orbit-basic/lib/orbit_core_lib.rb

57 lines
2.0 KiB
Ruby

module OrbitCoreLib
module ObjectAuthable
def self.included(base)
base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
base.define_singleton_method :authed_for_user do |user,title = nil|
sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
if title.nil?
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
else
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
end
query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id)
result = (query1 + query2).uniq
result.collect{|t| t.obj_authable}
end
end
def authed_users(title=nil)
users = []
unless title.nil?
users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue []
else
users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue []
users.flatten!.uniq!
end
users
end
end
module PermissionUnility
private
def check_permission(type = :use)
permission_grant = current_user.admin?? true : false
module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
unless permission_grant
permission_grant = case type
when :use
users_ary = module_app.app_auth.auth_users rescue nil
users_ary = [] if users_ary.nil?
(users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user))
when :manager
module_app.is_manager?(current_user)
when :sub_manager
module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)
end
end
permission_grant
end
end
end