2012-05-14 04:34:15 +00:00
|
|
|
class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController
|
2012-05-11 08:44:40 +00:00
|
|
|
include OrbitCoreLib::PermissionUnility
|
|
|
|
before_filter :force_order
|
|
|
|
|
|
|
|
|
|
|
|
def setting
|
2012-05-22 09:55:18 +00:00
|
|
|
@sys_users = User.all(conditions: {admin: false}).includes(:avatar)
|
2012-05-11 08:44:40 +00:00
|
|
|
@ob_auth = ObjectAuth.find params[:object_auth_id]
|
2012-10-04 10:20:21 +00:00
|
|
|
@options_from_collection_for_select_ob_auth = @ob_auth.siblings.collect{|oa| [oa.auth_obj.pp_object,oa.id] }
|
2012-05-11 08:44:40 +00:00
|
|
|
@users_array = @ob_auth.privilege_users rescue []
|
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.html
|
|
|
|
format.js
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def update_setting
|
|
|
|
ob_auth = update_setting_by_params
|
|
|
|
if ob_auth.save!
|
2012-09-12 11:12:50 +00:00
|
|
|
flash[:notice] = t('update.success_')
|
2012-05-11 08:44:40 +00:00
|
|
|
else
|
2012-09-12 11:12:50 +00:00
|
|
|
flash[:notice] = t('update.fail')
|
2012-05-11 08:44:40 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_list
|
|
|
|
@ob_auth = ObjectAuth.find params[:ob_auth][:id]
|
|
|
|
end
|
|
|
|
|
|
|
|
protected
|
|
|
|
def update_setting_by_params
|
2012-05-14 04:34:15 +00:00
|
|
|
user_sat = []
|
2012-05-11 08:44:40 +00:00
|
|
|
oa = ObjectAuth.find params[:ob_auth][:id]
|
2012-05-14 04:34:15 +00:00
|
|
|
user_sat += User.find params[:users].keys if params.has_key? :users
|
2012-05-11 08:44:40 +00:00
|
|
|
users_to_new = user_sat - oa.auth_users
|
|
|
|
users_to_remove = oa.auth_users - user_sat
|
|
|
|
|
|
|
|
users_to_new.each do |new_user|
|
2012-10-16 06:23:44 +00:00
|
|
|
oa.privilege_users << new_user
|
2012-05-11 08:44:40 +00:00
|
|
|
oa.add_user_to_privilege_list(new_user)
|
|
|
|
end
|
|
|
|
|
|
|
|
users_to_remove.each do |remove_user|
|
2012-10-16 06:23:44 +00:00
|
|
|
oa.privilege_users.delete_if{|user| user == remove_user}
|
2012-05-11 08:44:40 +00:00
|
|
|
oa.remove_user_from_privilege_list(remove_user)
|
|
|
|
end
|
|
|
|
oa
|
|
|
|
end
|
|
|
|
|
|
|
|
# def get_categorys(id = nil)
|
|
|
|
# @bulletin_categorys = []
|
|
|
|
# if(is_manager? || is_admin?)
|
2012-07-09 04:05:21 +00:00
|
|
|
# @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.all)
|
2012-05-11 08:44:40 +00:00
|
|
|
# elsif is_sub_manager?
|
|
|
|
# @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
|
|
|
|
# end
|
|
|
|
# end
|
|
|
|
|
|
|
|
def force_order
|
|
|
|
authenticate_user!
|
|
|
|
check_if_user_can_do_object_auth
|
|
|
|
end
|
|
|
|
|
|
|
|
def check_if_user_can_do_object_auth
|
|
|
|
unless check_permission(:manager)
|
2012-08-31 10:56:26 +00:00
|
|
|
redirect_to '/'
|
2012-05-11 08:44:40 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2012-09-07 09:53:43 +00:00
|
|
|
def check_permission(var)
|
|
|
|
#app = ModuleApp.first({conditions:{key: params[:module_app_key]}})
|
|
|
|
# setup_vars
|
|
|
|
@module_app.is_manager?(current_user) || current_user.admin?
|
|
|
|
end
|
|
|
|
|
|
|
|
def setup_vars
|
2012-09-19 02:45:03 +00:00
|
|
|
if request.env['HTTP_REFERER'].split('/')[4] == "object_auths"
|
|
|
|
@app_key = params[:app_key]
|
|
|
|
else
|
|
|
|
@app_key = request.env['HTTP_REFERER'].split('/')[4]
|
|
|
|
end
|
|
|
|
|
|
|
|
#@app_key = request.fullpath.split('/')[1] if(@app_key == "back_end")
|
|
|
|
@app_key.gsub!(/[?].*/,'')
|
|
|
|
@module_app = ModuleApp.first(conditions: {:key => @app_key} )
|
2012-09-07 09:53:43 +00:00
|
|
|
end
|
|
|
|
|
2012-05-11 08:44:40 +00:00
|
|
|
end
|