2014-05-01 07:14:16 +00:00
|
|
|
module OrbitCoreLib
|
|
|
|
|
module Preview
|
|
|
|
|
def self.included(base)
|
|
|
|
|
base.class_eval ("
|
|
|
|
|
def to_preview
|
|
|
|
|
raise 'Developer,please override to_preview method'
|
|
|
|
|
end
|
|
|
|
|
")
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-06-12 10:35:02 +00:00
|
|
|
module ObjectDisable
|
|
|
|
|
def self.included(base)
|
|
|
|
|
|
|
|
|
|
base.instance_eval("field :disable,type: Boolean,:default => false")
|
|
|
|
|
base.instance_eval("scope :all, ->{ where(:disable.in => [false, nil, '']) }")
|
|
|
|
|
base.instance_eval("scope :admin_manager_all, ->{ find(:all) }")
|
|
|
|
|
|
|
|
|
|
base.define_singleton_method :find do |*args|
|
|
|
|
|
if args ==[:all]
|
|
|
|
|
unscoped
|
|
|
|
|
else
|
|
|
|
|
res = unscoped.find(args)
|
|
|
|
|
res.count == 1 ? res[0] : res
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
base.define_singleton_method :first do |*args|
|
|
|
|
|
all.first
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
base.define_singleton_method :last do |*args|
|
|
|
|
|
all.last
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
end
|
2014-05-01 07:14:16 +00:00
|
|
|
|
|
|
|
|
module Authorize
|
|
|
|
|
def self.included(base)
|
|
|
|
|
base.class_eval do
|
|
|
|
|
before_filter :can_use
|
|
|
|
|
send :include, InstanceMethods
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
module InstanceMethods
|
|
|
|
|
protected
|
|
|
|
|
def can_use
|
2014-07-30 13:40:02 +00:00
|
|
|
@app_title ||= controller_path.split('/')[1].singularize rescue nil
|
|
|
|
|
@module_app ||= ModuleApp.find_by(key: @app_title) rescue nil
|
2014-08-05 13:51:05 +00:00
|
|
|
@module_app = ModuleApp.find(params[:module_app_id]) if @module_app.key == "category" || "tag" rescue nil
|
2014-07-31 08:48:09 +00:00
|
|
|
if @module_app.nil?
|
|
|
|
|
o = OrbitApp::Module::Registration.find_by_url(controller_path)
|
|
|
|
|
@app_title = o.key rescue nil
|
|
|
|
|
@module_app ||= ModuleApp.find_by(key: @app_title) rescue nil
|
|
|
|
|
end
|
2014-07-30 13:40:02 +00:00
|
|
|
@module_authorized_users ||= Authorization.module_authorized_users(@module_app.id).pluck(:user_id) rescue nil
|
2014-09-23 09:06:17 +00:00
|
|
|
|
|
|
|
|
if current_user.nil?
|
|
|
|
|
redirect_to new_session_path
|
|
|
|
|
return
|
|
|
|
|
end
|
|
|
|
|
|
2014-07-31 12:42:53 +00:00
|
|
|
if !@module_app.nil?
|
|
|
|
|
check_user_can_use
|
|
|
|
|
else
|
|
|
|
|
if !current_user.is_admin?
|
|
|
|
|
render "public/401"
|
|
|
|
|
end
|
|
|
|
|
end
|
2014-05-01 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def check_user_can_use
|
2014-07-30 13:40:02 +00:00
|
|
|
permissions = {}
|
|
|
|
|
@module_app.get_registration.get_side_bar.get_context_links.each do |link|
|
|
|
|
|
l = (Rails.application.routes.url_helpers.send(link.path) rescue Rails.application.routes.url_helpers.send(link.path, {:module_app_id => @module_app.id}))
|
2014-07-31 08:48:09 +00:00
|
|
|
if l == request.path.sub("/" + I18n.locale.to_s,"")
|
2014-07-30 13:40:02 +00:00
|
|
|
permissions["link"] = l
|
|
|
|
|
permissions["available_for"] = link.available_for
|
|
|
|
|
break
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
if !permissions.empty?
|
|
|
|
|
if !allow?(permissions["available_for"] || ["admin"])
|
2014-08-15 02:29:17 +00:00
|
|
|
render "public/401" , layout: "back_end" if !current_user.nil?
|
2014-07-30 13:40:02 +00:00
|
|
|
end
|
2014-05-01 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-07-30 13:40:02 +00:00
|
|
|
def allow?(af)
|
2014-08-15 02:29:17 +00:00
|
|
|
if !current_user.nil?
|
2014-07-30 13:40:02 +00:00
|
|
|
status = "users"
|
2014-08-15 02:29:17 +00:00
|
|
|
if current_user.is_admin?
|
|
|
|
|
status = "admin"
|
|
|
|
|
elsif current_user.is_manager?(@module_app)
|
|
|
|
|
status = "managers"
|
|
|
|
|
elsif current_user.is_manager_with_role?(@module_app)
|
|
|
|
|
status = "managers"
|
|
|
|
|
elsif current_user.is_sub_manager?(@module_app)
|
|
|
|
|
status = "sub_managers"
|
|
|
|
|
elsif current_user.is_sub_manager_with_role?(@module_app)
|
|
|
|
|
status = "sub_managers"
|
|
|
|
|
elsif current_user.is_normal_user?
|
|
|
|
|
status = "users"
|
|
|
|
|
end
|
|
|
|
|
return af.include?status
|
|
|
|
|
else
|
|
|
|
|
return false
|
2014-07-30 13:40:02 +00:00
|
|
|
end
|
2014-05-01 07:14:16 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
