Make the filter for authorisation easier for developers

This commit is contained in:
chris 2013-08-22 12:17:50 +08:00
parent 4078d426a6
commit ec40591489
2 changed files with 110 additions and 20 deletions

View File

@ -144,36 +144,126 @@ module OrbitCoreLib
def self.included(base) def self.included(base)
base.class_eval do base.class_eval do
before_filter :can_use before_filter :can_use
send :include, InstanceMethods
end end
base.extend(ClassMethods)
end end
def setup_vars module ClassMethods
@app_title ||= controller_path.split('/')[1].singularize protected
@module_app ||= ModuleApp.first(conditions: {:key => @app_title} )
# raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil? def open_for_admin(arg = nil)
if arg
key = arg.shift
prepend_before_filter key[0] => key[1] {|f| f.open_for :admin}
else
prepend_before_filter {|f| f.open_for :admin}
end
end
def open_for_manager(arg = nil)
if arg
key = arg.shift
prepend_before_filter key[0] => key[1] {|f| f.open_for :manager}
else
prepend_before_filter {|f| f.open_for :manager}
end
end
def open_for_sub_manager(arg = nil)
if arg
key = arg.shift
prepend_before_filter key[0] => key[1] {|f| f.open_for :sub_manager}
else
prepend_before_filter {|f| f.open_for :sub_manager}
end
end
def open_for_approver(arg = nil)
if arg
key = arg.shift
prepend_before_filter key[0] => key[1] {|f| f.open_for :approver}
else
prepend_before_filter {|f| f.open_for :approver}
end
end
def open_for_visitor(arg = nil)
if arg
key = arg.shift
prepend_before_filter key[0] => key[1] {|f| f.open_for :visitor}
else
prepend_before_filter {|f| f.open_for :visitor}
end
end
end end
private module InstanceMethods
protected
def can_use def can_use
unless @override_can_use if @user_type
check_backend_openness if @public @user_type.each do |user_type|
setup_vars open = false
set_current_user visitor = false
unless @public case user_type
when :admin
open ||= check_admin
when :manager
open ||= check_manager
when :sub_manager
open ||= check_sub_manager
when :approver
open ||= check_sub_manager
when :visitor
open ||= true
visitor ||= true
end
check_backend_openness if visitor
setup_vars
set_current_user
authenticate_user! unless visitor
redirect_to root_url unless open
end
else
setup_vars
set_current_user
authenticate_user! authenticate_user!
check_user_can_use check_user_can_use
end end
end end
end
def set_public def check_admin
@public = true current_or_guest_user.admin?
end end
def check_user_can_use def check_manager
unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user) check_admin || @module_app.is_manager?(current_or_guest_user)
redirect_to root_url end
def check_sub_manager
check_admin || check_manager || @module_app.is_sub_manager?(current_or_guest_user)
end
def check_approver
check_admin || check_manager || @module_app.can_approve?(current_or_guest_user)
end
def open_for(var)
@user_type ||= []
@user_type << var
end
def check_user_can_use
unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user)
redirect_to root_url
end
end
def setup_vars
@app_title ||= controller_path.split('/')[1].singularize
@module_app ||= ModuleApp.first(conditions: {:key => @app_title} )
# raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil?
end end
end end
end end

View File

@ -3,7 +3,7 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
before_filter :clean_values, :only => [:create, :update] before_filter :clean_values, :only => [:create, :update]
prepend_before_filter :set_public, :only => [:index, :show, :get_sorted_and_filtered_bulletins] open_for_visitor :only => [:index, :show, :get_sorted_and_filtered_bulletins]
before_filter :only => [ :new, :create, :edit, :update ] do |controller| before_filter :only => [ :new, :create, :edit, :update ] do |controller|
@categories = get_categories_for_form @categories = get_categories_for_form