From 32c6f176139913b1f672471a3c7b2b52bb113419 Mon Sep 17 00:00:00 2001 From: Fu Matthew Date: Wed, 2 Jan 2013 14:34:34 +0800 Subject: [PATCH] fix object auth. show error message if user try to do object auth in a wrong way. --- .../object_auths_new_interface_controller.rb | 20 ++++++++++++++----- app/controllers/application_controller.rb | 6 +++++- app/errors/object_auth_error.rb | 3 +++ app/helpers/admin/page_parts_helper.rb | 11 ++++++++++ app/helpers/default_widgets_helper.rb | 14 +++++++++++++ .../object_auth_error_handler.rb | 16 +++++++++++++++ lib/tasks/migrate.rake | 4 ++++ 7 files changed, 68 insertions(+), 6 deletions(-) create mode 100644 app/errors/object_auth_error.rb create mode 100644 app/helpers/admin/page_parts_helper.rb create mode 100644 app/helpers/default_widgets_helper.rb create mode 100644 lib/orbit_app/error_handlers/object_auth_error_handler.rb diff --git a/app/controllers/admin/object_auths_new_interface_controller.rb b/app/controllers/admin/object_auths_new_interface_controller.rb index 85eddd052..3af52ac25 100644 --- a/app/controllers/admin/object_auths_new_interface_controller.rb +++ b/app/controllers/admin/object_auths_new_interface_controller.rb @@ -4,7 +4,6 @@ class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController def setting - @sys_users = User.all(conditions: {admin: false}).includes(:avatar).not_guest_user @ob_auth = ObjectAuth.find params[:object_auth_id] @options_from_collection_for_select_ob_auth = @ob_auth.siblings.collect{|oa| [oa.auth_obj.pp_object,oa.id] } @@ -60,6 +59,7 @@ class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController def force_order authenticate_user! + setup_vars check_if_user_can_do_object_auth end @@ -76,15 +76,25 @@ class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController end def setup_vars - if request.env['HTTP_REFERER'].split('/')[4] == "object_auths" + http_referer = request.env['HTTP_REFERER'] || '' + if http_referer.split('/')[4] == "object_auths" @app_key = params[:app_key] else - @app_key = request.env['HTTP_REFERER'].split('/')[4] + @app_key = http_referer.split('/')[4] end #@app_key = request.fullpath.split('/')[1] if(@app_key == "back_end") - @app_key.gsub!(/[?].*/,'') - @module_app = ModuleApp.first(conditions: {:key => @app_key} ) + if @app_key + @app_key.gsub!(/[?].*/,'') + @module_app = ModuleApp.first(conditions: {:key => @app_key} ) + if @module_app.nil? + raise ObjectAuthError, 'Auth procress failed, module_app not exist ' + end + else + raise ObjectAuthError, 'Auth procress failed, pls redo your sop' + end + + end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 59ff3de21..cddb58331 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,7 +2,9 @@ class ApplicationController < ActionController::Base protect_from_forgery include ParserFrontEnd, ParserBackEnd, ApplicationHelper - + include OrbitApp::ErrorHandlers::ObjectAuthErrorHandler + rescue_from ObjectAuthError, :with => :render_object_auth_error + layout :layout_by_resource helper :admin @@ -10,6 +12,8 @@ class ApplicationController < ActionController::Base helper_attr :site_valid_locales + + def set_current_user User.current = current_or_guest_user end diff --git a/app/errors/object_auth_error.rb b/app/errors/object_auth_error.rb new file mode 100644 index 000000000..683fa87fe --- /dev/null +++ b/app/errors/object_auth_error.rb @@ -0,0 +1,3 @@ +class ObjectAuthError < StandardError + +end \ No newline at end of file diff --git a/app/helpers/admin/page_parts_helper.rb b/app/helpers/admin/page_parts_helper.rb new file mode 100644 index 000000000..33fff3095 --- /dev/null +++ b/app/helpers/admin/page_parts_helper.rb @@ -0,0 +1,11 @@ +module Admin::PagePartsHelper + + def support_link + url_method = @module_app.get_default_widget[:url_method] + unless url_method.nil? + res = "Link:" + res << select_tag( "page_part[widget_field_is_link][]", options_for_select([["NotLink",false],["Link1",url_method]])) + res.html_safe + end + end +end \ No newline at end of file diff --git a/app/helpers/default_widgets_helper.rb b/app/helpers/default_widgets_helper.rb new file mode 100644 index 000000000..b4be81413 --- /dev/null +++ b/app/helpers/default_widgets_helper.rb @@ -0,0 +1,14 @@ +module DefaultWidgetsHelper + def get_row_data(row_data,field) + field_is_link = (field[0][1]== 'false' ? false : true ) + field_setting = {:class=>field[0][1],:method=>field[0][0]} + if field_is_link + field_link = field[0][1].to_s + '_path' + binding.pry + link = link_to(row_data.send(field_setting[:method]),field_link.send(row_data)) + content_tag(:span,link,:class=>field_setting[:class]) + else + content_tag(:span,row_data.send(field_setting[:method]),:class=>field_setting[:class]) + end + end +end \ No newline at end of file diff --git a/lib/orbit_app/error_handlers/object_auth_error_handler.rb b/lib/orbit_app/error_handlers/object_auth_error_handler.rb new file mode 100644 index 000000000..8d65b4bc9 --- /dev/null +++ b/lib/orbit_app/error_handlers/object_auth_error_handler.rb @@ -0,0 +1,16 @@ +module OrbitApp + module ErrorHandlers + module ObjectAuthErrorHandler + + + def render_object_auth_error(exception = nil) + default_message = 'This is a render_object_auth_error' + meaasge = '' + if exception + meaasge = default_message + exception.message + end + render :text=>meaasge + end + end + end +end diff --git a/lib/tasks/migrate.rake b/lib/tasks/migrate.rake index 5ac425d2e..4b69be3df 100644 --- a/lib/tasks/migrate.rake +++ b/lib/tasks/migrate.rake @@ -328,4 +328,8 @@ namespace :migrate do end + task :clean_object_auth => :environment do + ObjectAuth.destroy_all + end + end