class Admin::ModuleAppsController < ApplicationController before_filter :user_has_manager_privilege?, :only => [ :assign_manager, :remove_manager ] before_filter :user_has_sub_manager_privilege?, :only => [ :assign_sub_manager, :remove_sub_manager ] layout "new_admin" def index @module_apps = ModuleApp.all.entries end def reload_frontend_pages @categories =[] @module_app = ModuleApp.find(params[:id]) @frontend_path = @module_app.widgets.keys[0] if ( !@module_app.widgets.blank? && @module_app.widgets[0].blank? ) @frontend_style = @module_app.widgets[@frontend_path] if ( !@frontend_path.blank? ) case @module_app.key when 'announcement' @categories = BulletinCategory.all @tags = AnnouncementTag.all when 'news' @categories = NewsBulletinCategory.all @tags = NewsTag.all when 'web_resource' @categories = WebLinkCategory.all @tags = WebResourceTag.all end respond_to do |format| format.js {} end end def module_auth_proc @module_app = ModuleApp.find(params[:id]) end def edit @module_app = ModuleApp.find(params[:id]) end def show @module_app = ModuleApp.find(params[:id]) end def update @module_app = ModuleApp.find(params[:id]) unless params['module_app']['enable_frontend'].nil? @module_app.update_attribute('enable_frontend',params['module_app']['enable_frontend']) @module_app.save! end @attribute = @module_app respond_to do |format| format.html { redirect_to :action => :index } format.js { render 'admin/attributes/toggle_enable' } end end def assign_sub_manager unless @assign_to_user.nil? || @assign_to_user.admin? if @module_app.assign_sub_manager(@assign_to_user,current_user) flash[:notice] = t('admin.app_auth.assigning_manager.add_sub_manager_ok') else flash[:notice] = t('admin.app_auth.assigning_manager.add_sub_manager_fail') end else flash[:notice] = t('admin.app_auth.assigning_manager.failed_no_user') end flash[:notice] = t('admin.app_auth.can_not_add_this_user') redirect_to :action => "edit" end def assign_manager unless @assign_to_user.nil? || @assign_to_user.admin? if @module_app.assign_manager(@assign_to_user,current_user) flash[:notice] = t('admin.app_auth.assigning_sub_manager.add_manager_ok') else flash[:notice] = t('admin.app_auth.assigning_sub_manager.add_manager_fail') end else flash[:notice] = t('admin.app_auth.assigning_sub_manager.failed_no_user') end flash[:notice] = t('admin.app_auth.can_not_add_this_user') redirect_to :action => "edit" end def remove_manager @app_manager = AppManager.find(params[:app_manager_id]) if @module_app.remove_manager(@app_manager.user) flash[:notice] = t('admin.app_auth.delete_manager.success') else flash[:notice] = t('admin.app_auth.delete_manager.fail') end redirect_to :action => "edit" end def remove_sub_manager @app_sub_manager = AppManager.find(params[:app_sub_manager_id]) if @module_app.remove_sub_manager(@app_sub_manager.user) flash[:notice] = t('admin.app_auth.delete_sub_manager.success') else flash[:notice] = t('admin.app_auth.delete_sub_manager.fail') end redirect_to :action => "edit" end private def user_has_manager_privilege? @module_app = ModuleApp.find(params[:id]) @assign_to_user = User.find params[:manager][:id] rescue nil if current_user.admin? #only admin can assign app's manager return end #user is not permited to do that flash[:notice] = t('admin.app_auth.operation_not_permitted') render :nothing => true, :status => 403 end def user_has_sub_manager_privilege? @module_app = ModuleApp.find(params[:id]) @assign_to_user = User.find params[:sub_manager][:id] rescue nil if current_user.admin? || @module_app.managing_users.include?(current_user) #admin or app's manager can assign app's subanager return end #user is not permited to do that flash[:notice] = t('admin.app_auth.operation_not_permitted') render :nothing => true, :status => 403 end end