,24 @@
+class OrbitBackendController< ApplicationController
+  before_filter :authenticate_user!
+  before_filter :setup_vars
+ # before_filter {|c| c.front_end_available(@app_title)}
+  before_filter :check_user_can_use,:except => [:public]
+  include OrbitCoreLib::PermissionUnility
+  
+  layout 'admin'
+  
+  def setup_vars
+    @app_title = request.fullpath.split('/')[2]
+    @module_app = ModuleApp.first(conditions: {:key => @app_title} )
+    
+  end
+  
+  private
+  
+  def check_user_can_use 
+    unless check_permission
+      redirect_to polymorphic_path(['panel',@app_title,'back_end','public'])
+    end
+  end
+  
+end
\ No newline at end of file
diff --git a/app/controllers/obit_frontend_component_controller.rb b/app/controllers/orbit_frontend_component_controller.rb
similarity index 74%
rename from app/controllers/obit_frontend_component_controller.rb
rename to app/controllers/orbit_frontend_component_controller.rb
index d0be3a25..12695040 100644
--- a/app/controllers/obit_frontend_component_controller.rb
+++ b/app/controllers/orbit_frontend_component_controller.rb
@@ -1,4 +1,4 @@
-class ObitFrontendComponentController< ApplicationController
+class OrbitFrontendComponentController< ApplicationController
   before_filter :setup_vars
   before_filter {|c| c.front_end_available(@app_title)}
   layout 'module_widget'
diff --git a/app/controllers/orbit_frontend_controller.rb b/app/controllers/orbit_frontend_controller.rb
new file mode 100644
index 00000000..e1be8167
--- /dev/null
+++ b/app/controllers/orbit_frontend_controller.rb
@@ -0,0 +1,3 @@
+class OrbitFrontendController< OrbitFrontendComponentController
+
+end
\ No newline at end of file
diff --git a/app/controllers/orbit_widget_controller.rb b/app/controllers/orbit_widget_controller.rb
new file mode 100644
index 00000000..c2be4691
--- /dev/null
+++ b/app/controllers/orbit_widget_controller.rb
@@ -0,0 +1,3 @@
+class ObitWidgetController< OrbitFrontendComponentController
+
+end
\ No newline at end of file
diff --git a/app/helpers/admin/app_auth_helper.rb b/app/helpers/admin/app_auth_helper.rb
index fe63a2a6..1a022e94 100644
--- a/app/helpers/admin/app_auth_helper.rb
+++ b/app/helpers/admin/app_auth_helper.rb
@@ -3,4 +3,9 @@ module Admin::AppAuthHelper
     link_to t(:enable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => true})"), :remote => true, :method => :put, :id => "disable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? 'none' : ''}", :class => 'switch' 
     link_to t(:disable), eval("admin_#{attribute_type}_path(attribute, :authenticity_token => form_authenticity_token, :#{attribute_type} => {:disabled => false})"), :remote => true, :method => :put, :id => "enable_#{attribute.id}", :style => "display:#{attribute.is_disabled? ? '' : 'none'}", :class => 'switch'
   end
+  
+  def if_permitted_to(user,role)
+    
+  end
+  
 end
\ No newline at end of file
diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb
index 6ae3a213..021687da 100644
--- a/app/helpers/admin_helper.rb
+++ b/app/helpers/admin_helper.rb
@@ -5,4 +5,17 @@ module AdminHelper
     link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
   end
   
+  # Check if the current_user is manager in current module app
+  def is_manager?
+    @module_app.is_manager?(current_user) || is_admin?
+  end
+
+  # Check if the current_user is sub manager in current module app
+  def is_sub_manager?
+    @module_app.is_sub_manager?(current_user)|| is_admin?
+  end
+  
+  def is_admin?
+    current_user.admin?
+  end
 end
\ No newline at end of file
diff --git a/app/models/app_auth.rb b/app/models/app_auth.rb
index 5a3de60c..94af40bb 100644
--- a/app/models/app_auth.rb
+++ b/app/models/app_auth.rb
@@ -2,4 +2,5 @@ class AppAuth < PrototypeAuth
 
   belongs_to :module_app
   
+  
 end
\ No newline at end of file
diff --git a/app/models/module_app.rb b/app/models/module_app.rb
index 5d885cd1..7e5e23fd 100644
--- a/app/models/module_app.rb
+++ b/app/models/module_app.rb
@@ -26,6 +26,14 @@ class ModuleApp
   
   before_save :set_key
   
+  def is_manager?(user)
+    managing_users.include?(user)
+  end
+  
+  def is_sub_manager?(user)
+    sub_managing_users.include?(user) || is_manager?(user)
+  end
+  
   def managing_users
     self.managers.collect{ |t| t.user }
   end
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
index 893f402b..6b22a1b3 100644
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@@ -16,7 +16,7 @@ class PrototypeAuth
   has_and_belongs_to_many :roles
   has_and_belongs_to_many :sub_roles
   
-  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
+  attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
 
   def add_role role
     add_operation(:roles,role)
diff --git a/app/views/admin/module_apps/_app_selector.html.erb b/app/views/admin/module_apps/_app_selector.html.erb
deleted file mode 100644
index ae3b2e47..00000000
--- a/app/views/admin/module_apps/_app_selector.html.erb
+++ /dev/null
@@ -1 +0,0 @@
-<%= f.select :module_app_id, @apps.collect { |t| [t.title.capitalize, t.id] }, {}, {:rel => admin_module_apps_path } %>
diff --git a/app/views/admin/object_auths/edit.html.erb b/app/views/admin/object_auths/edit.html.erb
index 67fb026e..fc824a64 100644
--- a/app/views/admin/object_auths/edit.html.erb
+++ b/app/views/admin/object_auths/edit.html.erb
@@ -11,4 +11,4 @@
 <%= render :partial => "admin/components/user_role_management", :locals => { 
 	:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
 
-
+<%= link_to 'Back to object',eval(@object_auth.obj_authable.class.to_s+"::AfterObjectAuthUrl")  %>
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index cd3921f0..ba5acb0a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -16,7 +16,7 @@ PrototypeR4::Application.routes.draw do
     resources :app_auths 
     resources :object_auths  do
       collection do
-        match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
+        match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init
       end
       member do
         match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb
index bf1d66a3..2520e04c 100644
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@@ -31,4 +31,26 @@ module  OrbitCoreLib
     end
     
   end
+  
+  module PermissionUnility
+  private
+    def check_permission(type = :use)
+      permission_grant =  current_user.admin?? true : false
+      module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
+      unless permission_grant
+        permission_grant = case type
+        when :use
+          users_ary = module_app.app_auth.auth_users rescue nil
+          users_ary = [] if users_ary.nil?
+          (users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user))
+        when :manager
+          module_app.is_manager?(current_user)
+        when :sub_manager  
+          module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)
+        end  
+      end
+      permission_grant
+    end
+    
+  end
 end
diff --git a/lib/tasks/anc_tasks.rake b/lib/tasks/anc_tasks.rake
new file mode 100644
index 00000000..3145d119
--- /dev/null
+++ b/lib/tasks/anc_tasks.rake
@@ -0,0 +1,22 @@
+# encoding: utf-8 
+
+namespace :anc do
+  
+  task :build => :environment do
+    bulletin_category_1 = BulletinCategory.create(:key => "C1ChrisCheckANDPreivew",:display => "List" )
+    bulletin_category_1.create_i18n_variable(:en => "ChrisCheckANDPreivew", :zh_tw => 'ChrisCheckANDPreivew')
+    bulletin_category_2 = BulletinCategory.create(:key => "C2MattCheckANDPreivew",:display => "List"  )
+    bulletin_category_2.create_i18n_variable(:en => "MattCheckANDPreivew", :zh_tw => 'MattCheckANDPreivew')
+    bulletin_category_3 = BulletinCategory.create(:key => "C3MattCheckChrisPreview",:display => "List"  )
+    bulletin_category_3.create_i18n_variable(:en => "MattCheckChrisPreview", :zh_tw => 'MattCheckChrisPreview')
+    
+  
+    bulletin_1 = Bulletin.create(:title => "C1P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_1  )
+    bulletin_2 = Bulletin.create(:title => "C1P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_1  )
+    bulletin_3 = Bulletin.create(:title => "C2P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_2  )
+    bulletin_4 = Bulletin.create(:title => "C2P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_2  )
+    bulletin_5 = Bulletin.create(:title => "C3P1",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_3  )
+    bulletin_6 = Bulletin.create(:title => "C3P2",:status => nil,:subtitle => "",:text => "value",:postadate => Time.now,:deadline => nil,:bulletin_category =>   bulletin_category_3  )
+  
+  end
+end
\ No newline at end of file
diff --git a/lib/tasks/dev.rake b/lib/tasks/dev.rake
index ee344743..70776ed9 100644
--- a/lib/tasks/dev.rake
+++ b/lib/tasks/dev.rake
@@ -125,6 +125,12 @@ namespace :dev do
     AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[1].id, :key => 'last_name', :en => 'Fu', :zh_tw => '傅' )
     AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
     AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
+
+    user = User.create( :email => 'manager@rulingcom.com', :password => 'password', :password_confirmation => 'password', :admin => false, :role_id => r_2.id, :sub_role_ids => [sr_2_1.id ] )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[0].id, :key => 'first_name', :en => 'Manager', :zh_tw => '管理員' )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => i_1.attribute_fields[1].id, :key => 'last_name', :en => 'Chen', :zh_tw => '陳' )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[0].id, :key => 'major', :en => 'Information management', :zh_tw => '信息化管理' )
+    AttributeValue.create( :user_id => user.id, :attribute_field_id => sr_2_1.attribute_fields[1].id, :key => 'department', :en => 'Computer Science', :zh_tw => '計算機科學' )
     
     
     ad_banner = AdBanner.new(:title => 'banner_1',:post_date => Date.today,:context=> "context",:ad_fx=>'zoom',:direct_to_after_click=>true)
diff --git a/vendor/built_in_modules/announcement/announcement.json b/vendor/built_in_modules/announcement/announcement.json
index 0751a0e7..b23ec572 100644
--- a/vendor/built_in_modules/announcement/announcement.json
+++ b/vendor/built_in_modules/announcement/announcement.json
@@ -1,5 +1,5 @@
 {
-	"title": "Announcement",
+	"title": "announcement",
   "version": "0.1",
   "organization": "Rulingcom",
   "author": "RD dep",
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
index ef7e1943..1ef3b300 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -1,9 +1,10 @@
-class Panel::Announcement::BackEnd::FactChecksController  < ApplicationController
+class Panel::Announcement::BackEnd::FactChecksController  < OrbitBackendController
+  before_filter :authenticate_user!
   layout 'admin'
   
   def index
     @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
-    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'check')
+    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
   end
   
   def new
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index 4e3dd186..d86b17ad 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -6,7 +6,7 @@ class BulletinCategory
   include OrbitCoreLib::ObjectAuthable
   
   ObjectAuthTitlesOptions = %W{preview fact_check}
-  
+  AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys'
   # include Mongoid::MultiParameterAttributes
   
   PAYMENT_TYPES = [ "List", "Picture" ]
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
index 2e0e7ddf..2cd097ed 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
@@ -5,13 +5,15 @@
 	<td><%= bulletin_category.i18n_variable[locale] rescue nil %></td>
 	<% end %>
 	<td><%= bulletin_category.display %></td>
-	<td>
-	<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category) %>  <br/ >
-	<% bulletin_category.object_auths.each do |obj_auth| %>
-		 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
-	<% end %>
-	</td>
-	<td>
+	<% if is_manager? %>
+		<td>
+		<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %>  <br/ >
+		<% bulletin_category.object_auths.each do |obj_auth| %>
+			 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
+		<% end %>
+		</td>
+		<td>
+	<% end %>	
 	<%= link_to t('bulletin_category.edit'), edit_panel_announcement_back_end_bulletin_category_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.quick_edit'), panel_announcement_back_end_bulletin_category_quick_edit_path(bulletin_category), :remote => true %> |
 	<%= link_to t('bulletin_category.delete'), panel_announcement_back_end_bulletin_category_path(bulletin_category), :confirm => t('announcement.sure?'), :method => :delete, :remote => true %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index fd2b29b5..26e8926c 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -1,4 +1,4 @@
-<%= render 'filter' %>
+]<%= render 'filter' %>
 <table id="bulettin_sort_list" class="table main-list">
 	<%= render 'bulletins' %>
 </table>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
index 65ebeb28..0f42ed4b 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -42,10 +42,14 @@
 <br />
 
 <h1><%= t('bulletin.list_announcement') %></h1>
-
+<div id="preview_block">
+	<h1>Preview</h1>
 	<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
-	
+</div>
+===================================================================================================================
+<div id="check_block">	
+	<h1>Check Please</h1>
 	<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
-
+</div>
 <br />
 
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index cc877749..b707437e 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -2,6 +2,7 @@ Rails.application.routes.draw do
   namespace :panel do
     namespace :announcement do
       namespace :back_end do
+        match 'public' => "announcements#public",:as => :public
         resources :fact_checks
         root :to => "bulletins#index"
         resources :bulletins
diff --git a/vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake b/vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake
deleted file mode 100644
index f097b1fa..00000000
--- a/vendor/built_in_modules/announcement/lib/tasks/announcement_tasks.rake
+++ /dev/null
@@ -1,4 +0,0 @@
-# desc "Explaining what the task does"
-# task :announcement do
-#   # Task goes here
-# end
diff --git a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb
index 769f4665..9bb61778 100644
--- a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb
+++ b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/comments_controller.rb
@@ -1,4 +1,4 @@
-class Panel::NewBlog::FrontEnd::CommentsController < ObitFrontendController
+class Panel::NewBlog::FrontEnd::CommentsController < OrbitFrontendController
   def create
     @post = Post.find(params[:post_id])
     @comment = @post.comments.create!(params[:comment])
diff --git a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb
index 1aeb34b2..48b0c1c5 100644
--- a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb
+++ b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/front_end/posts_controller.rb
@@ -1,4 +1,4 @@
-class Panel::NewBlog::FrontEnd::PostsController < ObitFrontendController
+class Panel::NewBlog::FrontEnd::PostsController < OrbitFrontendController
   # GET /posts
   # GET /posts.xml
   def index

From 2e58c63ff7d787eac3f92c10033fd3d63b5d690c Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Thu, 16 Feb 2012 13:57:28 +0800
Subject: [PATCH 11/13] fix bugs with token

---
 app/controllers/orbit_backend_controller.rb   |  1 -
 app/models/module_app.rb                      |  4 +++-
 app/models/object_auth.rb                     |  2 +-
 app/models/prototype_auth.rb                  |  5 ++---
 .../components/_user_role_management.html.erb |  3 ++-
 config/routes.rb                              |  2 +-
 lib/orbit_core_lib.rb                         | 22 +++++++++++++++++--
 .../_bulletin_category.html.erb               |  4 ++--
 8 files changed, 31 insertions(+), 12 deletions(-)

diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb
index 49505c8f..d3639ebe 100644
--- a/app/controllers/orbit_backend_controller.rb
+++ b/app/controllers/orbit_backend_controller.rb
@@ -10,7 +10,6 @@ class OrbitBackendController< ApplicationController
   def setup_vars
     @app_title = request.fullpath.split('/')[2]
     @module_app = ModuleApp.first(conditions: {:key => @app_title} )
-    
   end
   
   private
diff --git a/app/models/module_app.rb b/app/models/module_app.rb
index 7e5e23fd..7ad4ac1d 100644
--- a/app/models/module_app.rb
+++ b/app/models/module_app.rb
@@ -1,6 +1,7 @@
 class ModuleApp
   include Mongoid::Document
   include Mongoid::Timestamps
+  include OrbitCoreLib::ObjectTokenUnility
 
   field :key
 	field :title
@@ -14,7 +15,7 @@ class ModuleApp
   
   field :app_pages ,type: Array
   field :widgets ,type: Array
-  
+    
   has_many :managers,as: :managing_app ,:class_name => "AppManager" #,:dependent => :destroy,:foreign_key => "managing_app_id",:inverse_of => :managing_app
   has_many :sub_managers,as: :sub_managing_app ,:class_name => "AppManager"#, :dependent => :destroy,:foreign_key => "sub_managing_app_id",:inverse_of => :sub_managing_app
   
@@ -81,5 +82,6 @@ class ModuleApp
   def set_key
     self.key = self.title.underscore if self.title
   end
+
   
 end
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
index dab7acc7..f67f9984 100644
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@@ -1,5 +1,5 @@
 class ObjectAuth  < PrototypeAuth
-
+  include OrbitCoreLib::ObjectTokenUnility
   belongs_to :obj_authable, polymorphic: true
   # > - Something.find_with_auth(query)
   # > - or Something.find(query).auth
diff --git a/app/models/prototype_auth.rb b/app/models/prototype_auth.rb
index 6b22a1b3..666bc7a8 100644
--- a/app/models/prototype_auth.rb
+++ b/app/models/prototype_auth.rb
@@ -4,7 +4,6 @@ class PrototypeAuth
  # after_save :update_block_list,:update_privilage_list
   
   field :title
-  field :token
   field :all ,type: Boolean,default: false
   
   belongs_to :users
@@ -12,12 +11,13 @@ class PrototypeAuth
   has_and_belongs_to_many :blocked_users,  :inverse_of => nil, :class_name => "User"
   has_and_belongs_to_many :privilege_users,  :inverse_of => nil, :class_name => "User"
 
-
   has_and_belongs_to_many :roles
   has_and_belongs_to_many :sub_roles
   
   attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
 
+
+
   def add_role role
     add_operation(:roles,role)
   end
@@ -87,7 +87,6 @@ class PrototypeAuth
     auth_users_before_block_list - self.blocked_users
   end
   
- # protected
   
 
 end
\ No newline at end of file
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index 59307351..ed7c3476 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,5 +1,7 @@
 <div id="user_role_management">
 	<h1>User Role</h1>
+	All User
+
 	<%= form_tag(submit_url) do %>
 		<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add Role' %><br/>
@@ -10,7 +12,6 @@
 		<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
 		<%= submit_tag 'Add BlockedList' %><br/>
 	<% end %>
-	<ul>Roles </ul>
 	<% unless auth.nil? %>
 		<% auth.roles.each do |role| %>
 			<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
diff --git a/config/routes.rb b/config/routes.rb
index ba5acb0a..cd3921f0 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -16,7 +16,7 @@ PrototypeR4::Application.routes.draw do
     resources :app_auths 
     resources :object_auths  do
       collection do
-        match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init
+        match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
       end
       member do
         match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb
index 2520e04c..561fceba 100644
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@@ -31,12 +31,28 @@ module  OrbitCoreLib
     end
     
   end
+  module  ObjectTokenUnility
+    def self.included(base)
+      base.instance_eval("field :s_token")
+      base.instance_eval("after_create :generate_token")
+    end
+    
+    def token
+      return self.s_token
+    end
+    
+    protected
+     def generate_token
+       self.s_token = ActiveSupport::SecureRandom.hex(16)
+       self.save!
+     end
+  end
   
   module PermissionUnility
   private
     def check_permission(type = :use)
       permission_grant =  current_user.admin?? true : false
-      module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
+      module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
       unless permission_grant
         permission_grant = case type
         when :use
@@ -51,6 +67,8 @@ module  OrbitCoreLib
       end
       permission_grant
     end
-    
+    def find_module_app_by_token(token)
+      ModuleApp.first(conditions: {s_token: token})
+    end
   end
 end
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
index 2cd097ed..e834ec60 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/_bulletin_category.html.erb
@@ -7,9 +7,9 @@
 	<td><%= bulletin_category.display %></td>
 	<% if is_manager? %>
 		<td>
-		<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %>  <br/ >
+		<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,:token => @module_app.token) %>  <br/ >
 		<% bulletin_category.object_auths.each do |obj_auth| %>
-			 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth)  %><br />
+			 <%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth,:token => @module_app.token)  %><br />
 		<% end %>
 		</td>
 		<td>

From 8932615f0599f254ffde33ede5d39e1e2958708f Mon Sep 17 00:00:00 2001
From: Matthew Kaito Juyuan Fu <matthewfu.tw@gmail.com>
Date: Thu, 16 Feb 2012 14:59:26 +0800
Subject: [PATCH 12/13] add "all_user" for app&object auth

---
 app/controllers/admin/app_auths_controller.rb            | 5 ++++-
 app/controllers/admin/object_auths_controller.rb         | 5 ++++-
 .../admin/components/_user_role_management.html.erb      | 9 +++++++--
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/app/controllers/admin/app_auths_controller.rb b/app/controllers/admin/app_auths_controller.rb
index 56d0ae23..9e980e53 100644
--- a/app/controllers/admin/app_auths_controller.rb
+++ b/app/controllers/admin/app_auths_controller.rb
@@ -21,7 +21,10 @@ class Admin::AppAuthsController < ApplicationController
 
   def create
     app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id])
-    params[:new].each do |item|
+    auth_all = params[:auth_all] || false
+    app_auth.update_attribute(:all,auth_all)
+    new_array = params[:new] || []
+    new_array.each do |item|
       field = item[0]
       field_value = item[1]
       if field_value!=''
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index 573409b6..a7a8dc41 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -33,7 +33,10 @@ class Admin::ObjectAuthsController < ApplicationController
 
   def create_role
     object_auth = ObjectAuth.find(params[:id])
-    params[:new].each do |item|
+    auth_all = params[:auth_all] || false
+    object_auth.update_attribute(:all,auth_all)
+    new_array = params[:new] || []
+    new_array.each do |item|
       field = item[0]
       field_value = item[1]
       if field_value!=''
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index ed7c3476..99cd72d7 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,7 +1,12 @@
+<div id="open_for_all_user">
+	<h1>All User</h1>
+	<%= form_tag(submit_url) do %>
+	<%= check_box_tag 'auth_all',true,auth.all  %><%= submit_tag 'Add Role' %><br/>
+	<% end %>
+</div>
+
 <div id="user_role_management">
 	<h1>User Role</h1>
-	All User
-
 	<%= form_tag(submit_url) do %>
 		<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
 		<%= submit_tag 'Add Role' %><br/>

From cceb785a8ddbe2f608d45f3c11a44283ad3cef43 Mon Sep 17 00:00:00 2001
From: Matt Fu <matt@rulingcom.com>
Date: Fri, 17 Feb 2012 17:50:23 +0800
Subject: [PATCH 13/13] change view and action for announcement ,Lin checked. 
 Also add validation for object_auth make sure for each object,the object will
 be unique for each action.

---
 .../admin/module_apps_controller.rb           |  4 ++--
 .../admin/object_auths_controller.rb          |  9 ++++++--
 app/models/object_auth.rb                     |  1 +
 .../components/_user_role_management.html.erb |  2 +-
 lib/tasks/user.rake                           |  2 +-
 .../back_end/bulletins_controller.rb          |  7 ++++++-
 .../back_end/fact_checks_controller.rb        | 12 +++++++++--
 .../app/models/bulletin_category.rb           |  2 +-
 .../bulletin_categorys/index.html.erb         | 21 +++++++------------
 .../back_end/bulletin_categorys/new.html.erb  | 16 +++++++-------
 .../back_end/bulletins/edit.html.erb          |  2 +-
 .../back_end/bulletins/index.html.erb         |  2 +-
 .../back_end/bulletins/new.html.erb           |  3 +--
 .../back_end/bulletins/show.html.erb          | 10 ++++++---
 .../back_end/fact_checks/index.html.erb       | 19 ++---------------
 .../announcement/config/routes.rb             |  1 +
 16 files changed, 58 insertions(+), 55 deletions(-)

diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb
index 440f8100..13075a42 100644
--- a/app/controllers/admin/module_apps_controller.rb
+++ b/app/controllers/admin/module_apps_controller.rb
@@ -101,7 +101,7 @@ class Admin::ModuleAppsController < ApplicationController
     end
       #user is not permited to do that
       flash[:notice] = t('admin.app_auth.operation_not_permitted')
-      redirect_to :action => "edit"   # [TODO] maybe need to redirect to some other page
+      render :nothing => true, :status => 403 
   end
   
   
@@ -113,7 +113,7 @@ class Admin::ModuleAppsController < ApplicationController
     end
       #user is not permited to do that
       flash[:notice] = t('admin.app_auth.operation_not_permitted')
-      redirect_to :action => "edit"   # [TODO] maybe need to redirect to some other page
+      render :nothing => true, :status => 403 
   end
   
 end
\ No newline at end of file
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index a7a8dc41..58219acf 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -27,8 +27,13 @@ class Admin::ObjectAuthsController < ApplicationController
   
   def create
     obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id]
-    @object_auth=obj.object_auths.create :title=> params[:object_auth][:title]
-    redirect_to edit_admin_object_auth_path(@object_auth)
+    @object_auth=obj.object_auths.build :title=> params[:object_auth][:title]
+    if @object_auth.save
+      redirect_to edit_admin_object_auth_path(@object_auth)
+    else
+      flash[:error] = t('admin.object.a_object_must_have_only_one_object_auth_profile_for_each_action')
+      redirect_to (:back)
+    end
   end
 
   def create_role
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
index f67f9984..8932bb76 100644
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@@ -1,5 +1,6 @@
 class ObjectAuth  < PrototypeAuth
   include OrbitCoreLib::ObjectTokenUnility
+  validates_uniqueness_of :obj_authable_type,:scope => :title #{ |c| }
   belongs_to :obj_authable, polymorphic: true
   # > - Something.find_with_auth(query)
   # > - or Something.find(query).auth
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index 99cd72d7..cd9ca8ae 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,7 +1,7 @@
 <div id="open_for_all_user">
 	<h1>All User</h1>
 	<%= form_tag(submit_url) do %>
-	<%= check_box_tag 'auth_all',true,auth.all  %><%= submit_tag 'Add Role' %><br/>
+	<%= check_box_tag 'auth_all',true,(auth.all rescue true)  %><%= submit_tag 'Add Role' %><br/>
 	<% end %>
 </div>
 
diff --git a/lib/tasks/user.rake b/lib/tasks/user.rake
index 31ed7c24..5189ee14 100644
--- a/lib/tasks/user.rake
+++ b/lib/tasks/user.rake
@@ -5,7 +5,7 @@ namespace :user do
     User.all(conditions: {email: /nor/}).destroy_all
     
     username_list = %w{nor1 nor2 nor3 nor4 nor5 nor6 nor7}
-    userfirstname_list_en = %w{ One Two Thre For Fiv Six Sen }
+    userfirstname_list_en = %w{ UserOne UserTwo Thre For Fiv Six Sen }
     userlastname_list_en = %w{ Aa Bb Cc Dd Ee Ff Gg }
     
     userfirstname_list_ct = %w{  一一 二二 三三 四四 五五 六六 七七 }
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
index 6f4c1b7b..53cc5f3d 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@@ -145,7 +145,12 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
   protected
   
   def get_categorys(id = nil)
-    @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
+    @bulletin_categorys = []
+    if(is_manager? || is_admin?)
+      @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
+    elsif is_sub_manager?
+      @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
+    end
   end
 
   def get_sorted_bulletins
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
index 1ef3b300..dd471958 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -1,10 +1,18 @@
 class Panel::Announcement::BackEnd::FactChecksController  < OrbitBackendController
   before_filter :authenticate_user!
+  include AdminHelper
   layout 'admin'
   
   def index
-    @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
-    @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
+    @bulletin_categorys_submit_new = []
+    @bulletin_categorys_check =[]
+    if is_admin? || is_manager?
+      #@bulletin_categorys_submit_new = BulletinCategory.all
+      @bulletin_categorys_check = BulletinCategory.all
+    # elsif is_sub_manager?
+    #   @bulletin_categorys_submit_new = BulletinCategory.authed_for_user(current_user,'submit_new')
+    #   @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
+    end
   end
   
   def new
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index d86b17ad..7daaf6db 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -5,7 +5,7 @@ class BulletinCategory
   include Mongoid::Timestamps
   include OrbitCoreLib::ObjectAuthable
   
-  ObjectAuthTitlesOptions = %W{preview fact_check}
+  ObjectAuthTitlesOptions = %W{submit_new fact_check}
   AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys'
   # include Mongoid::MultiParameterAttributes
   
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
index 87a2993c..87b30a04 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
@@ -1,22 +1,17 @@
 <% content_for :secondary do %>
-<br />
-<br />
-<br />
-<br />
-<br />
-  <ul class="list">
-	  <li><%#= link_to t('bulletin_category.new_announcement_class'), new_panel_announcement_back_end_bulletin_category_path, :class => 'seclink1' %></li>
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
 
+<br />
+<br />
+<br />
+<br />
+<br />
+
 <h1><%= t('bulletin_category.list_announcement_class') %></h1>
-<br />
-<br />
-<br />
-<br />
-<br />
+
 <table id="bulletin_categorys">
   <tr>
     <th><%= t('bulletin_category.key') %></th>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
index 5f8d064b..296afb09 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
@@ -1,15 +1,15 @@
-<br />
-<br />
-<br />
-<br />
-
 <% content_for :secondary do %>
-  <ul class="list">
-	  <li><%= link_to t('bulletin_category.index'), panel_announcement_back_end_bulletin_categorys_path, :class => 'seclink2' %></li>
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
+
+<br />
+<br />
+<br />
+<br />
+<br />
+
 <h1><%= t('bulletin_category.new_announcement_class') %></h1>
 <%= form_for @bulletin_category, :url => panel_announcement_back_end_bulletin_categorys_path do |f| %>
 	<%= render :partial => 'form', :locals => {:f => f} %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
index 345a60a9..56cfd258 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
@@ -4,4 +4,4 @@
 	<%= render :partial => 'form', :locals => {:f => f} %>
 <% end %>
 
-<%= link_back %>
\ No newline at end of file
+<%= link_back %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index 26e8926c..fd2b29b5 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -1,4 +1,4 @@
-]<%= render 'filter' %>
+<%= render 'filter' %>
 <table id="bulettin_sort_list" class="table main-list">
 	<%= render 'bulletins' %>
 </table>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
index ab0191ab..74e1291a 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
@@ -1,6 +1,5 @@
-
 <%= form_for @bulletin, :url => panel_announcement_back_end_bulletins_path do |f| %>
 	<%= render :partial => 'form', :locals => {:f => f} %>
 <% end %>
 
-<%= link_back %>
\ No newline at end of file
+<%= link_back %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
index f02d9156..7b886e77 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
@@ -1,10 +1,14 @@
-<% # encoding: utf-8 %>
+<% content_for :secondary do %>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
+<% end -%>
+
+<%= flash_messages %>
 
 <br />
 <br />
 <br />
-
-<p id="notice"><%= flash_messages %></p>
+<br />
+<br />
 
 <ul>
 	<li>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
index 0f42ed4b..6f878b06 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -1,16 +1,5 @@
 <% content_for :secondary do %>
-<br />
-<br />
-<br />
-<br />
-<br />
-  <ul class="list">
-	  <li><%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %></li>
-	  <li><%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %></li>
-	  <li><%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %></li>
-	  <li><%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %></li>
-	
-  </ul>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
 <% end -%>
 
 <%= flash_messages %>
@@ -42,11 +31,7 @@
 <br />
 
 <h1><%= t('bulletin.list_announcement') %></h1>
-<div id="preview_block">
-	<h1>Preview</h1>
-	<%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
-</div>
-===================================================================================================================
+
 <div id="check_block">	
 	<h1>Check Please</h1>
 	<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index b707437e..78425f33 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -4,6 +4,7 @@ Rails.application.routes.draw do
       namespace :back_end do
         match 'public' => "announcements#public",:as => :public
         resources :fact_checks
+        match 'list_mine' => "announcements#list_mine"
         root :to => "bulletins#index"
         resources :bulletins
         resources :bulletin_categorys, :controller => 'bulletin_categorys' do