developers
/
Orbit
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'gallery_orbit' of https://github.com/Rulingcom/orbit into gallery_orbit

This commit is contained in:
Harry Bomrah 2012-09-12 16:48:33 +08:00
parent 17f3104c8d 3432d1359b
commit f88176ee1f
28 changed files with 185 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@ -12,7 +12,7 @@ gem 'exception_notification' # Send error trace
gem 'execjs' gem 'execjs'
gem 'jquery-rails' gem 'jquery-rails'
gem 'jquery-ui-rails' gem 'jquery-ui-rails'
gem "pry", "~> 0.9.10"
gem 'kaminari', :git => 'git://github.com/amatsuda/kaminari.git' gem 'kaminari', :git => 'git://github.com/amatsuda/kaminari.git'
# gem "memcached", "~> 1.4.3" # gem "memcached", "~> 1.4.3"

8
Gemfile.lock
View File

@ -68,6 +68,7 @@ GEM
mongoid (~> 2.1) mongoid (~> 2.1)
chinese_pinyin (0.4.1) chinese_pinyin (0.4.1)
chronic (0.6.7) chronic (0.6.7)
coderay (1.0.7)
coffee-rails (3.1.1) coffee-rails (3.1.1)
coffee-script (>= 2.2.0) coffee-script (>= 2.2.0)
railties (~> 3.1.0) railties (~> 3.1.0)
@ -118,6 +119,7 @@ GEM
i18n (>= 0.4.0) i18n (>= 0.4.0)
mime-types (~> 1.16) mime-types (~> 1.16)
treetop (~> 1.4.8) treetop (~> 1.4.8)
method_source (0.8)
mime-types (1.17.2) mime-types (1.17.2)
mini_magick (3.4) mini_magick (3.4)
subexec (~> 0.2.1) subexec (~> 0.2.1)
@ -153,6 +155,10 @@ GEM
progress_bar (0.4.0) progress_bar (0.4.0)
highline (~> 1.6.1) highline (~> 1.6.1)
options (~> 2.3.0) options (~> 2.3.0)
pry (0.9.10)
coderay (~> 1.0.5)
method_source (~> 0.8)
slop (~> 3.3.1)
rack (1.3.6) rack (1.3.6)
rack-cache (1.2) rack-cache (1.2)
rack (>= 0.4) rack (>= 0.4)
@ -255,6 +261,7 @@ GEM
rack-protection (~> 1.2) rack-protection (~> 1.2)
tilt (~> 1.3, >= 1.3.3) tilt (~> 1.3, >= 1.3.3)
social-share-button (0.0.6) social-share-button (0.0.6)
slop (3.3.2)
spork (0.9.0) spork (0.9.0)
spork (0.9.0-x86-mingw32) spork (0.9.0-x86-mingw32)
win32-process win32-process
@ -331,6 +338,7 @@ DEPENDENCIES
net-ldap (~> 0.3.1) net-ldap (~> 0.3.1)
nokogiri nokogiri
progress_bar progress_bar
pry (~> 0.9.10)
radius radius
rails (>= 3.1.0, < 3.2.0) rails (>= 3.1.0, < 3.2.0)
rake rake

1
app/assets/javascripts/new_admin.js
View File

@ -14,6 +14,7 @@
//= require tinymce-jquery //= require tinymce-jquery
//= require tinymce_orbit //= require tinymce_orbit
//= require orbit-bar-search //= require orbit-bar-search
//= require orbit-bar-member
//= require side_bar_history //= require side_bar_history
//= require rss //= require rss
//= require ajax_form //= require ajax_form

6
app/controllers/admin/ad_banners_controller.rb
View File

@ -1,8 +1,10 @@
class Admin::AdBannersController < OrbitBackendController class Admin::AdBannersController < OrbitBackendController
layout "new_admin" layout "new_admin"
before_filter :authenticate_user! before_filter :force_order_for_visitor,:only=>[:index]
#before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
before_filter :for_app_manager,:except => [:index,:show,:update,:realtime_preview] before_filter :for_app_manager,:except => [:index,:show,:update,:realtime_preview]
before_filter :for_app_sub_manager
def rename def rename
@ad_banner = AdBanner.find(params[:id]) @ad_banner = AdBanner.find(params[:id])

6
app/controllers/admin/dashboards_controller.rb
View File

@ -1,7 +1,7 @@
class Admin::DashboardsController < ApplicationController class Admin::DashboardsController < OrbitBackendController
layout "new_admin" layout "new_admin"
before_filter :authenticate_user! #before_filter :set_current_user
#before_filter :authenticate_user!, :except => [:index]
# before_filter :is_admin? # before_filter :is_admin?
def index def index

14
app/controllers/admin/tags_controller.rb
View File

@ -1,9 +1,13 @@
class Admin::TagsController < ApplicationController class Admin::TagsController < OrbitBackendController
before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
layout 'new_admin'
before_filter :authenticate_user! # layout 'new_admin'
before_filter :is_admin? # before_filter :authenticate_user!
before_filter :set_module_app # before_filter :is_admin?
# before_filter :set_module_app
def index def index
get_tags get_tags

44
app/controllers/application_controller.rb
View File

@ -9,7 +9,7 @@ class ApplicationController < ActionController::Base
before_filter :set_locale, :set_site before_filter :set_locale, :set_site
def set_current_user def set_current_user
User.current = current_user User.current = current_or_guest_user
end end
def front_end_available(module_app_title='') def front_end_available(module_app_title='')
@ -48,14 +48,29 @@ class ApplicationController < ActionController::Base
redirect_to root_path redirect_to root_path
end end
# Check if the current_user is admin # Check if the current_user is admin,if not redirect
def is_admin? def is_admin?
current_user.admin? ? true : auth_failed_in_backend current_or_guest_user.admin? ? true : auth_failed_in_backend
end end
def is_manager? # def is_manager?
@module_app.managing_users.include?(current_user) || is_admin? # @module_app.is_manager?(current_or_guest_user) || is_admin?
end # end
# # Check if the current_user is admin
# def is_member?
# if (current_user rescue false)
# return true
# end
# return false
# end
# def is_guest?
# if session[:guest_user_id]
# return true
# end
# return false
# end
def for_admin_only def for_admin_only
if is_admin? if is_admin?
@ -76,7 +91,7 @@ class ApplicationController < ActionController::Base
end end
def for_app_sub_manager def for_app_sub_manager
if (@module_app.sub_managing_users.include?(current_user) || is_manager?) if (@module_app.sub_managing_users.include?(current_or_guest_user) || is_manager?)
true true
else else
flash[:error] = t("admin.access.denied.app.not_sub_manager") flash[:error] = t("admin.access.denied.app.not_sub_manager")
@ -85,7 +100,7 @@ class ApplicationController < ActionController::Base
end end
def for_app_user def for_app_user
if (@module_app.app_auth.auth_users.include?(current_user) || for_app_sub_manager ) if (@module_app.app_auth.auth_users.include?(current_or_guest_user) || for_app_sub_manager )
true true
else else
flash[:error] = t("admin.access.denied.app.not_authed_user") flash[:error] = t("admin.access.denied.app.not_authed_user")
@ -95,7 +110,7 @@ class ApplicationController < ActionController::Base
def check_object_premission(obj,title) def check_object_premission(obj,title)
flash[:error] = t("admin.access.denied.object") flash[:error] = t("admin.access.denied.object")
auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_user) || is_manager? || is_admin? ) auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) || is_manager? || is_admin? )
end end
# Render the page # Render the page
@ -189,6 +204,17 @@ class ApplicationController < ActionController::Base
[shift_out] + a [shift_out] + a
end end
end end
# called (once) when the user logs in, insert any code your application needs
# to hand off from guest_user to current_user.
def logging_in
# For example:
# guest_comments = guest_user.comments.all
# guest_comments.each do |comment|
# comment.user_id = current_user.id
# comment.save
# end
end
def render_main_rss def render_main_rss
ret = '' ret = ''

16
app/controllers/orbit_backend_controller.rb
View File

@ -1,12 +1,12 @@
class OrbitBackendController< ApplicationController class OrbitBackendController< ApplicationController
before_filter :force_order,:except => [:public] #before_filter :setup_vars
before_filter :setup_vars #before_filter :set_current_user
before_filter :set_current_user
# before_filter {|c| c.front_end_available(@app_title)} # before_filter {|c| c.front_end_available(@app_title)}
# before_filter :check_user_can_use # before_filter :check_user_can_use
include OrbitCoreLib::PermissionUnility include OrbitCoreLib::PermissionUnility
include AdminHelper include AdminHelper
include ApplicationHelper
layout 'new_admin' layout 'new_admin'
@ -19,7 +19,15 @@ class OrbitBackendController< ApplicationController
private private
def force_order def force_order_for_visitor
setup_vars
set_current_user
end
def force_order_for_user
setup_vars
set_current_user
authenticate_user! authenticate_user!
check_user_can_use check_user_can_use
end end

3
app/controllers/pages_controller.rb
View File

@ -47,8 +47,9 @@ class PagesController < ApplicationController
end end
def show_from_link def show_from_link
url = "/#{@item.path}?id=#{params[:id]}" url = "/#{@item.path}"
options = '' options = ''
options << "#{options.blank? ? '?' : '&'}id=#{params[:id]}" unless params[:id].blank?
options << "#{options.blank? ? '?' : '&'}category_id=#{params[:category_id]}" unless params[:category_id].blank? options << "#{options.blank? ? '?' : '&'}category_id=#{params[:category_id]}" unless params[:category_id].blank?
options << "#{options.blank? ? '?' : '&'}tag_id=#{params[:tag_id]}" unless params[:tag_id].blank? options << "#{options.blank? ? '?' : '&'}tag_id=#{params[:tag_id]}" unless params[:tag_id].blank?
options << "#{options.blank? ? '?' : '&'}preview=#{params[:preview]}" unless params[:preview].blank? options << "#{options.blank? ? '?' : '&'}preview=#{params[:preview]}" unless params[:preview].blank?

22
app/helpers/admin_helper.rb
View File

@ -7,15 +7,31 @@ module AdminHelper
# Check if the current_user is manager in current module app # Check if the current_user is manager in current module app
def is_manager? def is_manager?
@module_app.is_manager?(current_user) || is_admin? @module_app.is_manager?(current_or_guest_user) || is_admin?
end end
# Check if the current_user is sub manager in current module app # Check if the current_user is sub manager in current module app
def is_sub_manager? def is_sub_manager?
@module_app.is_sub_manager?(current_user)|| is_admin? @module_app.is_sub_manager?(current_or_guest_user)|| is_admin?
end end
def is_admin? def is_admin?
current_user.admin? current_or_guest_user.admin?
end end
def is_member?
if (current_user rescue false)
return true
end
return false
end
def is_guest?
if session[:guest_user_id]
return true
end
return false
end
end end

34
app/helpers/application_helper.rb
View File

@ -2,6 +2,36 @@ module ApplicationHelper
FLASH_NOTICE_KEYS = [:error, :notice, :warning] FLASH_NOTICE_KEYS = [:error, :notice, :warning]
def create_guest_user
u = User.create(:name => "guest", :email => "guest_#{Time.now.to_i}#{rand(99)}@example.com")
u.admin = false
u.save(:validate => false)
u
end
# if user is logged in, return current_user, else return guest_user
def current_or_guest_user
if current_user
if session[:guest_user_id]
guest_user.destroy
session[:guest_user_id] = nil
end
current_user
else
guest_user
end
end
# find guest_user object associated with the current session,
# creating one as needed
def guest_user
User.find(session[:guest_user_id].nil? ? session[:guest_user_id] = create_guest_user.id : session[:guest_user_id])
end
def colorize_in_use_locale(locale) def colorize_in_use_locale(locale)
@site_in_use_locales.include?(locale)? 'green' : 'red' @site_in_use_locales.include?(locale)? 'green' : 'red'
end end
@ -204,10 +234,6 @@ module ApplicationHelper
display_visitors(created_at: {'$gte' => Date.today.beginning_of_year, '$lte' => Date.today.end_of_year}) display_visitors(created_at: {'$gte' => Date.today.beginning_of_year, '$lte' => Date.today.end_of_year})
end end
def at_least_module_manager
is_manager? || is_admin?
end
def display_date_time(object) def display_date_time(object)
object.strftime("%Y-%m-%d %H:%M") object.strftime("%Y-%m-%d %H:%M")
end end

2
app/models/site.rb
View File

@ -12,7 +12,7 @@ class Site
field :private_key, :type => Binary field :private_key, :type => Binary
field :public_key, :type => Binary field :public_key, :type => Binary
field :title_always_on, :type => Boolean, :default => false field :title_always_on, :type => Boolean, :default => false
field :dashbroad_allow_visitor, :type => Boolean, :default => false
field :mail_settings, :type => Hash field :mail_settings, :type => Hash
field :school field :school

2
app/views/layouts/_orbit_bar.html.erb
View File

@ -9,9 +9,11 @@
<li><%#= link_to content_tag(:i, nil, :class => 'icons-content') + t('admin.content') %></li> <li><%#= link_to content_tag(:i, nil, :class => 'icons-content') + t('admin.content') %></li>
<li><%#= link_to content_tag(:i, nil, :class => 'icons-member') + t('admin.member'), admin_users_path %></li> <li><%#= link_to content_tag(:i, nil, :class => 'icons-member') + t('admin.member'), admin_users_path %></li>
<li><%#= link_to content_tag(:i, nil, :class => 'icons-asset') + t('admin.asset'), admin_assets_path %></li> <li><%#= link_to content_tag(:i, nil, :class => 'icons-asset') + t('admin.asset'), admin_assets_path %></li>
<%if (is_admin? rescue false)%>
<li class="divider"></li> <li class="divider"></li>
<li><%= link_to content_tag(:i, nil, :class => 'icons-structure') + t('admin.structure'), admin_items_path %></li> <li><%= link_to content_tag(:i, nil, :class => 'icons-structure') + t('admin.structure'), admin_items_path %></li>
<li><%= link_to content_tag(:i, nil, :class => 'icons-cog') + t('admin.site_settings'), admin_site_site_info_path(@site) %></li> <li><%= link_to content_tag(:i, nil, :class => 'icons-cog') + t('admin.site_settings'), admin_site_site_info_path(@site) %></li>
<% end -%>
<li><%#= link_to content_tag(:i, nil, :class => 'icons-plus-cube') + t('admin.add_item') %></li> <li><%#= link_to content_tag(:i, nil, :class => 'icons-plus-cube') + t('admin.add_item') %></li>
</ul> </ul>
<% else %> <% else %>

26
app/views/layouts/_side_bar.html.erb
View File

@ -9,11 +9,11 @@
<%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.announcement'), panel_announcement_back_end_bulletins_path %> <%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.announcement'), panel_announcement_back_end_bulletins_path %>
<%= content_tag :ul, :class => ("nav nav-list " + (visible_for_controllers('bulletins', '/panel/announcement/back_end/tags', 'bulletin_categorys', 'approvals')||active_for_ob_auths_object("BulletinCategory"))) do -%> <%= content_tag :ul, :class => ("nav nav-list " + (visible_for_controllers('bulletins', '/panel/announcement/back_end/tags', 'bulletin_categorys', 'approvals')||active_for_ob_auths_object("BulletinCategory"))) do -%>
<%= content_tag :li, link_to(t('announcement.all_articles'), panel_announcement_back_end_bulletins_path), :class => active_for_action('bulletins', 'index') %> <%= content_tag :li, link_to(t('announcement.all_articles'), panel_announcement_back_end_bulletins_path), :class => active_for_action('bulletins', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_announcement_back_end_bulletin_path), :class => active_for_action('bulletins', 'new') %> <%= content_tag :li, link_to(t('announcement.add_new'), new_panel_announcement_back_end_bulletin_path), :class => active_for_action('bulletins', 'new') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_announcement_back_end_bulletin_categorys_path), :class =>( active_for_action('bulletin_categorys', 'index') || active_for_ob_auths_object("BulletinCategory") ) %> <%= content_tag :li, link_to(t('announcement.categories'), panel_announcement_back_end_bulletin_categorys_path), :class =>( active_for_action('bulletin_categorys', 'index') || active_for_ob_auths_object("BulletinCategory") )if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_announcement_back_end_tags_path), :class => active_for_action('/panel/announcement/back_end/tags', 'index') %> <%= content_tag :li, link_to(t('announcement.tags'), panel_announcement_back_end_tags_path), :class => active_for_action('/panel/announcement/back_end/tags', 'index')if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_announcement_back_end_approval_setting_path), :class => active_for_action('approvals', 'setting') if (is_manager? rescue true) %> <%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_announcement_back_end_approval_setting_path), :class => active_for_action('approvals', 'setting') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "announcement"}))), :class => active_for_app_auth('Announcement') if (is_admin? rescue nil) %> <%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "Announcement"}))), :class => active_for_app_auth('Announcement') if (is_admin? rescue nil) %>
<% end -%> <% end -%>
@ -23,10 +23,10 @@
<%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.news'), panel_news_back_end_news_bulletins_path %> <%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.news'), panel_news_back_end_news_bulletins_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('news_bulletins', '/panel/news/back_end/tags', 'news_bulletin_categorys', 'news_approvals')) do -%> <%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('news_bulletins', '/panel/news/back_end/tags', 'news_bulletin_categorys', 'news_approvals')) do -%>
<%= content_tag :li, link_to(t('announcement.all_articles'), panel_news_back_end_news_bulletins_path), :class => active_for_action('news_bulletins', 'index') %> <%= content_tag :li, link_to(t('announcement.all_articles'), panel_news_back_end_news_bulletins_path), :class => active_for_action('news_bulletins', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_news_back_end_news_bulletin_path), :class => active_for_action('news_bulletins', 'new') %> <%= content_tag :li, link_to(t('announcement.add_new'), new_panel_news_back_end_news_bulletin_path), :class => active_for_action('news_bulletins', 'new') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_news_back_end_news_bulletin_categorys_path), :class => active_for_action('news_bulletin_categorys', 'index') || active_for_ob_auths_object("NewsBulletinCategory") %> <%= content_tag :li, link_to(t('announcement.categories'), panel_news_back_end_news_bulletin_categorys_path), :class => active_for_action('news_bulletin_categorys', 'index') || active_for_ob_auths_object("NewsBulletinCategory") if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_news_back_end_tags_path), :class => active_for_action('/panel/news/back_end/tags', 'index') %> <%= content_tag :li, link_to(t('announcement.tags'), panel_news_back_end_tags_path), :class => active_for_action('/panel/news/back_end/tags', 'index') if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_news_back_end_approval_setting_path), :class => active_for_action('news_approvals', 'setting') if (is_manager? rescue true) %> <%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_news_back_end_approval_setting_path), :class => active_for_action('news_approvals', 'setting') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "news"}))), :class => active_for_app_auth('news') if (is_admin? rescue nil) %> <%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "news"}))), :class => active_for_app_auth('news') if (is_admin? rescue nil) %>
<% end -%> <% end -%>
@ -60,10 +60,10 @@
<%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.link'), panel_web_resource_back_end_web_links_path %> <%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.link'), panel_web_resource_back_end_web_links_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('web_links', '/panel/web_resource/back_end/tags', 'web_link_categorys')) do -%> <%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('web_links', '/panel/web_resource/back_end/tags', 'web_link_categorys')) do -%>
<%= content_tag :li, link_to(t('admin.all_articles'), panel_web_resource_back_end_web_links_path), :class => active_for_action('web_links', 'index') %> <%= content_tag :li, link_to(t('admin.all_articles'), panel_web_resource_back_end_web_links_path), :class => active_for_action('web_links', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path), :class => active_for_action('web_links', 'new') %> <%= content_tag :li, link_to(t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path), :class => active_for_action('web_links', 'new') if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('announcement.categories'), panel_web_resource_back_end_web_link_categorys_path), :class => (active_for_action('web_link_categorys', 'index') || active_for_ob_auths_object("WebLinkCategory")) %> <%= content_tag :li, link_to(t('announcement.categories'), panel_web_resource_back_end_web_link_categorys_path), :class => (active_for_action('web_link_categorys', 'index') || active_for_ob_auths_object("WebLinkCategory")) if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('announcement.tags'), panel_web_resource_back_end_tags_path), :class => active_for_action('/panel/web_resource/back_end/tags', 'index') %> <%= content_tag :li, link_to(t('announcement.tags'), panel_web_resource_back_end_tags_path), :class => active_for_action('/panel/web_resource/back_end/tags', 'index') if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "web_resource"}))), :class => active_for_app_auth('web_resource') if (is_admin? rescue nil) %> <%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "web_resource"}))), :class => active_for_app_auth('web_resource') if (is_admin? rescue nil) %>
<% end -%> <% end -%>
<% end -%> <% end -%>

9
lib/orbit_core_lib.rb
View File

@ -135,19 +135,18 @@ module OrbitCoreLib
module PermissionUnility module PermissionUnility
private private
def check_permission(type = :use) def check_permission(type = :use)
setup_vars permission_grant = current_or_guest_user.admin?? true : false
permission_grant = current_user.admin?? true : false
module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
unless permission_grant unless permission_grant
permission_grant = case type permission_grant = case type
when :use when :use
users_ary = module_app.app_auth.auth_users rescue nil users_ary = module_app.app_auth.auth_users rescue nil
users_ary = [] if users_ary.nil? users_ary = [] if users_ary.nil?
(users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)) (users_ary.include?(current_or_guest_user) || module_app.is_manager?(current_or_guest_user) || module_app.is_sub_manager?(current_or_guest_user))
when :manager when :manager
module_app.is_manager?(current_user) module_app.is_manager?(current_or_guest_user)
when :sub_manager when :sub_manager
module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user) module_app.is_manager?(current_or_guest_user) || module_app.is_sub_manager?(current_or_guest_user)
end end
end end
permission_grant permission_grant

9
vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb vendored
View File

@ -2,15 +2,18 @@ class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
include AdminHelper include AdminHelper
include OrbitControllerLib::DivisionForDisable include OrbitControllerLib::DivisionForDisable
layout 'new_admin'
before_filter :authenticate_user!
before_filter :only => [ :new,:create,:edit,:update,:create] do |controller| before_filter :only => [ :new,:create,:edit,:update,:create] do |controller|
controller.get_categorys('BulletinCategory') controller.get_categorys('BulletinCategory')
end end
# before_filter :for_admin_only,:only => [:] # before_filter :for_admin_only,:only => [:]
# before_filter :for_app_manager,:only => [:index,:show,] # before_filter :for_app_manager,:only => [:index,:show,]
before_filter :force_order_for_visitor,:only=>[:index,:show,:get_sorted_and_filtered_bulletins]
before_filter :force_order_for_user,:except => [:index,:show,:get_sorted_and_filtered_bulletins]
before_filter :for_app_sub_manager,:except => [:index,:show,:get_sorted_and_filtered_bulletins] before_filter :for_app_sub_manager,:except => [:index,:show,:get_sorted_and_filtered_bulletins]
def index def index
# @bulletins = Bulletin.all # @bulletins = Bulletin.all
# @bulletins = Bulletin.desc("postdate desc") # @bulletins = Bulletin.desc("postdate desc")

6
vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_bulletin.html.erb vendored
View File

@ -1,6 +1,6 @@
<tr id="<%= dom_id bulletin %>" class="with_action"> <tr id="<%= dom_id bulletin %>" class="with_action">
<td> <td>
<% if (bulletin.create_user_id == current_user.id) || is_manager? %> <% if (bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<%= check_box_tag 'to_delete[]', bulletin.id, false, :class => "checkbox_in_list" %> <%= check_box_tag 'to_delete[]', bulletin.id, false, :class => "checkbox_in_list" %>
<% end -%> <% end -%>
</td> </td>
@ -33,9 +33,9 @@
<%= show_bulletin_title_at_index bulletin%> <%= show_bulletin_title_at_index bulletin%>
<div class="quick-edit"> <div class="quick-edit">
<ul class="nav nav-pills hide"> <ul class="nav nav-pills hide">
<% if (bulletin.create_user_id == current_user.id) || is_manager? %> <% if (bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<% if current_user.admin? || (!bulletin.is_rejected? && !bulletin.is_checked?) %> <% if current_or_guest_user.admin? || (!bulletin.is_rejected? && !bulletin.is_checked?) %>
<li><%= link_to t('bulletin.edit'), edit_panel_announcement_back_end_bulletin_path(bulletin) %></li> <li><%= link_to t('bulletin.edit'), edit_panel_announcement_back_end_bulletin_path(bulletin) %></li>
<li class="dropdown"> <li class="dropdown">
<a href="#" data-toggle="dropdown" class="dropdown-toggle"><%= t(:quick_edit) %><b class="caret"></b></a> <a href="#" data-toggle="dropdown" class="dropdown-toggle"><%= t(:quick_edit) %><b class="caret"></b></a>

8
vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/_filter_status.html.erb vendored
View File

@ -1,9 +1,9 @@
<div class="accordion-inner" data-toggle="buttons-checkbox"> <div class="accordion-inner" data-toggle="buttons-checkbox">
<%= link_to t(:top), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_top'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_top')}" %> <%= link_to t(:top), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_top'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_top')}" %>
<%= link_to t(:hot), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hot'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hot')}" %> <%= link_to t(:hot), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hot'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hot')}" %>
<%= link_to t(:hidden), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hidden'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hidden')}" %> <%= link_to t(:hidden), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hidden'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hidden')}" unless(is_guest?)%>
<%= link_to t(:pending), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" %> <%= link_to t(:pending), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" if(is_manager?)%>
<%= link_to t(:passed), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" %> <%= link_to t(:passed), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" if(is_manager?)%>
<%= link_to t(:rejected), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" %> <%= link_to t(:rejected), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" if(is_manager?)%>
</div> </div>
<%= render :partial => 'clear_filters', :locals => {:type => 'status'} %> <%= render :partial => 'clear_filters', :locals => {:type => 'status'} %>

2
vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb vendored
View File

@ -4,7 +4,7 @@
</table> </table>
<div class="form-actions form-fixed pagination-right"> <div class="form-actions form-fixed pagination-right">
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_announcement_back_end_bulletin_path, :class => 'btn btn-primary pull-right' %> <%= link_to(content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_announcement_back_end_bulletin_path, :class => 'btn btn-primary pull-right' )if (is_manager? rescue nil)%>
<div id="bulletin_pagination" class="paginationFixed"> <div id="bulletin_pagination" class="paginationFixed">
<%= paginate @bulletins, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil, :sort_options => params[:sort_options]} %> <%= paginate @bulletins, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil, :sort_options => params[:sort_options]} %>
</div> </div>

4
vendor/built_in_modules/news/app/controllers/panel/news/back_end/news_bulletin_categorys_controller.rb vendored
View File

@ -1,6 +1,8 @@
class Panel::News::BackEnd::NewsBulletinCategorysController < OrbitBackendController class Panel::News::BackEnd::NewsBulletinCategorysController < OrbitBackendController
include OrbitControllerLib::DivisionForDisable include OrbitControllerLib::DivisionForDisable
before_filter :for_app_manager,:except => [:index] before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
def index def index

3
vendor/built_in_modules/news/app/controllers/panel/news/back_end/news_bulletins_controller.rb vendored
View File

@ -1,9 +1,10 @@
class Panel::News::BackEnd::NewsBulletinsController < OrbitBackendController class Panel::News::BackEnd::NewsBulletinsController < OrbitBackendController
include OrbitControllerLib::DivisionForDisable include OrbitControllerLib::DivisionForDisable
before_filter :authenticate_user!
# before_filter :for_admin_only,:only => [:] # before_filter :for_admin_only,:only => [:]
# before_filter :for_app_manager,:only => [:index,:show,] # before_filter :for_app_manager,:only => [:index,:show,]
before_filter :force_order_for_visitor,:only=>[:index,:show,:get_sorted_and_filtered_news_bulletins]
before_filter :force_order_for_user,:except => [:index,:show,:get_sorted_and_filtered_news_bulletins]
before_filter :for_app_sub_manager,:except => [:index,:show,:get_sorted_and_filtered_news_bulletins] before_filter :for_app_sub_manager,:except => [:index,:show,:get_sorted_and_filtered_news_bulletins]
before_filter :only => [ :new,:edit,:update,:create] do |controller| before_filter :only => [ :new,:edit,:update,:create] do |controller|
controller.get_categorys('NewsBulletinCategory') controller.get_categorys('NewsBulletinCategory')

8
vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_filter_status.html.erb vendored
View File

@ -1,9 +1,9 @@
<div class="accordion-inner" data-toggle="buttons-checkbox"> <div class="accordion-inner" data-toggle="buttons-checkbox">
<%= link_to t(:top), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_top'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_top')}" %> <%= link_to t(:top), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_top'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_top')}" %>
<%= link_to t(:hot), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hot'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hot')}" %> <%= link_to t(:hot), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hot'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hot')}" %>
<%= link_to t(:hidden), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hidden'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hidden')}" %> <%= link_to t(:hidden), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hidden'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hidden')}" unless(is_guest?)%>
<%= link_to t(:pending), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" %> <%= link_to t(:pending), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" if(is_manager?) %>
<%= link_to t(:passed), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" %> <%= link_to t(:passed), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" if(is_manager?)%>
<%= link_to t(:rejected), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" %> <%= link_to t(:rejected), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" if(is_manager?)%>
</div> </div>
<%= render :partial => 'clear_filters', :locals => {:type => 'status'} %> <%= render :partial => 'clear_filters', :locals => {:type => 'status'} %>

6
vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb vendored
View File

@ -1,6 +1,6 @@
<tr id="<%= dom_id news_bulletin %>" class="with_action"> <tr id="<%= dom_id news_bulletin %>" class="with_action">
<td> <td>
<% if (news_bulletin.create_user_id == current_user.id) || is_manager? %> <% if (news_bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<%= check_box_tag 'to_delete[]', news_bulletin.id, false, :class => "checkbox_in_list" %> <%= check_box_tag 'to_delete[]', news_bulletin.id, false, :class => "checkbox_in_list" %>
<% end -%> <% end -%>
</td> </td>
@ -32,9 +32,9 @@
<td> <%= show_news_bulletin_title_at_index news_bulletin%> <td> <%= show_news_bulletin_title_at_index news_bulletin%>
<div class="quick-edit"> <div class="quick-edit">
<ul class="nav nav-pills hide"> <ul class="nav nav-pills hide">
<% if (news_bulletin.create_user_id == current_user.id) || is_manager? %> <% if (news_bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<% if current_user.admin? || (!news_bulletin.is_rejected? && !news_bulletin.is_checked?) %> <% if current_or_guest_user.admin? || (!news_bulletin.is_rejected? && !news_bulletin.is_checked?) %>
<li><%= link_to t('news_bulletin.edit'), edit_panel_news_back_end_news_bulletin_path(news_bulletin) %></li> <li><%= link_to t('news_bulletin.edit'), edit_panel_news_back_end_news_bulletin_path(news_bulletin) %></li>
<li class="dropdown"> <li class="dropdown">
<a href="#" data-toggle="dropdown" class="dropdown-toggle"><%= t(:quick_edit) %><b class="caret"></b></a> <a href="#" data-toggle="dropdown" class="dropdown-toggle"><%= t(:quick_edit) %><b class="caret"></b></a>

2
vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/index.html.erb vendored
View File

@ -4,7 +4,7 @@
</table> </table>
<div class="form-actions form-fixed pagination-right"> <div class="form-actions form-fixed pagination-right">
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_news_back_end_news_bulletin_path, :class => 'btn btn-primary pull-right' %> <%= link_to(content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_news_back_end_news_bulletin_path, :class => 'btn btn-primary pull-right' )if (is_manager? rescue nil)%>
<div id="news_bulletin_pagination" class="paginationFixed"> <div id="news_bulletin_pagination" class="paginationFixed">
<%= paginate @news_bulletins, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil, :sort_options => params[:sort_options]} %> <%= paginate @news_bulletins, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil, :sort_options => params[:sort_options]} %>
</div> </div>

9
vendor/built_in_modules/page_content/app/controllers/panel/page_content/back_end/page_contexts_controller.rb vendored
View File

@ -1,7 +1,10 @@
class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController
before_filter :for_app_manager,:except => [:index,:edit,:update,:view,:show] before_filter :force_order_for_visitor,:only=>[:index]
before_filter :for_app_sub_manager,:only => [:edit,:update,:view,:show] before_filter :force_order_for_user,:except => [:index]
:authenticate_user!
before_filter :for_app_manager,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
#before_filter :is_admin? #before_filter :is_admin?
def index def index

5
vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/back_end/web_links_controller.rb vendored
View File

@ -1,7 +1,10 @@
class Panel::WebResource::BackEnd::WebLinksController < OrbitBackendController class Panel::WebResource::BackEnd::WebLinksController < OrbitBackendController
include OrbitControllerLib::DivisionForDisable include OrbitControllerLib::DivisionForDisable
before_filter :authenticate_user!
# before_filter :for_app_manager,:except => [:index,:show] # before_filter :for_app_manager,:except => [:index,:show]
before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index] before_filter :for_app_sub_manager,:except => [:index]
before_filter :only => [ :new,:edit,:update] do |controller| before_filter :only => [ :new,:edit,:update] do |controller|
controller.get_categorys('WebLinkCategory') controller.get_categorys('WebLinkCategory')

2
vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_links/_web_link.html.erb vendored
View File

@ -1,6 +1,6 @@
<tr id="<%= dom_id web_link %>" class="with_action"> <tr id="<%= dom_id web_link %>" class="with_action">
<td> <td>
<% if (web_link.create_user_id == current_user.id) || is_manager? %> <% if (web_link.create_user_id == current_or_guest_user.id) || is_manager? %>
<%= check_box_tag 'to_delete[]', web_link.id, false, :class => "checkbox_in_list" %> <%= check_box_tag 'to_delete[]', web_link.id, false, :class => "checkbox_in_list" %>
<% end -%> <% end -%>
</td> </td>

2
vendor/built_in_modules/web_resource/app/views/panel/web_resource/back_end/web_links/index.html.erb vendored
View File

@ -15,7 +15,7 @@
</table> </table>
<div class="form-actions form-fixed pagination-right"> <div class="form-actions form-fixed pagination-right">
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path, :class => 'btn btn-primary pull-right' %> <%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path, :class => 'btn btn-primary pull-right' if (is_manager? rescue nil) %>
<div id="web_link_pagination" class="paginationFixed"> <div id="web_link_pagination" class="paginationFixed">
<%= paginate @web_links, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil} %> <%= paginate @web_links, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil} %>
</div> </div>