diff --git a/app/assets/javascripts/member-selection.js b/app/assets/javascripts/member-selection.js
index 700f8d5..237c338 100644
--- a/app/assets/javascripts/member-selection.js
+++ b/app/assets/javascripts/member-selection.js
@@ -1,21 +1,70 @@
$(document).ready(function() {
+ var authorization_type = "managers";
+ $("ul#authorization-types a").on("click",function(){
+ authorization_type = $(this).data("for");
+ switch(authorization_type){
+ case "managers":
+ $("ul#card-list-submanagers li.check-item").removeClass("active");
+ $("ul#card-list-submanagers li.check-item input[type=checkbox]").removeAttr("checked")
+ break;
+ case "sub_managers":
+ $("ul#card-list-managers li.check-item").removeClass("active");
+ $("ul#card-list-managers li.check-item input[type=checkbox]").removeAttr("checked")
+ break;
+ }
+ hide_or_show_button();
+ })
+
+ $('.selected_user input[type="checkbox"], .selected_role input[type="checkbox"]').on("change",function(){
+ hide_or_show_button();
+ })
+
+ var hide_or_show_button = function(){
+ if($('.selected_role input[type="checkbox"]:checked').length == 0 && $('.selected_user input[type="checkbox"]:checked').length == 0){
+ $("#remove_users").addClass("hide");
+ }else{
+ $("#remove_users").removeClass("hide");
+ }
+ }
+
+ $("select[name=anything]").on("change",function(){
+ var value_to_filter = $(this).val();
+ if(value_to_filter != ""){
+ lis.each(function(){
+ var categories = $(this).data("categories");
+ if(categories.indexOf(value_to_filter) == -1){
+ $(this).hide();
+ }else{
+ $(this).show();
+ }
+ })
+ }else{
+ lis.show();
+ }
+ })
+
$(".select_user_modal").on('click', function(){
- var ids = [];
- var users = $(this).siblings('.selected_users').children('span.selected_user');
- users.each(function(i) {
- ids.push(users.eq(i).attr('id'));
- });
- $("#main-wrap").after("");
+ var data_to_send = {"authorization_type" : authorization_type};
+ if (authorization_type == "sub_managers"){
+ var category_id = $("select[name=anything]").val();
+ if(category_id == ""){
+ alert("Please select a category.");
+ return false;
+ }
+ data_to_send.category_id = category_id;
+ }
$.ajax({
type: 'GET',
url: $(this).attr("rel"),
- dataType: 'script',
- data: {field: $(this).attr("field"), ids: ids},
- success: function (msg) {
- $("#member-filter").modal('show'); },
- error: function(){
- alert("ERROR");
- }
+ dataType: 'html',
+ data : data_to_send,
+ success: function (html) {
+ $("#select_user_modal").html(html);
+ $("#member-filter").modal('show');
+ $(".modal").on("hidden", function () {
+ $("#select_user_modal").empty();
+ });
+ },
});
return false;
});
@@ -25,21 +74,32 @@ $(document).ready(function() {
});
$("#remove_users").on('click', function(){
- var ids = [];
- var users = $('.selected_user input[type="checkbox"]:checked');
- users.each(function(i) {
- ids.push(users.eq(i).parent().attr('id'));
+ var user_ids = [],
+ role_ids =[],
+ users = $('.selected_user input[type="checkbox"]:checked'),
+ roles = $('.selected_role input[type="checkbox"]:checked')
+
+ users.each(function() {
+ user_ids.push($(this).parent().attr('id'));
});
- if (users.size() > 0) {
- // TODO: i18n in javascript
- if (confirm('Are you sure you want to delete this?')) {
+
+ roles.each(function() {
+ role_ids.push($(this).parent().attr('id'));
+ });
+
+ var data_to_send = {"authorization_type" : authorization_type, "user_ids" : user_ids, "role_ids" : role_ids};
+ if (authorization_type == "sub_managers"){
+ var category_id = $("select[name=anything]").val();
+ data_to_send.category_id = (category_id == "" ? "all" : category_id);
+ }
+ if (user_ids.length > 0 || role_ids.length > 0) {
+ if (confirm('Are you sure you want revoke persmission from these users?')) { // TODO: i18n in javascript
$.ajax({
type: 'DELETE',
url: $(this).attr("rel"),
dataType: 'script',
- data: {ids: ids},
+ data: data_to_send,
error: function(){
- // TODO: i18n in javascript
alert("ERROR");
}
});
diff --git a/app/assets/stylesheets/basic/global.css b/app/assets/stylesheets/basic/global.css
index 4f92e52..3f05c30 100644
--- a/app/assets/stylesheets/basic/global.css
+++ b/app/assets/stylesheets/basic/global.css
@@ -327,7 +327,7 @@ legend {
top: 50px;
}
#member-filter .modal-body {
- max-height: 425px;
+ max-height: 500px;
}
#member-filter .modal-body form {
margin-bottom: 0px;
@@ -397,6 +397,10 @@ legend {
border-color: #ddd transparent #ddd #ddd;
*border-right-color: #ffffff;
}
+#member-filter .tab-content-1 {
+ padding-left: 15px;
+ border-left: 1px solid #ddd;
+}
#member-filter .member-filter-options {
float: left;
display: inline-block;
diff --git a/app/assets/stylesheets/lib/checkbox-card.css b/app/assets/stylesheets/lib/checkbox-card.css
index 5b4857f..01b8da4 100644
--- a/app/assets/stylesheets/lib/checkbox-card.css
+++ b/app/assets/stylesheets/lib/checkbox-card.css
@@ -21,6 +21,7 @@
margin-bottom: 0;
}
.mini-layout .tab-pane {
+ min-height: 600px;
padding: 20px 10px;
background-color: #fff;
border: 1px solid #ddd;
@@ -64,6 +65,19 @@
opacity: 0;
visibility: hidden;
}
+.checkbox-card li.role {
+ background-color: #696969;
+ }
+ .checkbox-card li.role label {
+ padding: 10px;
+ line-height: 26px;
+ }
+ .checkbox-card li.role span {
+ display: inline-block;
+ width: auto;
+ color: #FFF;
+ }
+
.checkbox-card li:hover {
background-color: #0088cc;
}
@@ -122,6 +136,14 @@
color: #666666;
margin-top: -3px;
}
+.checkbox-card li label span.badge {
+ float: right;
+ margin-top: 1px;
+ color: #fff;
+}
+.checkbox-card li span.role-name {
+ width: 80%;
+}
.checkbox-card li:hover label span,
.checkbox-card li:hover label span.user-name {
color: #FFFFFF;
diff --git a/app/controllers/admin/authorizations_controller.rb b/app/controllers/admin/authorizations_controller.rb
index a29f364..72e9b3e 100644
--- a/app/controllers/admin/authorizations_controller.rb
+++ b/app/controllers/admin/authorizations_controller.rb
@@ -5,30 +5,14 @@ class Admin::AuthorizationsController < OrbitAdminController
def index
@module_apps ||= ModuleApp.any_of({authorizable: true}).order_by([:title, :asc])
if @module_apps && @module_apps.include?(@module_app)
- if @type
- case @type
- when 'category_authorization'
- if (@module_app.categorizable || @module_app.categories.present?)
- @objects = @module_app.categories rescue nil
- else
- @error = t(:no_category)
- end
- else
- @objects = @klass.all
- end
- unless @objects.blank?
- @object ||= @objects.first
- @authorizations = Authorization.category_sub_managers(@object) rescue nil
- else
- @error = t(:no_data)
- end
- else
- @authorizations = @module_app.module_managers rescue []
+ reload_users
+ if (@module_app.categorizable || @module_app.categories.present?)
+ @objects = @module_app.categories rescue nil
end
- elsif @module_apps
- @module_app = @module_apps.first
+ elsif @module_apps && @module_app.key == "authorization"
+ redirect_to "/admin/authorizations/#{@module_apps.first.key}"
else
- redirect_to :root
+ redirect_to :root
end
end
@@ -37,24 +21,24 @@ class Admin::AuthorizationsController < OrbitAdminController
unless users.nil?
authorization = users.map {|u| get_or_create_authorization(u)}.first
end
- @users = @module_app.module_managers
+ reload_users
render 'admin/authorizations/reload_users'
end
def add_roles
roles = Role.find(params[:role_ids]) rescue nil
unless roles.nil?
- authorization = roles.map { |r| get_or_create_authorization_with_role(r.id)}.first
+ authorization = roles.map { |r| get_or_create_authorization_with_role(r)}.first
end
- @users = @module_app.module_managers
+ reload_users
render 'admin/authorizations/reload_users'
end
def modal_select
- existing_users = User.find(params[:ids]) rescue []
roles = Role.all
- if @type
- @object_id = @object.id if @object
+ @authorization_type = params[:authorization_type]
+ if @authorization_type == "sub_managers"
+ @object = Category.find(params[:category_id])
@sub_mangers = Authorization.category_sub_managers(@object)
@sorted_users = roles.inject({}) do |users, role|
users_for_role = role.member_profiles.select {|m| !m.user.is_admin? if m.user}.map {|u| u.user}
@@ -68,24 +52,19 @@ class Admin::AuthorizationsController < OrbitAdminController
users
end
end
- end
-
- def remove_roles
- roles = Role.find(params[:role_ids]) rescue []
- unless roles.blank?
- authorization = get_or_create_authorization
- remove_roles_form_auth(authorization, roles)
- end
- @users = authorization.authorized_users
- render 'admin/authorizations/reload_users'
+ render :layout => false
end
def remove_users
@users = User.find(params[:ids]) rescue []
unless @users.blank?
- authorization = @users.map {|u| remove_authorizations(u.id)}.first
+ authorization = @users.map {|u| remove_authorizations(u)}.first
end
- @users = @module_app.module_managers
+ roles = Role.find(params[:role_ids]) rescue []
+ unless roles.blank?
+ roles.each{|r| remove_authorizations_with_role(r)}
+ end
+ reload_users
render 'admin/authorizations/reload_users'
end
@@ -93,27 +72,42 @@ class Admin::AuthorizationsController < OrbitAdminController
protected
def get_or_create_authorization(user)
- case @type
- when 'category_authorization'
- if @object
- if user.is_manager?(@module_app)
- remove_from_manager(user)
- end
+ case params[:authorization_type]
+ when "sub_managers"
+ remove_from_manager(user) if user.is_manager?(@module_app)
+ @object = Category.find(params[:category_id])
Authorization.create_category_authorization(@module_app.id, @object.id, user.id)
- else
- @error = t(:no_data)
- end
- when nil
- if user.is_sub_manager?(@module_app)
- remove_from_sub_manager(user)
- end
+ when "managers"
+ remove_from_sub_manager(user) if user.is_sub_manager?(@module_app)
Authorization.create_module_authorization(@module_app.id, user.id)
- else
- auth = @object.get_authorization_by_title("#{@type}_#{@module_app.key}")
- unless auth
- auth = Authorization.create_category_authorization(@module_app.id, @object.id, user_id) if @type.include?('authorization')
+ end
+ end
+
+ def remove_authorizations(user)
+ case params[:authorization_type]
+ when "sub_managers"
+ if params[:category_id] == "all"
+ remove_from_sub_manager(user)
+ else
+ @object = Category.find(params[:category_id])
+ Authorization.remove_category_authorization(@object.id, user.id)
end
- auth
+ when "managers"
+ Authorization.remove_module_authorization(@module_app.id, user.id)
+ end
+ end
+
+ def remove_authorizations_with_role(role)
+ case params[:authorization_type]
+ when "sub_managers"
+ if params[:category_id] == "all"
+ remove_from_sub_manager_with_role(role)
+ else
+ @object = Category.find(params[:category_id])
+ Authorization.remove_category_authorization_with_role(@object.id, role.id)
+ end
+ when "managers"
+ Authorization.remove_module_authorization_with_role(@module_app.id, role.id)
end
end
@@ -124,46 +118,43 @@ class Admin::AuthorizationsController < OrbitAdminController
end
end
+ def remove_from_sub_manager_with_role(role)
+ categories = role.approved_categories_for_module(@module_app)
+ categories.each do |c|
+ Authorization.remove_category_authorization_with_role(c.id, role.id)
+ end
+ end
+
def remove_from_manager(user)
Authorization.remove_module_authorization(@module_app.id, user.id)
end
- def get_or_create_authorization_with_role(role_id)
- case @type
- when 'category_authorization'
- if @object
- Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role_id)
- else
- @error = t(:no_data)
- end
- when nil
- Authorization.create_module_authorization_with_role(@module_app.id,role_id)
- else
- auth = @object.get_authorization_by_title("#{@type}_#{@module_app.key}")
- unless auth
- auth = Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role_id)
- end
- auth
+ def remove_from_manager_with_role(role)
+ Authorization.remove_module_authorization_with_role(@module_app.id, role.id)
+ end
+
+ def get_or_create_authorization_with_role(role)
+ case params[:authorization_type]
+ when "sub_managers"
+ remove_from_manager_with_role(role) if role.is_manager_for?(@module_app)
+ @object = Category.find(params[:category_id])
+ Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role.id)
+ when "managers"
+ remove_from_sub_manager_with_role(role) if role.is_sub_manager_for?(@module_app)
+ Authorization.create_module_authorization_with_role(@module_app.id,role.id)
end
end
- def remove_authorizations(user_id)
- case @type
- when 'category_authorization'
- if @object
- Authorization.remove_category_authorization(@object.id, user_id)
- @error = t(:no_data)
- end
- when nil
- Authorization.remove_module_authorization(@module_app.id, user_id)
- else
- auth = @object.get_authorization_by_title("#{@type}_#{@module_app.key}")
- unless auth
- auth = Authorization.remove_category_authorization(@object.id, user_id)
- end
- auth
- end
+
+ def reload_users
+ @managers = @module_app.module_managers rescue []
+ @sub_managers = @module_app.sub_managers rescue []
+ manager_roles = @module_app.role_managers.collect{|r| Role.find(r)} rescue []
+ sub_manager_roles = @module_app.role_sub_managers rescue []
+ @managers = @managers.concat(manager_roles)
+ @sub_managers = @sub_managers.concat(sub_manager_roles)
end
+
private
@@ -176,10 +167,5 @@ class Admin::AuthorizationsController < OrbitAdminController
def setup_vars
@module_app = ModuleApp.find_by(key: params[:module]) if params[:module]
- @type = params[:type].underscore if params[:type]
- if @type
- @klass = @type.gsub('_authorization', '').gsub('_approval', '').classify.constantize rescue nil
- @object = @klass.find(params[:id]) rescue nil
- end
end
end
diff --git a/app/controllers/orbit_admin_controller.rb b/app/controllers/orbit_admin_controller.rb
index 5aad03e..75d26b5 100644
--- a/app/controllers/orbit_admin_controller.rb
+++ b/app/controllers/orbit_admin_controller.rb
@@ -3,7 +3,7 @@ class OrbitAdminController < ApplicationController
include Authorize
include OrbitBackendHelper
- before_action :authenticate_user, :log_user_action, :load_authenticated_categories
+ before_action :authenticate_user, :log_user_action, :load_authorized_categories
layout "back_end"
def sort
@@ -64,7 +64,7 @@ class OrbitAdminController < ApplicationController
end
end
- def load_authenticated_categories
+ def load_authorized_categories
@user_authenticated_categories = current_user.is_admin? ? ["all"] : current_user.approved_categories.collect{|c| c.id}
end
diff --git a/app/models/authorization.rb b/app/models/authorization.rb
index c5b2157..220de9f 100644
--- a/app/models/authorization.rb
+++ b/app/models/authorization.rb
@@ -23,6 +23,7 @@ class Authorization
end
end
+
def self.category_role_sub_managers(category)
authorizations = self.category_authorized_users(category)
users = authorizations.map { |a| a.role if role.present? }
@@ -73,12 +74,22 @@ class Authorization
end
def self.remove_module_authorization(module_app_id,user_id)
- auth = self.find_by(module_app_id: module_app_id, user_id: user_id)
- auth.destroy
+ auth = self.find_by(module_app_id: module_app_id, user_id: user_id) rescue nil
+ auth.destroy if !auth.nil?
end
def self.remove_category_authorization(category_id,user_id)
- auth = self.find_by(category_id: category_id, user_id: user_id)
- auth.destroy
+ auth = self.find_by(category_id: category_id, user_id: user_id) rescue nil
+ auth.destroy if !auth.nil?
+ end
+
+ def self.remove_module_authorization_with_role(module_app_id,role_id)
+ auth = self.find_by(module_app_id: module_app_id, role_id: role_id) rescue nil
+ auth.destroy if !auth.nil?
+ end
+
+ def self.remove_category_authorization_with_role(category_id,role_id)
+ auth = self.find_by(category_id: category_id, role_id: role_id) rescue nil
+ auth.destroy if !auth.nil?
end
end
diff --git a/app/models/category.rb b/app/models/category.rb
index f146632..128aebe 100644
--- a/app/models/category.rb
+++ b/app/models/category.rb
@@ -17,6 +17,9 @@ class Category
end
def self.authorized(user)
- user.approved_categories
+ module_app_categories = self.each{|c| c}.to_a rescue []
+ authorized_categories = user.approved_categories
+ intersection = (module_app_categories & authorized_categories)
+ intersection
end
end
diff --git a/app/models/module_app.rb b/app/models/module_app.rb
index 20229c9..e269893 100644
--- a/app/models/module_app.rb
+++ b/app/models/module_app.rb
@@ -32,6 +32,19 @@ class ModuleApp
self[:widget_settings] = reg.get_widget_settings
end
+ def sub_managers
+ categories = self.categories
+ sub_managers = []
+ categories.each do |c|
+ c.authorizations.each do |a|
+ if !sub_managers.include?a.user
+ sub_managers << a.user
+ end
+ end
+ end
+ sub_managers
+ end
+
def get_registration
OrbitApp::Module::Registration.find_by_key(key)
end
@@ -81,6 +94,17 @@ class ModuleApp
Authorization.module_authorized_users(self).pluck(:role_id)
end
+ def role_sub_managers
+ roles = []
+ self.categories.each do |c|
+ auth = Authorization.find_by(:category_id => c.id) rescue nil
+ if !auth.nil?
+ roles << auth.role
+ end
+ end
+ roles
+ end
+
def role_status
RoleStatus.all
end
@@ -88,8 +112,6 @@ class ModuleApp
def module_managers
workgroup = Workgroup.find_by(key: 'sub_managers')
authorized_users = Authorization.module_authorized_users(self).where(:user_id.ne => nil, :workgroup_id.ne => workgroup.id).map {|u| u.user} rescue nil
- authorized_members = Authorization.module_authorized_users(self).where(:role_id.ne => nil).map {|m| m.role.member_profiles}.first rescue nil
- users_authorized_by_role = authorized_members.map {|u| u.user} rescue []
authorized_users.inject(users_authorized_by_role, :<<) rescue []
end
diff --git a/app/models/role.rb b/app/models/role.rb
index 6638843..935a018 100644
--- a/app/models/role.rb
+++ b/app/models/role.rb
@@ -22,4 +22,37 @@ class Role
def is_disabled?
self.disabled
end
+
+ def approved_categories_for_module(module_app)
+ module_app_categories = module_app.categories
+ authorizations = Authorization.where(:role_id => self.id)
+ authorized_categories = []
+ authorizations.each do |auth|
+ cat = auth.category
+ authorized_categories << auth.category if !cat.nil?
+ end
+ (module_app_categories & authorized_categories)
+ end
+
+ def is_manager_for?(module_app)
+ a = self.authorizations.find_by(:module_app_id => module_app.id) rescue nil
+ if a.nil?
+ false
+ else
+ true
+ end
+ end
+
+ def is_sub_manager_for?(module_app)
+ if !self.is_manager_for?(module_app)
+ categories = self.approved_categories_for_module(module_app)
+ if categories.count > 0
+ true
+ else
+ false
+ end
+ else
+ false
+ end
+ end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index 949d0bf..14b64b9 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -120,7 +120,27 @@ class User
authorized_roles = module_app.role_managers rescue []
intersection = (user_roles & authorized_roles)
- if ((intersection.count > 0 if intersection.present?) && !self.is_admin? && !self.is_manager?(module_app) && !self.is_sub_manager?(module_app))
+ if (intersection.count > 0 if intersection.present?)
+ true
+ else
+ false
+ end
+ end
+
+ def is_sub_manager_with_role?(module_app)
+ user_roles = self.member_profile.role_ids.map {|r| r}
+ authorized_categories = []
+ wg = Workgroup.find_by(:key => "sub_managers")
+ user_roles.each do |r|
+ auths = Authorization.find_by(:rold_id => r, :workgroup_id => wg.id) rescue []
+ auths = auths.to_a if !auths.kind_of?(Array)
+ auths.each do |a|
+ authorized_categories << a.category
+ end
+ end
+ module_app_categories = module_app.categories.map {|c| c.id} rescue nil
+ intersection = (module_app_categories & authorized_categories)
+ if (intersection.count > 0 if intersection.present?)
true
else
false
@@ -137,6 +157,13 @@ class User
end
end
+ def approved_categories_for_module(module_app)
+ module_app_categories = module_app.categories rescue []
+ authorized_categories = self.authorizations.map {|a| a.category if (a.category.present? && a.workgroup.key.eql?("sub_managers"))}
+ intersection = (module_app_categories & authorized_categories)
+ intersection
+ end
+
def approved_categories
categories = []
if self.is_admin?
@@ -144,11 +171,18 @@ class User
categories << c
end
else
- self.authorizations.each do |auth|
+ authorizations = self.authorizations.collect{|a| a}
+ user_roles = self.member_profile.roles rescue []
+ user_roles.each do |r|
+ authorizations.concat((r.authorizations rescue []))
+ end
+
+ authorizations.each do |auth|
case auth.workgroup.key
when "managers"
- if !auth.module_app.categories.blank?
- auth.module_app.categories.each do|c|
+ cats = auth.module_app.categories rescue []
+ if !cats.blank?
+ cats.each do|c|
categories << c
end
end
diff --git a/app/views/admin/authorizations/_user.html.erb b/app/views/admin/authorizations/_user.html.erb
index 2d74da9..965da5b 100644
--- a/app/views/admin/authorizations/_user.html.erb
+++ b/app/views/admin/authorizations/_user.html.erb
@@ -1,10 +1,20 @@
-
-
- <% unless user == current_user || user.is_admin? %>
-
- <% end %>
-
\ No newline at end of file
+<% if user.instance_of?User %>
+
>
+
+ <% unless user == current_user || user.is_admin? %>
+
+ <% end %>
+
+<% elsif user.instance_of?Role %>
+
>
+
+
+
+<% end %>
\ No newline at end of file
diff --git a/app/views/admin/authorizations/index.html.erb b/app/views/admin/authorizations/index.html.erb
index 94abdd8..91e44d1 100644
--- a/app/views/admin/authorizations/index.html.erb
+++ b/app/views/admin/authorizations/index.html.erb
@@ -7,7 +7,7 @@