orbit4-5/app/controllers/admin/authorizations_controller.rb

class Admin::AuthorizationsController < OrbitAdminController
  prepend_before_filter :admin_or_manager
  layout "back_end"

  def index
  	@module_apps ||= ModuleApp.any_of({authorizable: true}).order_by([:title, :asc])
    if @module_apps && @module_apps.include?(@module_app)
      if @type
        case @type
        when 'category_authorization'
          if (@module_app.categorizable || @module_app.categories.present?)
            @objects = @module_app.categories rescue nil
          else
            @error = t(:no_category)
          end
        else
          @objects = @klass.all
        end
        unless @objects.blank?
          @object ||= @objects.first
          @authorizations = Authorization.category_sub_managers(@object) rescue nil
        else
          @error = t(:no_data)
        end
      else
        @authorizations = @module_app.module_managers rescue []
      end
    elsif @module_apps
      @module_app = @module_apps.first
    else
        redirect_to :root
    end
  end

  def add_users
    users = User.find(params[:user_ids]) rescue nil
    unless users.nil?
      authorization = users.map {|u| get_or_create_authorization(u.id)}.first
    end
    @users = @module_app.module_managers
    render 'admin/authorizations/reload_users'
  end

  def add_roles
    roles = Role.find(params[:role_ids]) rescue nil
    unless roles.nil?
      authorization = roles.map { |r| get_or_create_authorization_with_role(r.id)}.first
    end
    @users = @module_app.module_managers
    render 'admin/authorizations/reload_users'
  end

  def modal_select
    existing_users = User.find(params[:ids]) rescue []
    roles = Role.all
    if @type
      @object_id = @object.id if @object
      @sub_mangers = Authorization.category_sub_managers(@object)
      @sorted_users = roles.inject({}) do |users, role|
        users_for_role = role.member_profiles.select {|m| !m.user.is_admin?}.map {|u| u.user}
        users[role] = users_for_role - @sub_mangers
        users
      end
    else
      @sorted_users = roles.inject({}) do |users, role|
        users_for_role =  role.member_profiles.select {|m| !m.user.is_admin?}.map {|u| u.user}
        users[role] = users_for_role - @module_app.module_managers
        users
      end
    end
  end

  def remove_roles
    roles = Role.find(params[:role_ids]) rescue []
    unless roles.blank?
      authorization = get_or_create_authorization
      remove_roles_form_auth(authorization, roles)
    end
    @users = authorization.authorized_users
    render 'admin/authorizations/reload_users'
  end

  def remove_users
    @users = User.find(params[:ids]) rescue []
    unless @users.blank?
      authorization = @users.map {|u| remove_authorizations(u.id)}.first
    end
    @users = @module_app.module_managers
    render 'admin/authorizations/reload_users'
  end
  

  protected

  def get_or_create_authorization(user_id)
    case @type
    when 'category_authorization'
      if @object
       Authorization.create_category_authorization(@module_app.id, @object.id, user_id)
      else
        @error = t(:no_data)
      end
    when nil
      Authorization.create_module_authorization(@module_app.id,  user_id)
    else
      auth = @object.get_authorization_by_title("#{@type}_#{@module_app.key}")
      unless auth
        auth = Authorization.create_category_authorization(@module_app.id, @object.id, user_id) if @type.include?('authorization')
      end
      auth
    end
  end

  def get_or_create_authorization_with_role(role_id)
    case @type
    when 'category_authorization'
      if @object
        Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role_id)
      else
        @error = t(:no_data)
      end
    when nil
        Authorization.create_module_authorization_with_role(@module_app.id,role_id)
    else
      auth = @object.get_authorization_by_title("#{@type}_#{@module_app.key}")
      unless auth
        auth = Authorization.create_category_authorization_with_role(@module_app.id, @object.id, role_id)
      end
      auth
    end
  end

  def remove_authorizations(user_id)
    case @type
    when 'category_authorization'
      if @object
        Authorization.remove_category_authorization(@object.id, user_id)
        @error = t(:no_data)
      end
    when nil
      Authorization.remove_module_authorization(@module_app.id, user_id)
    else
      auth = @object.get_authorization_by_title("#{@type}_#{@module_app.key}")
      unless auth
        auth = Authorization.remove_category_authorization(@object.id, user_id)
      end
      auth    
    end
  end

  private

  def admin_or_manager
    @override_can_use = true
    setup_vars   
    authenticate_user
    current_user.is_manager?(@module_app) unless current_user.is_admin?
  end

  def setup_vars
    @module_app = ModuleApp.find_by(key: params[:module]) if params[:module]
    @type = params[:type].underscore if params[:type]
    if @type
      @klass = @type.gsub('_authorization', '').gsub('_approval', '').classify.constantize rescue nil
      @object = @klass.find(params[:id]) rescue nil
    end
  end
end