orbit4-5/app/controllers/admin/authorizations_controller.rb

class Admin::AuthorizationsController < OrbitAdminController
  prepend_before_filter :admin_or_manager
  layout "back_end"

  def index
  	@module_apps ||= ModuleApp.any_of({authorizable: true}).order_by([:title, :asc])
    if @module_apps && @module_apps.include?(@module_app)
      reload_users
      if (@module_app.categorizable || @module_app.categories.present?)
        @objects = @module_app.categories.order_by(:disable.asc) rescue nil
      end
    elsif @module_apps && @module_app.key == "authorization"
        redirect_to admin_authorizations_path(@module_apps.first.key)
    else
        redirect_to  :root
    end
  end

  def add_users
    users = User.find(params[:user_ids]) rescue nil
    unless users.nil?
      authorization = users.map {|u| get_or_create_authorization(u)}.first
    end
   reload_users
    render 'admin/authorizations/reload_users'
  end

  def add_roles
    roles = Role.find(params[:role_ids]) rescue nil
    unless roles.nil?
      authorization = roles.map { |r| get_or_create_authorization_with_role(r)}.first
    end
   reload_users
    render 'admin/authorizations/reload_users'
  end

  def modal_select
    roles = Role.all
    @authorization_type = params[:authorization_type]
    if @authorization_type == "sub_managers"
      @object = Category.find(params[:category_id])
      @sub_mangers = Authorization.category_sub_managers(@object)
      @sorted_users = roles.inject({}) do |users, role|
        users_for_role = role.member_profiles.select {|m| !m.user.is_admin? if m.user}.map {|u| u.user}
        users[role] = users_for_role - @sub_mangers
        users
      end
    else
      @sorted_users = roles.inject({}) do |users, role|
        users_for_role =  role.member_profiles.select {|m| !m.user.is_admin? if m.user}.map {|u| u.user}
        users[role] = users_for_role - @module_app.module_managers
        users
      end
    end
    render :layout => false
  end

  def remove_users
    @users = User.find(params[:user_ids]) rescue []
    unless @users.blank?
      authorization = @users.map {|u| remove_authorizations(u)}.first
    end
    roles = Role.find(params[:role_ids]) rescue []
    unless roles.blank?
      roles.each{|r| remove_authorizations_with_role(r)}
    end
    reload_users
    render 'admin/authorizations/reload_users'
  end
  

  protected

  def get_or_create_authorization(user)
    case params[:authorization_type]
    when "sub_managers"
        remove_from_manager(user) if user.is_manager?(@module_app)
        @object = Category.find(params[:category_id])
       Authorization.create_category_authorization(@module_app.id, @object.id, user.id)
    when "managers"
      remove_from_sub_manager(user) if user.is_sub_manager?(@module_app)
      Authorization.create_module_authorization(@module_app.id, user.id)
    end
  end

  def remove_authorizations(user)
    case params[:authorization_type]
    when "sub_managers"
      if params[:category_id] == "all"
        remove_from_sub_manager(user)
      else
        @object = Category.find(params[:category_id])
        Authorization.remove_category_authorization(@object.id, user.id)
      end
    when "managers"
      Authorization.remove_module_authorization(@module_app.id, user.id)
    end
  end

  def remove_authorizations_with_role(role)
    case params[:authorization_type]
    when "sub_managers"
      if params[:category_id] == "all"
        remove_from_sub_manager_with_role(role)
      else
        @object = Category.find(params[:category_id])
        Authorization.remove_category_authorization_with_role(@object.id, role.id)
      end
    when "managers"
      Authorization.remove_module_authorization_with_role(@module_app.id, role.id)
    end
  end

  def remove_from_sub_manager(user)
    categories = @module_app.categories.authorized(user)
    categories.each do |c|
       Authorization.remove_category_authorization(c.id, user.id)
    end
  end

   def remove_from_sub_manager_with_role(role)
    categories = role.approved_categories_for_module(@module_app)
    categories.each do |c|
       Authorization.remove_category_authorization_with_role(c.id, role.id)
    end
  end

  def remove_from_manager(user)
     Authorization.remove_module_authorization(@module_app.id, user.id)
  end

   def remove_from_manager_with_role(role)
     Authorization.remove_module_authorization_with_role(@module_app.id, role.id)
  end

  def get_or_create_authorization_with_role(role)
    case params[:authorization_type]
    when "sub_managers"
        remove_from_manager_with_role(role) if role.is_manager_for?(@module_app)
        @object = Category.find(params[:category_id])
        Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role.id)
    when "managers"
        remove_from_sub_manager_with_role(role) if role.is_sub_manager_for?(@module_app)
        Authorization.create_module_authorization_with_role(@module_app.id,role.id)
    end
  end


  def reload_users
    @managers = @module_app.managers rescue []
    @sub_managers = @module_app.sub_managers rescue []
    manager_roles = @module_app.role_managers.collect{|r| Role.find(r)} rescue []
    sub_manager_roles = @module_app.role_sub_managers rescue []
    @managers = @managers.concat(manager_roles)
    @sub_managers  = @sub_managers.concat(sub_manager_roles)
  end
  

  private

  def admin_or_manager
    @override_can_use = true
    setup_vars   
    authenticate_user
    current_user.is_manager?(@module_app) unless current_user.is_admin?
  end

  def setup_vars
    @module_app = ModuleApp.find_by(key: params[:module]) if params[:module]
  end
end
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`class Admin::AuthorizationsController < OrbitAdminController`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`prepend_before_filter :admin_or_manager`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`layout "back_end"`

			`def index`
			`@module_apps \|\|= ModuleApp.any_of({authorizable: true}).order_by([:title, :asc])`
			`if @module_apps && @module_apps.include?(@module_app)`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`reload_users`
			`if (@module_app.categorizable \|\| @module_app.categories.present?)`
lot of fixes and experience enhancement 2014-12-10 10:09:50 +00:00			`@objects = @module_app.categories.order_by(:disable.asc) rescue nil`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`elsif @module_apps && @module_app.key == "authorization"`
fix for high security bugs in report and plus some other member area fixes 2014-09-23 09:06:17 +00:00			`redirect_to admin_authorizations_path(@module_apps.first.key)`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`else`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`redirect_to :root`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`end`
			`end`

Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`def add_users`
			`users = User.find(params[:user_ids]) rescue nil`
			`unless users.nil?`
new authorization.. yet to complete in alpha.. 2014-07-30 13:40:02 +00:00			`authorization = users.map {\|u\| get_or_create_authorization(u)}.first`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`reload_users`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`render 'admin/authorizations/reload_users'`
			`end`

			`def add_roles`
			`roles = Role.find(params[:role_ids]) rescue nil`
			`unless roles.nil?`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`authorization = roles.map { \|r\| get_or_create_authorization_with_role(r)}.first`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`reload_users`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`render 'admin/authorizations/reload_users'`
			`end`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00
			`def modal_select`
			`roles = Role.all`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`@authorization_type = params[:authorization_type]`
			`if @authorization_type == "sub_managers"`
			`@object = Category.find(params[:category_id])`
Fixes user display. 2014-05-05 06:20:58 +00:00			`@sub_mangers = Authorization.category_sub_managers(@object)`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`@sorted_users = roles.inject({}) do \|users, role\|`
fix for nil user in authorization 2014-07-17 03:50:41 +00:00			`users_for_role = role.member_profiles.select {\|m\| !m.user.is_admin? if m.user}.map {\|u\| u.user}`
Fixes user display. 2014-05-05 06:20:58 +00:00			`users[role] = users_for_role - @sub_mangers`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`users`
			`end`
			`else`
			`@sorted_users = roles.inject({}) do \|users, role\|`
fix for nil user in authorization 2014-07-17 03:50:41 +00:00			`users_for_role = role.member_profiles.select {\|m\| !m.user.is_admin? if m.user}.map {\|u\| u.user}`
Fixed display of users who are not authorized 2014-05-05 05:59:38 +00:00			`users[role] = users_for_role - @module_app.module_managers`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`users`
			`end`
			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`render :layout => false`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`

			`def remove_users`
fixed authorization bug and also added select and deselect for member selection 2014-08-06 10:27:54 +00:00			`@users = User.find(params[:user_ids]) rescue []`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`unless @users.blank?`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`authorization = @users.map {\|u\| remove_authorizations(u)}.first`
			`end`
			`roles = Role.find(params[:role_ids]) rescue []`
			`unless roles.blank?`
			`roles.each{\|r\| remove_authorizations_with_role(r)}`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`reload_users`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`render 'admin/authorizations/reload_users'`
			`end`


			`protected`

new authorization.. yet to complete in alpha.. 2014-07-30 13:40:02 +00:00			`def get_or_create_authorization(user)`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`case params[:authorization_type]`
			`when "sub_managers"`
			`remove_from_manager(user) if user.is_manager?(@module_app)`
			`@object = Category.find(params[:category_id])`
new authorization.. yet to complete in alpha.. 2014-07-30 13:40:02 +00:00			`Authorization.create_category_authorization(@module_app.id, @object.id, user.id)`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`when "managers"`
			`remove_from_sub_manager(user) if user.is_sub_manager?(@module_app)`
			`Authorization.create_module_authorization(@module_app.id, user.id)`
			`end`
			`end`

			`def remove_authorizations(user)`
			`case params[:authorization_type]`
			`when "sub_managers"`
			`if params[:category_id] == "all"`
			`remove_from_sub_manager(user)`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`else`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`@object = Category.find(params[:category_id])`
			`Authorization.remove_category_authorization(@object.id, user.id)`
new authorization.. yet to complete in alpha.. 2014-07-30 13:40:02 +00:00			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`when "managers"`
			`Authorization.remove_module_authorization(@module_app.id, user.id)`
			`end`
			`end`

			`def remove_authorizations_with_role(role)`
			`case params[:authorization_type]`
			`when "sub_managers"`
			`if params[:category_id] == "all"`
			`remove_from_sub_manager_with_role(role)`
			`else`
			`@object = Category.find(params[:category_id])`
			`Authorization.remove_category_authorization_with_role(@object.id, role.id)`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`when "managers"`
			`Authorization.remove_module_authorization_with_role(@module_app.id, role.id)`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`
			`end`

new authorization.. yet to complete in alpha.. 2014-07-30 13:40:02 +00:00			`def remove_from_sub_manager(user)`
			`categories = @module_app.categories.authorized(user)`
			`categories.each do \|c\|`
			`Authorization.remove_category_authorization(c.id, user.id)`
			`end`
			`end`

authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`def remove_from_sub_manager_with_role(role)`
			`categories = role.approved_categories_for_module(@module_app)`
			`categories.each do \|c\|`
			`Authorization.remove_category_authorization_with_role(c.id, role.id)`
			`end`
			`end`

new authorization.. yet to complete in alpha.. 2014-07-30 13:40:02 +00:00			`def remove_from_manager(user)`
			`Authorization.remove_module_authorization(@module_app.id, user.id)`
			`end`

authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`def remove_from_manager_with_role(role)`
			`Authorization.remove_module_authorization_with_role(@module_app.id, role.id)`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`

authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`def get_or_create_authorization_with_role(role)`
			`case params[:authorization_type]`
			`when "sub_managers"`
			`remove_from_manager_with_role(role) if role.is_manager_for?(@module_app)`
			`@object = Category.find(params[:category_id])`
			`Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role.id)`
			`when "managers"`
			`remove_from_sub_manager_with_role(role) if role.is_sub_manager_for?(@module_app)`
			`Authorization.create_module_authorization_with_role(@module_app.id,role.id)`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`end`
			`end`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00
			`def reload_users`
fixed authorization bug and also added select and deselect for member selection 2014-08-06 10:27:54 +00:00			`@managers = @module_app.managers rescue []`
authorization completed .. select all button for member select is left 2014-08-05 13:51:05 +00:00			`@sub_managers = @module_app.sub_managers rescue []`
			`manager_roles = @module_app.role_managers.collect{\|r\| Role.find(r)} rescue []`
			`sub_manager_roles = @module_app.role_sub_managers rescue []`
			`@managers = @managers.concat(manager_roles)`
			`@sub_managers = @sub_managers.concat(sub_manager_roles)`
			`end`


authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`private`

			`def admin_or_manager`
			`@override_can_use = true`
			`setup_vars`
Updated Authorization with modal working Conflicts: app/controllers/admin/sites_controller.rb 2014-05-05 04:29:39 +00:00			`authenticate_user`
authorization, module auth, category auth, member roles 2014-05-01 07:14:16 +00:00			`current_user.is_manager?(@module_app) unless current_user.is_admin?`
			`end`

			`def setup_vars`
			`@module_app = ModuleApp.find_by(key: params[:module]) if params[:module]`
			`end`
			`end`