orbit4-5/lib/orbit_core_lib.rb

module  OrbitCoreLib
  module Preview
    def self.included(base)

      # base.instance_eval("field :is_preview,type: Boolean,:default => false")
      # base.instance_eval("scope :not_preview,where(:is_preview=>false)")
      base.class_eval ("
        def to_preview
          raise 'Developer,please override to_preview method'  
        end
      ")
    end
  end

  module ObjectDisable
     def self.included(base)

      base.instance_eval("field :disable,type: Boolean,:default => false")
      base.instance_eval("scope :all, ->{ where(:disable.in => [false, nil, '']) }")
      base.instance_eval("scope :admin_manager_all, ->{ find(:all) }")
      
      base.define_singleton_method :find do |*args|
        if args ==[:all]
          unscoped
        else
          res = unscoped.find(args) 
          res.count == 1 ? res[0] : res
        end
      end

      base.define_singleton_method :first do |*args|
        all.first
      end

      base.define_singleton_method :last do |*args|
        all.last
      end

    end
  end
  # module  ObjectAuthable
  #   def self.included(base)
  #     base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
      
  #     base.define_singleton_method :authed_for_user do |user,title = nil|
  #       sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
  #       if title.nil?
  #         auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
  #       else
  #         auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
  #       end
  #       query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
  #       query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id}).excludes(blocked_user_ids: user.id)
  #       # query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role_ids}).excludes(blocked_user_ids: user.id) #save for backup if something went wrong (0626 Matt)

  #       result = (query1 + query2).uniq
  #       result.collect{|t| t.obj_authable}.delete_if{|val| val==nil}
  #     end
        
  #   end
    
  #   def cur_user_is_sub_manager_of(title)
  #      authed_users(title).include?(User.current)
  #   end 

  #   def module_app
  #      ModuleApp.first(conditions: {:title => self.class::APP_NAME} )
  #   end

  #   def pp_object
  #     "Object Auth method 'pp_object' need to be defined for class #{self.class}"
  #   end
    
  #   def get_object_auth_by_title(title)
  #     oa = self.object_auths.where({title: title }).first
  #     if oa.nil? #&& (self.class::ObjectAuthTitlesOptions.include? title)
  #       oa =  self.object_auths.create title: title
  #     end
  #     oa
  #   end
    
  #   def authed_users(title=nil)
  #     users = []
  #     users = case title
  #     when :all
  #        ary = self.object_auths.collect{|t| t.auth_users}
  #        ary.flatten!
  #     when nil
  #       if self.object_auths.count ==1 
  #         self.object_auths.first.auth_users_after_block_list rescue []
  #         else
  #           logger.info "Warning calling a auth commend without specificed value( has multi-auths ), return empty"
  #           []
  #         end
  #     else
  #       get_object_auth_by_title(title).auth_users rescue []
  #     end
  #     users
  #   end
    
  # end
  module  ObjectTokenUtility
    def self.included(base)
      base.instance_eval("field :s_token")
      base.instance_eval("after_create :generate_token")
    end
    
    def token
      return self.s_token
    end
    
    protected
     def generate_token
       self.s_token = SecureRandom.hex(16)
       self.save!
     end
  end

  module Authorize
    def self.included(base)
      base.class_eval do
        before_filter :can_use
        send :include, InstanceMethods
      end
    end

    module InstanceMethods
      protected
      def can_use
        @app_title ||= controller_path.split('/')[1].singularize rescue nil
        @module_app ||= ModuleApp.find_by(key: @app_title) rescue nil
        @module_authorized_users ||= Authorization.module_authorized_users(@module_app.id).pluck(:user_id) rescue nil
        authenticate_user
        check_user_can_use
      end

      def check_user_can_use
        # condition_check = ((current_user.is_admin? if current_user.present?) || (current_user.is_manager?(@module_app) if current_user.present?) || (current_user.is_sub_manager?(@module_app) if current_user.present?) || (current_user.is_manager_with_role?(@module_app) if current_user.present?))
        # if condition_check.eql?(true)
        #   # redirect_to admin_dashboards_url
        # elsif condition_check.eql?(false)
        #   render "public/401" , layout: "back_end"
        # end
        permissions = {}
        @module_app.get_registration.get_side_bar.get_context_links.each do |link|
          l = (Rails.application.routes.url_helpers.send(link.path) rescue Rails.application.routes.url_helpers.send(link.path, {:module_app_id => @module_app.id}))
          if l == request.path
           permissions["link"] = l 
           permissions["available_for"] = link.available_for
           break
         end
        end
        if !permissions.empty?
          if !allow?(permissions["available_for"] || ["admin"])
            render "public/401" , layout: "back_end"
          end
        end
      end

       def allow?(af)
          status = "users"
          if current_user.is_admin?
            status = "admin"
          elsif current_user.is_manager?(@module_app)
            status = "managers"
          elsif current_user.is_sub_manager?(@module_app)
            status = "sub_managers"
          elsif current_user.is_normal_user?
            status = "users"
          end
          return af.include?status
      end
    end
  end

end