diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb deleted file mode 100644 index ccbe6962e..000000000 --- a/app/controllers/admin/module_apps_controller.rb +++ /dev/null @@ -1,114 +0,0 @@ -class Admin::ModuleAppsController < OrbitBackendController - before_filter :user_has_manager_privilege?, :only => [ :assign_manager, :remove_manager ] - before_filter :user_has_sub_manager_privilege?, :only => [ :assign_sub_manager, :remove_sub_manager ] - - helper Admin::PagePartsHelper - def index - @module_apps = ModuleApp.all.entries - end - - - - def module_auth_proc - @module_app = ModuleApp.find(params[:id]) - end - - def edit - @module_app = ModuleApp.find(params[:id]) - end - - def show - @module_app = ModuleApp.find(params[:id]) - - end - - def update - @module_app = ModuleApp.find(params[:id]) - unless params['module_app']['enable_frontend'].nil? - @module_app.update_attribute('enable_frontend',params['module_app']['enable_frontend']) - @module_app.save! - end - @attribute = @module_app - respond_to do |format| - format.html { redirect_to :action => :index } - format.js { render 'admin/attributes/toggle_enable' } - end - end - - - def assign_sub_manager - unless @assign_to_user.nil? || @assign_to_user.admin? - if @module_app.assign_sub_manager(@assign_to_user,current_user) - flash[:notice] = t('app_auth.assigning_manager.add_manager_ok') - else - flash[:notice] = t('app_auth.assigning_manager.add_manager_fail') - end - else - flash[:notice] = t('app_auth.failed_no_user') - end - flash[:notice] = t('app_auth.can_not_add_this_user') - redirect_to :action => "edit" - end - - - def assign_manager - unless @assign_to_user.nil? || @assign_to_user.admin? - if @module_app.assign_manager(@assign_to_user,current_user) - flash[:notice] = t('app_auth.assigning_sub_manager.add_sub_manager_ok') - else - flash[:notice] = t('app_auth.assigning_sub_manager.add_sub_manager_fail') - end - else - flash[:notice] = t('app_auth.failed_no_user') - end - flash[:notice] = t('app_auth.can_not_add_this_user') - redirect_to :action => "edit" - end - - - def remove_manager - @app_manager = AppManager.find(params[:app_manager_id]) - if @module_app.remove_manager(@app_manager.user) - flash[:notice] = t('app_auth.delete_manager.success') - else - flash[:notice] = t('app_auth.delete_manager.fail') - end - redirect_to :action => "edit" - end - - - def remove_sub_manager - @app_sub_manager = AppManager.find(params[:app_sub_manager_id]) - if @module_app.remove_sub_manager(@app_sub_manager.user) - flash[:notice] = t('app_auth.delete_sub_manager.success') - else - flash[:notice] = t('app_auth.delete_sub_manager.fail') - end - redirect_to :action => "edit" - end - - - private - def user_has_manager_privilege? - @module_app = ModuleApp.find(params[:id]) - @assign_to_user = User.find params[:manager][:id] rescue nil - if current_user.admin? #only admin can assign app's manager - return - end - #user is not permited to do that - flash[:notice] = t('app_auth.operation_not_permitted') - render :nothing => true, :status => 403 - end - - - def user_has_sub_manager_privilege? - @module_app = ModuleApp.find(params[:id]) - @assign_to_user = User.find params[:sub_manager][:id] rescue nil - if current_user.admin? || @module_app.managing_users.include?(current_user) #admin or app's manager can assign app's subanager - return - end - #user is not permited to do that - flash[:notice] = t('app_auth.operation_not_permitted') - render :nothing => true,:status => 403 - end -end \ No newline at end of file diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb deleted file mode 100644 index 416e570cc..000000000 --- a/app/controllers/admin/object_auths_controller.rb +++ /dev/null @@ -1,98 +0,0 @@ -class Admin::ObjectAuthsController < OrbitBackendController - include OrbitCoreLib::PermissionUtility - - before_filter :force_order -# before_filter :is_admin? ,:only => :index - - - - def index - # if current_user.admin? - @object_auths = ObjectAuth.all - # else - # @module_apps = current_user.managing_apps.collect{|t| t.managing_app} - # end - end - - def new - obj = eval(params[:type]).find params[:obj_id] - @object_auth=obj.object_auths.build - @object_auth_title_option = eval(params[:type]+"::ObjectAuthTitlesOptions") - respond_to do |format| - format.html # new.html.erb - format.xml { render :xml => @post } - end - end - - def create - obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id] - @object_auth=obj.object_auths.build :title=> params[:object_auth][:title] - if @object_auth.save - redirect_to edit_admin_object_auth_path(@object_auth) - else - flash[:error] = t('object.a_object_must_have_only_one_object_auth_profile_for_each_action') - redirect_to (:back) - end - end - - def create_role - object_auth = ObjectAuth.find(params[:id]) - auth_all = params[:auth_all] || false - object_auth.update_attribute(:all,auth_all) - new_array = params[:new] || [] - new_array.each do |item| - field = item[0] - field_value = item[1] - if field_value!='' - case field - when 'role' - object_auth.send("add_#{field}",(Role.find field_value)) rescue nil - when 'sub_role' - object_auth.send("add_#{field}",(SubRole.find field_value)) rescue nil - when 'privilege_user' - object_auth.add_user_to_privilege_list (User.find field_value) rescue nil - when 'blocked_user' - object_auth.add_user_to_black_list (User.find field_value) rescue nil - end - end - end - redirect_to edit_admin_object_auth_path(object_auth) - end - - def remove_role - object_auth = ObjectAuth.find(params[:id]) - type = params[:type] - field_value = params[:target_id] - if field_value!='' - case type - when 'role' - object_auth.remove_role(Role.find field_value) rescue nil - when 'sub_role' - object_auth.remove_sub_role(SubRole.find field_value) rescue nil - when 'privilege_user' - object_auth.remove_user_from_privilege_list (User.find field_value) rescue nil - when 'blocked_user' - object_auth.remove_user_from_black_list (User.find field_value) rescue nil - end - end - redirect_to edit_admin_object_auth_path(object_auth) - end - - def edit - @object_auth = ObjectAuth.find(params[:id]) - end - -private - - def force_order - authenticate_user! - check_if_user_can_do_object_auth - end - - def check_if_user_can_do_object_auth - unless check_permission(:manager) - #render :nothing => true, :status => 403 - redirect_to '/' - end - end -end \ No newline at end of file diff --git a/app/views/admin/module_apps/_app_selector.html.erb b/app/views/admin/module_apps/_app_selector.html.erb deleted file mode 100644 index 7ce95e051..000000000 --- a/app/views/admin/module_apps/_app_selector.html.erb +++ /dev/null @@ -1 +0,0 @@ -<%= f.select :module_app_id, @module_apps.collect { |t| [t.module_name, t.id] }, {:include_blank => true} ,{:rel => admin_module_apps_path } %> diff --git a/app/views/admin/module_apps/edit.html.erb b/app/views/admin/module_apps/edit.html.erb deleted file mode 100644 index 13138db1d..000000000 --- a/app/views/admin/module_apps/edit.html.erb +++ /dev/null @@ -1,33 +0,0 @@ -<% content_for :secondary do %> -<% end %> - -

<%= @module_app.title%>

- -
-
-
<%= t(:manager) %> - <% @module_app.managers.each do |manager| %> -
<%= manager.user.name %> <%= get_auth_by(manager) %> <%= link_to '[X]',remove_manager_admin_module_app_path(@module_app,manager),:method => :delete if if_permit_to_delete(:manager) && manager.user != current_user %>
- <% end %> -
- <%= form_tag(assign_manager_admin_module_app_path) do %> - <%= collection_select(:manager,:id, User.all, :id, :name, :prompt => true,:disabled => !if_permit_to_assign(:manager))%> - <%= submit_tag t("auth.add_manager") %> - <% end %> -
-
-
-
<%#= t(:sub_manager) %> - <%# @module_app.sub_managers.each do |manager| %> -
<%#= manager.user.name %> <%#= get_auth_by(manager) %><%#= link_to '[X]',remove_sub_manager_admin_module_app_path(@module_app,manager),:method => :delete if if_permit_to_delete(:sub_manager) && manager.user != current_user %>
- <%# end %> -
- <%#= form_tag(assign_sub_manager_admin_module_app_path) do %> - <%#= collection_select(:sub_manager,:id, User.all, :id, :name, :prompt => true,:disabled => !if_permit_to_assign(:sub_manager))%> - <%#= submit_tag t("auth.add_sub_manager") %> - <%# end %> -
-
-
-<%#= render :partial => "admin/components/user_role_management", :locals => { :object => @module_app ,:auth=> @module_app.app_auth ,:submit_url=> admin_module_app_app_auths_path(@module_app),:ploy_route_ary=>['remove',:admin,@module_app,@module_app.app_auth] } %> - diff --git a/app/views/admin/module_apps/index.html.erb b/app/views/admin/module_apps/index.html.erb deleted file mode 100644 index e69de29bb..000000000 diff --git a/app/views/admin/module_apps/show.html.erb b/app/views/admin/module_apps/show.html.erb deleted file mode 100644 index 27cfbc1a0..000000000 --- a/app/views/admin/module_apps/show.html.erb +++ /dev/null @@ -1,37 +0,0 @@ -



-<%=@module_app.key %>
-<%=@module_app.title %>
-<%=@module_app.version %>
-<%=@module_app.organization %>
-<%=@module_app.author %>
-<%=@module_app.intro %>
-<%=@module_app.update_info %>
-<%=@module_app.create_date %>
-<%=@module_app.enable_frontend%>
-<%=@module_app.app_pages%>
-<%=@module_app.widgets%>
- -Mangers: - - - -SubManagers: -
- <% @module_app.sub_managers.each do |manager|%> - <%= manager.user.name %> - <%end%> -
-
- -All User?:<%= @module_app.app_auth.all %>
-Blocked Users:<%= @module_app.app_auth.blocked_users.collect{|t| t.name} %>
-Privilege Users:<%= @module_app.app_auth.privilege_users.collect{|t| t.name}%>
-User Roles:<%= @module_app.app_auth.roles.collect{|t| t.key} %>
-User Sub Roles:<%= @module_app.app_auth.sub_roles.collect{|t| t.key} %>
- -Available users after calculation: -<%= @module_app.app_auth.auth_users.collect{|user| user.name}.join(',') %> diff --git a/app/views/admin/object_auths/_auth_unit.html.erb b/app/views/admin/object_auths/_auth_unit.html.erb deleted file mode 100644 index 5a246fc3a..000000000 --- a/app/views/admin/object_auths/_auth_unit.html.erb +++ /dev/null @@ -1,3 +0,0 @@ -
- <%= unit%> -
\ No newline at end of file diff --git a/app/views/admin/object_auths/edit.html.erb b/app/views/admin/object_auths/edit.html.erb deleted file mode 100644 index 3c391ef9f..000000000 --- a/app/views/admin/object_auths/edit.html.erb +++ /dev/null @@ -1,9 +0,0 @@ -<% content_for :secondary do %> -<% end %> - -

<%= @object_auth.title %>

- -<%= render :partial => "admin/components/user_role_management", :locals => { - :object => @object_auth.auth_obj ,:auth=>@object_auth,:submit_url=>create_role_admin_object_auth_path(@object_auth),:ploy_route_ary=>['remove',:admin,@object_auth] } %> - -<%= link_to 'Back to object',eval(@object_auth.obj_authable.class.to_s+"::AfterObjectAuthUrl") %> \ No newline at end of file diff --git a/app/views/admin/object_auths/index.html.erb b/app/views/admin/object_auths/index.html.erb deleted file mode 100644 index 78ba745dd..000000000 --- a/app/views/admin/object_auths/index.html.erb +++ /dev/null @@ -1,39 +0,0 @@ -<% content_for :secondary do %> - <% #render 'side_bar' %> -<% end %> - -
- <%= flash_messages %> -
- <% #link_to t('new.user'), new_admin_user_path, :class => 'new' %> -
- - - - - - - - - - <% @object_auths.each do |object_auth| %> - - - - - - - - - - <% end %> - -
<%= t(:title) %><%= t(:type) %>
<%= object_auth.title %><%= object_auth.obj_authable_type.to_s %> - <%= link_to t(:show), admin_object_auth_path(object_auth), :class => 'show' %> - <%= link_to t(:edit), edit_admin_object_auth_path(object_auth), :class => 'edit' %> - <%= link_to t(:delete_), admin_object_auth_path(object_auth), :class => 'delete', :confirm => t('sure?'), :method => :delete %> -
-
- <%# link_to t('new.user'), new_admin_user_path, :class => 'new' %> -
-
diff --git a/app/views/admin/object_auths/new.html.erb b/app/views/admin/object_auths/new.html.erb deleted file mode 100644 index b5b381fb5..000000000 --- a/app/views/admin/object_auths/new.html.erb +++ /dev/null @@ -1,24 +0,0 @@ -<% content_for :secondary do %> - -<% end -%> - -
-
-
-
- -<%= flash_messages %> -

<%= t('object_auth.new_object_auth') %>

-<%= form_for @object_auth, :url => admin_object_auths_path do |f| %> - <%= f.label :title %> - <%= f.select :title,@object_auth_title_option %> - - <%= f.hidden_field :obj_id, :value => params[:obj_id] %> - <%= f.hidden_field :type, :value => params[:type] %> - - <%= submit_tag 'Add Auth' %>
- -<% end %> - -<%= link_back %> \ No newline at end of file