Object Auth. Now object can be included with "include OrbitCoreLib::ObjectAuthable" to use kernel method,such as
1.Object.authed_for_user(user,title_of_object_auth). title_of_object_auth is optional 2.object.authed_users(user,title_of_object_auth) . title_of_object_auth is optional if title_of_object_auth is not given,then it will return calculation across all possiblity.
This commit is contained in:
parent
3a8dbd6af4
commit
31d7cd5b38
|
@ -19,47 +19,44 @@ class Admin::ObjectAuthsController < ApplicationController
|
||||||
# end
|
# end
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create_role
|
||||||
# app_auth = AppAuth.find_or_create_by(module_app_id: params[:module_app_id])
|
object_auth = ObjectAuth.find(params[:id])
|
||||||
# params[:new].each do |item|
|
params[:new].each do |item|
|
||||||
# field = item[0]
|
field = item[0]
|
||||||
# field_value = item[1]
|
field_value = item[1]
|
||||||
# if field_value!=''
|
if field_value!=''
|
||||||
# case field
|
case field
|
||||||
# when 'role'
|
when 'role'
|
||||||
# app_auth.send("add_#{field}",(Role.find field_value)) rescue nil
|
object_auth.send("add_#{field}",(Role.find field_value)) rescue nil
|
||||||
# when 'sub_role'
|
when 'sub_role'
|
||||||
# app_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
|
object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil
|
||||||
# when 'privilege_user'
|
when 'privilege_user'
|
||||||
# app_auth.add_user_to_privilege_list (User.find field_value) rescue nil
|
object_auth.add_user_to_privilege_list (User.find field_value) rescue nil
|
||||||
# when 'blocked_user'
|
when 'blocked_user'
|
||||||
# app_auth.add_user_to_black_list (User.find field_value) rescue nil
|
object_auth.add_user_to_black_list (User.find field_value) rescue nil
|
||||||
# end
|
end
|
||||||
# end
|
end
|
||||||
# end
|
end
|
||||||
# app = ModuleApp.find params[:module_app_id] rescue nil
|
redirect_to edit_admin_object_auth_path(object_auth)
|
||||||
# redirect_to edit_admin_module_app_path(app)
|
end
|
||||||
end
|
|
||||||
|
|
||||||
def remove
|
def remove_role
|
||||||
# app_auth = AppAuth.find( params[:id] )
|
object_auth = ObjectAuth.find(params[:id])
|
||||||
# type = params[:type]
|
type = params[:type]
|
||||||
# field_value = params[:target_id]
|
field_value = params[:target_id]
|
||||||
# if field_value!=''
|
if field_value!=''
|
||||||
# case type
|
case type
|
||||||
# when 'role'
|
when 'role'
|
||||||
# app_auth.remove_role(Role.find field_value) rescue nil
|
object_auth.remove_role(Role.find field_value) rescue nil
|
||||||
# when 'sub_role'
|
when 'sub_role'
|
||||||
# app_auth.remove_sub_role(SubRole.find field_value) rescue nil
|
object_auth.remove_sub_role(SubRole.find field_value) rescue nil
|
||||||
# when 'privilege_user'
|
when 'privilege_user'
|
||||||
# app_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
|
object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil
|
||||||
# when 'blocked_user'
|
when 'blocked_user'
|
||||||
# app_auth.remove_user_from_black_list (User.find field_value) rescue nil
|
object_auth.remove_user_from_black_list (User.find field_value) rescue nil
|
||||||
# end
|
end
|
||||||
# end
|
end
|
||||||
#
|
redirect_to edit_admin_object_auth_path(object_auth)
|
||||||
# app = ModuleApp.find params[:module_app_id] rescue nil
|
|
||||||
# redirect_to edit_admin_module_app_path(app)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
<div id="user_role_management">
|
<div id="user_role_management">
|
||||||
<%#= debugger %>
|
|
||||||
<h1>User Role</h1>
|
<h1>User Role</h1>
|
||||||
<%= debugger %>
|
<%= form_tag(submit_url) do %>
|
||||||
<%= form_tag(polymorphic_path([controller_path.split('/')[0],object,auth.class.name.underscore]),:method => :post) do %>
|
|
||||||
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
||||||
<%= submit_tag 'Add Role' %><br/>
|
<%= submit_tag 'Add Role' %><br/>
|
||||||
<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
|
<%= collection_select(:new,:sub_role, SubRole.all, :id, :key, :prompt => true) %>
|
||||||
|
@ -16,19 +14,19 @@
|
||||||
<% unless auth.nil? %>
|
<% unless auth.nil? %>
|
||||||
<% auth.roles.each do |role| %>
|
<% auth.roles.each do |role| %>
|
||||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
|
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
|
||||||
<%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'role',:target_id=>role.id),:method => :delete %></li>
|
<%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'role',:target_id=>role.id),:method => :delete %></li>
|
||||||
<% end %>
|
<% end %>
|
||||||
<ul>Sub Roles </ul>
|
<ul>Sub Roles </ul>
|
||||||
<% auth.sub_roles.each do |role| %>
|
<% auth.sub_roles.each do |role| %>
|
||||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'sub_role',:target_id=>role.id),:method => :delete %>
|
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %> </li><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'sub_role',:target_id=>role.id),:method => :delete %>
|
||||||
<% end %>
|
<% end %>
|
||||||
<ul>PrivilegeList </ul>
|
<ul>PrivilegeList </ul>
|
||||||
<% auth.privilege_users.each do |user| %>
|
<% auth.privilege_users.each do |user| %>
|
||||||
<li> <%= user.name %> <%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'privilege_user',:target_id=>user.id),:method => :delete %> </li>
|
<li> <%= user.name %> <%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'privilege_user',:target_id=>user.id),:method => :delete %> </li>
|
||||||
<% end %>
|
<% end %>
|
||||||
<ul>BlockedList </ul>
|
<ul>BlockedList </ul>
|
||||||
<% auth.blocked_users.each do |user| %>
|
<% auth.blocked_users.each do |user| %>
|
||||||
<li> <%= user.name %><%= link_to '[X]',polymorphic_path(['remove',:admin,object,auth],:type=>'blocked_user',:target_id=>user.id),:method => :delete %> </li>
|
<li> <%= user.name %><%= link_to '[X]',polymorphic_path(ploy_route_ary,:type=>'blocked_user',:target_id=>user.id),:method => :delete %> </li>
|
||||||
<% end %>
|
<% end %>
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
|
@ -36,5 +36,5 @@
|
||||||
</dd>
|
</dd>
|
||||||
</dl>
|
</dl>
|
||||||
</div>
|
</div>
|
||||||
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth } %>
|
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth ,:submit_url=> admin_module_app_app_auths_path(@module_app),:ploy_route_ary=>['remove',:admin,@module_app,@module_app.app_auth] } %>
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,7 @@
|
||||||
<!-- Remove if CSS done-->
|
<!-- Remove if CSS done-->
|
||||||
<h3><%= @object_auth.title %></h3>
|
<h3><%= @object_auth.title %></h3>
|
||||||
|
|
||||||
<%= render :partial => "admin/components/user_role_management", :locals => { :object => @object_auth.auth_obj ,:auth=> @object_auth } %>
|
<%= render :partial => "admin/components/user_role_management", :locals => {
|
||||||
|
:object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %>
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,12 @@ PrototypeR4::Application.routes.draw do
|
||||||
namespace :admin do
|
namespace :admin do
|
||||||
resources :assets
|
resources :assets
|
||||||
resources :app_auths
|
resources :app_auths
|
||||||
resources :object_auths
|
resources :object_auths do
|
||||||
|
member do
|
||||||
|
match ':id/create_role',:action => 'create_role',:iia => "post",:as => :create_role
|
||||||
|
match 'remove/:type/:target_id' ,:action=> 'remove_role',:via => "delete",:as =>:remove
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
resources :ad_banners
|
resources :ad_banners
|
||||||
resources :designs do
|
resources :designs do
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
module OrbitCoreLib
|
||||||
|
module ObjectAuthable
|
||||||
|
def self.included(base)
|
||||||
|
base.instance_eval("has_many :object_auths,as: :obj_authable,dependent: :delete")
|
||||||
|
|
||||||
|
base.define_singleton_method :authed_for_user do |user,title = nil|
|
||||||
|
sub_role_ids_ary=user.sub_roles.collect{|t| t.id}
|
||||||
|
if title.nil?
|
||||||
|
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s)
|
||||||
|
else
|
||||||
|
auth_object_space = ObjectAuth.where(obj_authable_type: self.to_s,title: title)
|
||||||
|
end
|
||||||
|
|
||||||
|
query1 = auth_object_space.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: user.id)
|
||||||
|
query2 = auth_object_space.any_of({all: true},{privilege_user_ids: user.id},{role_ids: user.role.id}).excludes(blocked_user_ids: user.id)
|
||||||
|
result = (query1 + query2).uniq
|
||||||
|
result.collect{|t| t.obj_authable}
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
def authed_users(title=nil)
|
||||||
|
users = []
|
||||||
|
unless title.nil?
|
||||||
|
users = self.object_auths.where(title: title )[0].auth_users_after_block_list rescue []
|
||||||
|
else
|
||||||
|
users = self.object_auths.collect{|t| t.auth_users_after_block_list} rescue []
|
||||||
|
users.flatten!.uniq!
|
||||||
|
end
|
||||||
|
users
|
||||||
|
end
|
||||||
|
|
||||||
|
def tell_me_class
|
||||||
|
self.class.name
|
||||||
|
end
|
||||||
|
|
||||||
|
def search_object_db
|
||||||
|
ObjectAuth.where(obj_authable_type: self.class.name)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
end
|
|
@ -1,9 +1,10 @@
|
||||||
class Post
|
class Post
|
||||||
include Mongoid::Document
|
include Mongoid::Document
|
||||||
include Mongoid::Timestamps
|
include Mongoid::Timestamps
|
||||||
|
include OrbitCoreLib::ObjectAuthable
|
||||||
|
|
||||||
field :title, :type => String
|
field :title, :type => String
|
||||||
field :body, :type => String
|
field :body, :type => String
|
||||||
embeds_many :comments
|
embeds_many :comments
|
||||||
validates_presence_of :title, :body
|
validates_presence_of :title, :body
|
||||||
has_one :object_auth,as: :obj_authable,dependent: :delete
|
|
||||||
end
|
end
|
Loading…
Reference in New Issue