fix object auth without app_auth

This commit is contained in:
Matthew K. Fu JuYuan 2012-10-16 14:23:44 +08:00
parent d027cf8e6a
commit 6dfe10040b
6 changed files with 29 additions and 14 deletions

View File

@ -37,10 +37,12 @@ class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController
users_to_remove = oa.auth_users - user_sat users_to_remove = oa.auth_users - user_sat
users_to_new.each do |new_user| users_to_new.each do |new_user|
oa.privilege_users << new_user
oa.add_user_to_privilege_list(new_user) oa.add_user_to_privilege_list(new_user)
end end
users_to_remove.each do |remove_user| users_to_remove.each do |remove_user|
oa.privilege_users.delete_if{|user| user == remove_user}
oa.remove_user_from_privilege_list(remove_user) oa.remove_user_from_privilege_list(remove_user)
end end
oa oa

View File

@ -2,9 +2,9 @@ class AppManager
include Mongoid::Document include Mongoid::Document
include Mongoid::Timestamps include Mongoid::Timestamps
belongs_to :user belongs_to :user,index: true
belongs_to :managing_app, :polymorphic => true #,:class_name => 'ModuleApp',:inverse_of => :managers,:foreign_key => "user_id" belongs_to :managing_app, :polymorphic => true,index: true #,:class_name => 'ModuleApp',:inverse_of => :managers,:foreign_key => "user_id"
belongs_to :sub_managing_app, :polymorphic => true #,:class_name => 'ModuleApp',:inverse_of => :sub_manager,:foreign_key => "sub_user_id" belongs_to :sub_managing_app, :polymorphic => true #,:class_name => 'ModuleApp',:inverse_of => :sub_manager,:foreign_key => "sub_user_id"
belongs_to :rule_creator,:class_name => 'User' belongs_to :rule_creator,:class_name => 'User'

View File

@ -54,7 +54,7 @@ class ModuleApp
def assign_sub_manager(user,assigner) def assign_sub_manager(user,assigner)
submanager = AppManager.first(conditions: {sub_managing_app_id: self.id,user_id: user.id}) rescue nil submanager = AppManager.first(conditions: {sub_managing_app_id: self.id,user_id: user.id}) rescue nil
if submanager.nil? && !self.managing_users.include?(user) if submanager.nil? && !self.managing_users.include?(user)
submanager = self.sub_managers.create(:user => user,:rule_creator => assigner) submanager = self.sub_managers.create(:user_id => user.id,:rule_creator_id => assigner.id)
end end
submanager submanager
end end

View File

@ -2,7 +2,7 @@ class ObjectAuth < PrototypeAuth
include OrbitCoreLib::ObjectTokenUnility include OrbitCoreLib::ObjectTokenUnility
validates_uniqueness_of :title ,:scope => [:obj_authable_type,:obj_authable_id] #{ |c| } validates_uniqueness_of :title ,:scope => [:obj_authable_type,:obj_authable_id] #{ |c| }
belongs_to :obj_authable, polymorphic: true belongs_to :obj_authable, polymorphic: true
after_save :check_user_has_app_auth after_save :check_user_has_can_access_app
# > - Something.find_with_auth(query) # > - Something.find_with_auth(query)
# > - or Something.find(query).auth # > - or Something.find(query).auth
def siblings def siblings
@ -14,15 +14,16 @@ class ObjectAuth < PrototypeAuth
class_obj.find self.obj_authable_id class_obj.find self.obj_authable_id
end end
def check_user_has_app_auth def check_user_has_can_access_app
sub_managing_users = auth_obj.app_auth.sub_managing_users rescue [] sub_managing_users = auth_obj.module_app.sub_managing_users rescue []
app_auth = auth_obj.app_auth module_app = auth_obj.module_app
self.auth_users.each do |auth_user| self.auth_users.each do |auth_user|
if !sub_managing_users.include? auth_user && !auth_user.admin? if !sub_managing_users.include? auth_user && !auth_user.admin?
app_auth.assign_sub_manager(auth_user,User.current) module_app.assign_sub_manager(auth_user,User.current)
app_auth.save! module_app.save
end end
end end
end end
end end

View File

@ -92,7 +92,7 @@ module OrbitCoreLib
authed_users(title).include?(User.current) authed_users(title).include?(User.current)
end end
def app_auth def module_app
ModuleApp.first(conditions: {:title => self.class::APP_NAME} ) ModuleApp.first(conditions: {:title => self.class::APP_NAME} )
end end

View File

@ -78,10 +78,22 @@ namespace :nccu do
end end
task :add_nccu_account_1016 => :environment do
a = ["waynedd@nccu.edu.tw","sfchang@nccu.edu.tw","kyokolin@nccu.edu.tw","sfaylin@nccu.edu.tw","jinyulin@nccu.edu.tw"]
users_ary = User.any_in(email: a)
NewsBulletinCategory.all.each do |cate|
oa = ObjectAuth.first({conditions:{title: "submit",obj_authable_type: "NewsBulletinCategory",obj_authable_id: cate.id}})
oa.privilege_users = oa.privilege_users + users_ary
oa.save
end
users_ary = User.any_in(email: a)
key = 'Announcement'
bc = BulletinCategory.first({conditions:{key: key}})
oa = ObjectAuth.first({conditions:{title: "submit",obj_authable_type: "BulletinCategory",obj_authable_id: bc.id}})
oa.privilege_users = oa.privilege_users + users_ary
oa.save
end
end end