orbit-basic/app/controllers/admin/object_auths_controller.rb

class Admin::ObjectAuthsController < ApplicationController
  layout "admin"
  before_filter :authenticate_user!
#  before_filter :is_admin? ,:only => :index
  
  def index
    # if current_user.admin?
      @object_auths = ObjectAuth.all
    # else
    #       @module_apps = current_user.managing_apps.collect{|t| t.managing_app}
    #     end
  end
  
  def new
    obj = eval(params[:type]).find params[:obj_id]
    @object_auth=obj.object_auths.build
    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @post }
    end
  end
  
  def create
    obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id]
    @object_auth=obj.object_auths.create :title=> params[:object_auth][:title]
    redirect_to edit_admin_object_auth_path(@object_auth)
  end

  def create_role
    object_auth = ObjectAuth.find(params[:id])
    params[:new].each do |item|
      field = item[0]
      field_value = item[1]
      if field_value!=''
        case field
        when 'role'
          object_auth.send("add_#{field}",(Role.find field_value)) rescue nil
        when 'sub_role'
          object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
        when 'privilege_user'
          object_auth.add_user_to_privilege_list (User.find field_value) rescue nil
        when 'blocked_user'  
          object_auth.add_user_to_black_list (User.find field_value) rescue nil
        end
      end
    end
    redirect_to edit_admin_object_auth_path(object_auth)
   end
  
  def remove_role
    object_auth = ObjectAuth.find(params[:id])
         type = params[:type]
         field_value = params[:target_id]
         if field_value!=''
           case type
           when 'role'
             object_auth.remove_role(Role.find field_value) rescue nil
           when 'sub_role'
             object_auth.remove_sub_role(SubRole.find field_value) rescue nil
           when 'privilege_user'
             object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
           when 'blocked_user'  
             object_auth.remove_user_from_black_list (User.find field_value) rescue nil
           end
         end
       redirect_to edit_admin_object_auth_path(object_auth)
  end

  def edit
    @object_auth = ObjectAuth.find(params[:id])
  end
  


end