class Admin::ObjectAuthsController < ApplicationController layout "admin" before_filter :authenticate_user! # before_filter :is_admin? ,:only => :index def index # if current_user.admin? @object_auths = ObjectAuth.all # else # @module_apps = current_user.managing_apps.collect{|t| t.managing_app} # end end def new obj = eval(params[:type]).find params[:obj_id] @object_auth=obj.object_auths.build respond_to do |format| format.html # new.html.erb format.xml { render :xml => @post } end end def create obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id] @object_auth=obj.object_auths.create :title=> params[:object_auth][:title] redirect_to edit_admin_object_auth_path(@object_auth) end def create_role object_auth = ObjectAuth.find(params[:id]) params[:new].each do |item| field = item[0] field_value = item[1] if field_value!='' case field when 'role' object_auth.send("add_#{field}",(Role.find field_value)) rescue nil when 'sub_role' object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil when 'privilege_user' object_auth.add_user_to_privilege_list (User.find field_value) rescue nil when 'blocked_user' object_auth.add_user_to_black_list (User.find field_value) rescue nil end end end redirect_to edit_admin_object_auth_path(object_auth) end def remove_role object_auth = ObjectAuth.find(params[:id]) type = params[:type] field_value = params[:target_id] if field_value!='' case type when 'role' object_auth.remove_role(Role.find field_value) rescue nil when 'sub_role' object_auth.remove_sub_role(SubRole.find field_value) rescue nil when 'privilege_user' object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil when 'blocked_user' object_auth.remove_user_from_black_list (User.find field_value) rescue nil end end redirect_to edit_admin_object_auth_path(object_auth) end def edit @object_auth = ObjectAuth.find(params[:id]) end end