class Admin::AuthorizationsController < OrbitBackendController before_filter :admin_or_manager def index @module_apps ||= ModuleApp.where(is_authorizable: true).order_by([:title, :asc]) if @module_apps && @module_apps.include?(@module_app) case @type when 'category' type = 'submit' when 'approval' type = 'fact_check' else @users = @module_app.managing_users end if type if @module_app.has_category @categories = @module_app.categories unless @categories.blank? @category ||= @categories.first @users = @category.get_object_auth_by_title("#{type}_#{@module_app.key}").auth_users else @error = t(:no_category) end else @error = t(:no_category) end end elsif @module_apps @module_app = @module_apps.first redirect_to admin_authorizations_url(@module_app.key) else redirect_to :root end end def add(users) unless users.blank? case @type when 'category' type = 'submit' when 'approval' type = 'fact_check' else add_managers(users) unless users.blank? end if type if @category object_auth = @category.get_object_auth_by_title("#{type}_#{@module_app.key}") add_users_to_object_auth(object_auth, users) else @error = t(:no_category) end end end @users = users render 'admin/authorizations/insert_users' end def add_users users = User.find(params[:user_ids]) rescue [] add(users) end def add_roles roles = Role.find(params[:role_ids]) rescue [] users = roles.inject([]) do |users, role| users += role.users.all.entries users end add(users) end def modal_select existing_users = User.find(params[:ids]) rescue [] roles = Role.all case @type when 'category', 'approval' @category_id = @category.id if @category @sorted_users = roles.inject({}) do |users, role| users[role] = role.users.where(admin: false).not_guest_user - existing_users - @module_app.managing_users users end else @sorted_users = roles.inject({}) do |users, role| users[role] = role.users.where(admin: false).not_guest_user - existing_users users end end end def remove_users @users = User.find(params[:ids]) rescue [] unless @users.blank? case @type when 'category' type = 'submit' when 'approval' type = 'fact_check' else remove_managers(@users) end if type object_auth = @category.get_object_auth_by_title("#{type}_#{@module_app.key}") remove_users_form_object_auth(object_auth, @users) end end render 'admin/authorizations/remove_users' end protected def add_managers(users) users.each do |user| @module_app.assign_manager(user, current_user) end end def add_users_to_object_auth(object_auth, users) users.each do |user| object_auth.add_user_to_privilege_list(user) end end def remove_managers(users) users.each do |user| @module_app.remove_manager(user) end end def remove_users_form_object_auth(object_auth, users) users.each do |user| object_auth.remove_user_from_privilege_list(user) end end private def admin_or_manager setup_vars authenticate_user! user_is_manager? end def setup_vars @module_app = ModuleApp.first(conditions: {:key => params[:module]} ) if params[:module] @category = Category.find(params[:category]) rescue nil @type = params[:type] end def user_is_manager? unless is_admin? @module_apps = current_user.managed_module_apps redirect_to :root if @module_apps.blank? end end end