From 82d78acbadbe198dd8583daf5bca9317af76831c Mon Sep 17 00:00:00 2001 From: "Matthew K. Fu JuYuan" Date: Tue, 15 May 2012 18:55:16 +0800 Subject: [PATCH] First version of app and object auth for web_resource module. Basic fund is ok. backend need to be secued --- app/controllers/orbit_backend_controller.rb | 2 ++ app/helpers/admin/ad_banner_helper.rb | 8 +++----- app/helpers/admin/web_link_helper.rb | 11 +++++++++++ app/helpers/application_helper.rb | 4 ++++ app/models/object_auth.rb | 4 +--- .../admin/ad_banners/_ad_banner_tab.html.erb | 2 +- app/views/layouts/_side_bar.html.erb | 7 ++++--- lib/orbit_core_lib.rb | 4 ++++ .../web_resource/back_end/web_links_controller.rb | 4 ++-- .../web_resource/app/models/web_link_category.rb | 11 ++++++++++- .../_web_link_category.html.erb | 15 +++++++++------ .../back_end/web_link_categorys/index.html.erb | 2 +- .../back_end/web_links/_web_link.html.erb | 2 ++ 13 files changed, 54 insertions(+), 22 deletions(-) create mode 100644 app/helpers/admin/web_link_helper.rb diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb index cfa46847..e27e5b00 100644 --- a/app/controllers/orbit_backend_controller.rb +++ b/app/controllers/orbit_backend_controller.rb @@ -1,6 +1,8 @@ class OrbitBackendController< ApplicationController before_filter :force_order,:except => [:public] before_filter :setup_vars + before_filter :set_current_user + # before_filter {|c| c.front_end_available(@app_title)} # before_filter :check_user_can_use include OrbitCoreLib::PermissionUnility diff --git a/app/helpers/admin/ad_banner_helper.rb b/app/helpers/admin/ad_banner_helper.rb index bfebc1b9..ecba9b3b 100644 --- a/app/helpers/admin/ad_banner_helper.rb +++ b/app/helpers/admin/ad_banner_helper.rb @@ -16,8 +16,8 @@ module Admin::AdBannerHelper end def show_ad_banner_permission_link(ad_banner) - type = 'edit' - oa = ad_banner.get_object_auth_by_title(type) + type = 'edit' + oa = ad_banner.get_object_auth_by_title(type) if oa.nil? ad_banner.object_auths.new(title: type ).save oa = ad_banner.get_object_auth_by_title(type) @@ -26,8 +26,6 @@ module Admin::AdBannerHelper link_to t('admin.ad.cate_auth'),admin_object_auth_ob_auth_path(oa),:class => "btn btn-warning" end - def at_least_module_manager - is_manager? || is_admin? - end + end \ No newline at end of file diff --git a/app/helpers/admin/web_link_helper.rb b/app/helpers/admin/web_link_helper.rb new file mode 100644 index 00000000..813bc48c --- /dev/null +++ b/app/helpers/admin/web_link_helper.rb @@ -0,0 +1,11 @@ +module Admin::WebLinkHelper + def show_web_link_permission_link(web_link) + type = 'edit' + oa = web_link.get_object_auth_by_title(type) + if oa.nil? + web_link.object_auths.new(title: type ).save + oa = web_link.get_object_auth_by_title(type) + end + link_to t('admin.web_link.cate_auth'),admin_object_auth_ob_auth_path(oa) + end +end \ No newline at end of file diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 5f693965..445a3a49 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -196,4 +196,8 @@ module ApplicationHelper display_visitors(created_at: {'$gte' => Date.today.beginning_of_year, '$lte' => Date.today.end_of_year}) end + def at_least_module_manager + is_manager? || is_admin? + end + end diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb index 0ac3de41..d5cc48de 100644 --- a/app/models/object_auth.rb +++ b/app/models/object_auth.rb @@ -11,9 +11,7 @@ class ObjectAuth < PrototypeAuth end def check_user_has_app_auth -debugger - a=1 - sub_managing_users = auth_obj.app_auth.sub_managing_users + sub_managing_users = auth_obj.app_auth.sub_managing_users rescue [] app_auth = auth_obj.app_auth self.auth_users.each do |auth_user| if !sub_managing_users.include? auth_user && !auth_user.admin? diff --git a/app/views/admin/ad_banners/_ad_banner_tab.html.erb b/app/views/admin/ad_banners/_ad_banner_tab.html.erb index a9e07ec2..56fd09a1 100644 --- a/app/views/admin/ad_banners/_ad_banner_tab.html.erb +++ b/app/views/admin/ad_banners/_ad_banner_tab.html.erb @@ -15,7 +15,7 @@ <% end -%>

<%= t("admin.ad.picture_list")%>

- <%if at_least_module_manager || sub_manager?(ad_banner_tab)%> + <%if (at_least_module_manager || ad_banner_tab.cur_user_is_sub_manager_of(:edit) )%> <%= content_tag :div ,:class=>'adbanner-action' do%> <%= link_to t("admin.ad.new_image"),new_admin_ad_banner_ad_image_path(ad_banner_tab) ,:class => "btn btn-primary"%> <%= link_to t("modal.preview"), admin_realtime_preview_ad_banner_path(ad_banner_tab.id) , :class=>'preview_trigger btn btn-success'%> diff --git a/app/views/layouts/_side_bar.html.erb b/app/views/layouts/_side_bar.html.erb index c1c16879..e2c3a9ed 100644 --- a/app/views/layouts/_side_bar.html.erb +++ b/app/views/layouts/_side_bar.html.erb @@ -54,17 +54,18 @@ <%#= content_tag :li, link_to(t('admin.ad.all_banners'), admin_ad_banners_path), :class => active_for_action('ad_banners', 'index') %> <%#= content_tag :li, link_to(t('admin.ad.new_banner'), new_admin_ad_banner_path), :class => active_for_action('ad_banners', 'new') %> <%#= content_tag :li, link_to(t('admin.ad.new_image'), new_ad_image_admin_ad_banners_path), :class => active_for_action('ad_images', 'new') %> - <%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "ad_banners"}))), :class => active_for_app_auth('ad_banners') if (is_admin? rescue nil) %> + <%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "ad_banners"}))), :class => active_for_app_auth('ad_banners') if (is_admin? rescue nil) %> <% end -%> <% end %> -<%= content_tag :li, :class => active_for_controllers('web_links', '/panel/web_resource/back_end/tags', 'web_link_categorys') do -%> +<%= content_tag :li, :class => active_for_controllers('web_links', '/panel/web_resource/back_end/tags', 'web_link_categorys') || active_for_app_auth('web_resource') do -%> <%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.link'), panel_web_resource_back_end_web_links_path %> <%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('web_links', '/panel/web_resource/back_end/tags', 'web_link_categorys')) do -%> <%= content_tag :li, link_to(t('admin.all_articles'), panel_web_resource_back_end_web_links_path), :class => active_for_action('web_links', 'index') %> <%= content_tag :li, link_to(t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path), :class => active_for_action('web_links', 'new') %> <%= content_tag :li, link_to(t('announcement.categories'), panel_web_resource_back_end_web_link_categorys_path), :class => active_for_action('web_link_categorys', 'index') %> <%= content_tag :li, link_to(t('announcement.tags'), panel_web_resource_back_end_tags_path), :class => active_for_action('/panel/web_resource/back_end/tags', 'index') %> + <%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "web_resource"}))), :class => active_for_app_auth('web_resource') if (is_admin? rescue nil) %> <% end -%> <% end -%> @@ -75,4 +76,4 @@ <%= content_tag :li, link_to(t('admin.categories'), admin_asset_categories_path), :class => active_for_action('asset_categories', 'index') %> <%= content_tag :li, link_to(t('admin.tags'), admin_asset_tags_path), :class => active_for_action('/admin/asset_tags', 'index') %> <% end -%> -<% end -%> \ No newline at end of file +<% end -%> diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb index a6c9917f..ad4f6756 100644 --- a/lib/orbit_core_lib.rb +++ b/lib/orbit_core_lib.rb @@ -19,6 +19,10 @@ module OrbitCoreLib end + def cur_user_is_sub_manager_of(title) + authed_users(title).include?(User.current) + end + def app_auth ModuleApp.first(conditions: {:title => self.class::APP_NAME} ) end diff --git a/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/back_end/web_links_controller.rb b/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/back_end/web_links_controller.rb index 69aa8c1a..323b92fc 100644 --- a/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/back_end/web_links_controller.rb +++ b/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/back_end/web_links_controller.rb @@ -1,7 +1,7 @@ class Panel::WebResource::BackEnd::WebLinksController < OrbitBackendController - before_filter :authenticate_user! - before_filter :is_admin? + # before_filter :for_app_manager,:except => [:index,:show] + # before_filter :for_app_sub_manager def index diff --git a/vendor/built_in_modules/web_resource/app/models/web_link_category.rb b/vendor/built_in_modules/web_resource/app/models/web_link_category.rb index c2a95f4b..f9ef5989 100644 --- a/vendor/built_in_modules/web_resource/app/models/web_link_category.rb +++ b/vendor/built_in_modules/web_resource/app/models/web_link_category.rb @@ -3,12 +3,21 @@ class WebLinkCategory include Mongoid::Document include Mongoid::Timestamps + include OrbitCoreLib::ObjectAuthable + # include Mongoid::MultiParameterAttributes - + AfterObjectAuthUrl = '/panel/page_content/back_end/page_contexts' + APP_NAME = 'web_resource' + ObjectAuthTitlesOptions = %W{edit} + field :key has_one :i18n_variable, :as => :language_value, :autosave => true, :dependent => :destroy has_many :web_links + def pp_object + i18n_variable[I18n.locale] + end + end \ No newline at end of file diff --git a/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/_web_link_category.html.erb b/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/_web_link_category.html.erb index 9d43b94c..b17e634b 100644 --- a/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/_web_link_category.html.erb +++ b/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/_web_link_category.html.erb @@ -3,12 +3,15 @@ <%= web_link_category.key %> -
- -
+ <%if at_least_module_manager %> +
+ +
+ <% end -%> <% @site_valid_locales.each do |locale| %> <%= web_link_category.i18n_variable[locale] rescue nil %> diff --git a/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/index.html.erb b/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/index.html.erb index 87defb11..4a2e8c59 100644 --- a/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/index.html.erb +++ b/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_link_categorys/index.html.erb @@ -34,6 +34,6 @@ -
<%= render :partial => "form" %>
+
<%= render :partial => "form" if at_least_module_manager%>
diff --git a/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_links/_web_link.html.erb b/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_links/_web_link.html.erb index 457a05a8..f7d70250 100644 --- a/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_links/_web_link.html.erb +++ b/vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_links/_web_link.html.erb @@ -24,8 +24,10 @@ <%= link_to web_link.name[I18n.locale], panel_web_resource_back_end_web_link_path(web_link) %>