fixing for app_auth
This commit is contained in:
parent
d3ca1647be
commit
7b40706aed
|
@ -4,7 +4,7 @@ class Admin::AppAuthsController < ApplicationController
|
|||
before_filter :is_admin?
|
||||
|
||||
def index
|
||||
@user_roles = UserRole.all.entries
|
||||
@roles = Role.all.entries
|
||||
apps = Purchase.where(:type =>"App")
|
||||
@app_auth_data = apps.entries.map do |app|
|
||||
app_c = eval(app.app_controller)
|
||||
|
|
|
@ -6,6 +6,13 @@ class ApplicationController < ActionController::Base
|
|||
helper :all
|
||||
before_filter :set_locale, :set_site
|
||||
|
||||
def front_end_available(module_app_title='')
|
||||
app_controller = ModuleApp.first(conditions: {:title => module_app_title} )
|
||||
unless app_controller.enable_frontend?
|
||||
render :text => 'View not available'
|
||||
end
|
||||
end
|
||||
|
||||
def get_all_app_engines
|
||||
ary = ["vender/plugins/NewBlog"]
|
||||
app_engines = ary.collect{|t|
|
||||
|
|
|
@ -15,55 +15,72 @@ class AppAuth
|
|||
|
||||
|
||||
has_and_belongs_to_many :roles
|
||||
has_and_belongs_to_many :sub_roles
|
||||
|
||||
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users,:users
|
||||
|
||||
def add_role role
|
||||
add_operation(:roles,role)
|
||||
end
|
||||
|
||||
def add_sub_role role
|
||||
add_operation(:sub_roles,role)
|
||||
end
|
||||
|
||||
def remove_role role
|
||||
remove_operation(:roles,role)
|
||||
end
|
||||
|
||||
def remove_sub_role role
|
||||
remove_operation(:sub_roles,role)
|
||||
end
|
||||
|
||||
def add_user_to_black_list user
|
||||
unless self.blocked_users.include?(user)
|
||||
self.blocked_users << user
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user existed in list already
|
||||
end
|
||||
add_operation(:blocked_users,user)
|
||||
end
|
||||
|
||||
|
||||
def remove_user_from_black_list user
|
||||
if self.blocked_users.include? user
|
||||
self.blocked_users.delete user
|
||||
remove_operation(:blocked_users,user)
|
||||
end
|
||||
|
||||
def add_user_to_privilege_list user
|
||||
add_operation(:privilege_users,user)
|
||||
end
|
||||
|
||||
def remove_user_from_privilege_list user
|
||||
remove_operation(:privilege_users,user)
|
||||
end
|
||||
|
||||
def remove_operation(item,obj)
|
||||
if (self.send item).include? obj
|
||||
(self.send item).delete obj
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user not existed in list
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
def add_user_to_privilege_list user
|
||||
unless self.privilege_users.include? user
|
||||
self.privilege_users << user
|
||||
def add_operation(item,obj)
|
||||
unless (self.send item).include?(obj)
|
||||
(self.send item) << obj
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user existed in list already
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
def remove_user_from_privilege_list user
|
||||
if self.privilege_users.include? user
|
||||
self.privilege_users.delete user
|
||||
self.save!
|
||||
else
|
||||
false #should put error message for user not existed in list
|
||||
end
|
||||
end
|
||||
|
||||
def auth_users
|
||||
if self.all?
|
||||
User.all.entries
|
||||
else
|
||||
ary= self.roles.collect do |role|
|
||||
role.users
|
||||
ary=[]
|
||||
[:roles,:sub_roles].each do |t_role|
|
||||
ary += (self.send t_role).collect do |role|
|
||||
role.users
|
||||
end
|
||||
end
|
||||
ary << self.privilege_users
|
||||
ary.flatten!
|
||||
ary.flatten!.uniq
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -9,9 +9,13 @@ class ModuleApp
|
|||
field :intro
|
||||
field :update_info
|
||||
field :create_date
|
||||
field :enable_frontend,type: Boolean
|
||||
|
||||
field :app_pages ,type: Array
|
||||
field :widgets ,type: Array
|
||||
|
||||
has_one :app_auth,dependent: :delete
|
||||
|
||||
|
||||
|
||||
end
|
||||
|
|
|
@ -19,7 +19,10 @@ class User
|
|||
accepts_nested_attributes_for :attribute_values, :allow_destroy => true
|
||||
|
||||
def avb_apps
|
||||
query = AppAuth.any_of({all: true},{privilege_user_ids: self.id},{roles: self.role.id}).excludes(blocked_user_ids: self.id)
|
||||
sub_role_ids_ary=self.sub_roles.collect{|t| t.id}
|
||||
query1 = AppAuth.any_in({sub_role_ids: sub_role_ids_ary}).excludes(blocked_user_ids: self.id)
|
||||
query2 = AppAuth.any_of({all: true},{privilege_user_ids: self.id},{role_ids: self.role.id}).excludes(blocked_user_ids: self.id)
|
||||
(query1 + query2).uniq
|
||||
end
|
||||
|
||||
def name
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
<%= f.hidden_field :to_save, :value => true %>
|
||||
<% end %>
|
||||
<% else %>
|
||||
<%= File.basename (@design.default_css.file.url) %>
|
||||
<%= File.basename (@design.default_css.file.url) rescue "" %>
|
||||
<% end %>
|
||||
</p>
|
||||
<p>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<h1><%= t('admin.new_design') %></h1>
|
||||
|
||||
<%= form_for :design, :url => admin_designs_path do |f| %>
|
||||
<%= form_for @design, :url => admin_design_path(@design),:html => {:multipart => true} do |f| %>
|
||||
<%= f.error_messages %>
|
||||
<%= render :partial => "form", :locals => { :f => f } %>
|
||||
|
||||
|
|
|
@ -6,129 +6,210 @@ describe AppAuth do
|
|||
|
||||
before do
|
||||
User.all.destroy
|
||||
UserRole.all.destroy
|
||||
Role.all.destroy
|
||||
SubRole.all.destroy
|
||||
AppAuth.all.destroy
|
||||
ModuleApp.all.destroy
|
||||
|
||||
#Create some fixtures of Main Role
|
||||
main_role_key = ["Stud","Teacher","Staff"]
|
||||
@new_main_role_list = main_role_key.each do |role|
|
||||
new_role = UserRole.new :key => role
|
||||
|
||||
new_role = Role.new :key => role
|
||||
new_role.save
|
||||
end
|
||||
#Create Some SubRoles
|
||||
sub_role_key = ["graduated_school","undergraduated_school","TA","Senior"]
|
||||
@new_main_role_list = sub_role_key.each do |role|
|
||||
new_role = SubRole.new :key => role
|
||||
new_role.save
|
||||
end
|
||||
|
||||
#Create some users of User
|
||||
user_emails = ["a_good_stud","a_bad_stud","a_teacher","a_staff"]
|
||||
user_emails = ["a_good_ug_stud_1","a_good_ug_stud_2","a_bad_ug_stud","a_good_g_stud","a_bad_g_stud","a_teacher","a_staff"]
|
||||
user_emails.each do |user_email|
|
||||
email=user_email+"@rulingcom.com"
|
||||
new_user = User.new :email=> email
|
||||
new_user.save
|
||||
end
|
||||
#MRK = Member Role Key SRK=Sub Role Key
|
||||
@stud_MRK = Role.first(conditions:{key:"Stud"})
|
||||
@teacher_MRK = Role.first(conditions:{key:"Teacher"})
|
||||
@staff_MRK = Role.first(conditions:{key:"Staff"})
|
||||
|
||||
@stud_MRK = UserRole.first(conditions:{key:"Stud"})
|
||||
@teacher_MRK = UserRole.first(conditions:{key:"Teacher"})
|
||||
@staff_MRK = UserRole.first(conditions:{key:"Staff"})
|
||||
@graduated_SRK = SubRole.first(conditions:{key:"graduated_school"})
|
||||
@under_graduated_SRK = SubRole.first(conditions:{key:"undergraduated_school"})
|
||||
@ta_SRK = SubRole.first(conditions:{key:"TA"})
|
||||
@senior_SRK = SubRole.first(conditions:{key:"Senior"})
|
||||
|
||||
@good_stu = User.first(conditions:{email:"a_good_stud@rulingcom.com"})
|
||||
@bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
|
||||
@stud_MRK.sub_roles += [@graduated,@under_graduated,@ta]
|
||||
@stud_MRK.save!
|
||||
|
||||
@teacher_MRK.sub_roles = [@senior]
|
||||
@teacher_MRK.save!
|
||||
|
||||
@good_ug_stu_1 = User.first(conditions:{email:"a_good_ug_stud_1@rulingcom.com"})
|
||||
@good_ug_stu_2 = User.first(conditions:{email:"a_good_ug_stud_2@rulingcom.com"})
|
||||
@bad_ug_stu = User.first(conditions:{email:"a_bad_ug_stud@rulingcom.com"})
|
||||
|
||||
@good_g_stu = User.first(conditions:{email:"a_good_g_stud@rulingcom.com"})
|
||||
@bad_g_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
|
||||
@teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
|
||||
@staff = User.first(conditions:{email:"a_staff@rulingcom.com"})
|
||||
|
||||
#setting Roles for users
|
||||
@good_stu.user_role = @stud_MRK
|
||||
@bad_stu.user_role = @stud_MRK
|
||||
@teacher.user_role = @teacher_MRK
|
||||
@staff.user_role = @staff_MRK
|
||||
@good_g_stu.role = @stud_MRK
|
||||
@bad_g_stu.role = @stud_MRK
|
||||
@good_ug_stu_1.role = @stud_MRK
|
||||
@good_ug_stu_2.role = @stud_MRK
|
||||
@bad_ug_stu.role = @stud_MRK
|
||||
|
||||
@good_g_stu.sub_roles = [@graduated_SRK,@ta_SRK]
|
||||
@bad_g_stu.sub_roles << @graduated_SRK
|
||||
@good_ug_stu_1.sub_roles << @under_graduated_SRK
|
||||
@good_ug_stu_2.sub_roles << @under_graduated_SRK
|
||||
@bad_ug_stu.sub_roles << @under_graduated_SRK
|
||||
|
||||
@teacher.role = @teacher_MRK
|
||||
@staff.role = @staff_MRK
|
||||
|
||||
@good_g_stu.save!
|
||||
@bad_g_stu.save!
|
||||
@good_ug_stu_1.save!
|
||||
@good_ug_stu_2.save!
|
||||
@bad_ug_stu.save!
|
||||
|
||||
@good_stu.save!
|
||||
@bad_stu.save!
|
||||
@teacher.save!
|
||||
@staff.save!
|
||||
|
||||
end
|
||||
describe "Testing basic structure" do
|
||||
describe "Starting a ClassBulletin Auth for teacher , staff and ta" do
|
||||
before do
|
||||
@app_auth = AppAuth.new()
|
||||
#all stud has access right
|
||||
@app_auth.user_roles << @stud_MRK
|
||||
@bulletin_app_auth = AppAuth.new()
|
||||
#all teacher and staff has access right
|
||||
@bulletin_app_auth.roles = [@teacher_MRK,@staff_MRK]
|
||||
#all person with TA sub_role has access right
|
||||
@bulletin_app_auth.sub_roles << @ta_SRK
|
||||
|
||||
#a_bad_stud add to block to app_auth
|
||||
@app_auth.blocked_users << @bad_stu
|
||||
#a_bad_ug_stud add to block to bulletin_app_auth
|
||||
#@bulletin_app_auth.blocked_users << @bad_ug_stu
|
||||
|
||||
#all teacher has access right
|
||||
@app_auth.user_roles << @teacher_MRK
|
||||
# @bulletin_app_auth.roles << @teacher_MRK
|
||||
|
||||
@app_auth.privilege_users << @staff
|
||||
@app_auth.save!
|
||||
# @bulletin_app_auth.privilege_users << @staff
|
||||
@bulletin_app_auth.save!
|
||||
end
|
||||
context "Should just initialize all obj that is needed" do
|
||||
|
||||
it "Testing @app_auth init result" do
|
||||
@app_auth.user_roles.should have(2).item
|
||||
it "Testing @bulletin_app_auth init result" do
|
||||
@bulletin_app_auth.roles.should have(2).item #teacher staff
|
||||
@bulletin_app_auth.sub_roles.should have(1).item #ta
|
||||
end
|
||||
|
||||
it "@app_auth should have UserRoles: Stud , Teacher " do
|
||||
key_ary = @app_auth.user_roles.collect do |role|
|
||||
it "@bulletin_app_auth should have Roles: Staff , Teacher " do
|
||||
key_ary = @bulletin_app_auth.roles.collect do |role|
|
||||
role.key
|
||||
end
|
||||
key_ary.should == ["Stud","Teacher"]
|
||||
key_ary.sort.should == ["Staff","Teacher"].sort
|
||||
end
|
||||
|
||||
it "@app_auth should have one Privialage user which is belongs to Staff" do
|
||||
p_user_ary = @app_auth.privilege_users.collect do |p_user|
|
||||
p_user.user_role.key
|
||||
it "bulletin_app_auth should have 3 auth users" do
|
||||
user_ary = [@teacher,@staff,@good_g_stu]
|
||||
@bulletin_app_auth.auth_users.sort.should == user_ary.sort
|
||||
check_user_has_app user_ary
|
||||
end
|
||||
|
||||
it "Adding a undergraduate stud into app_auth by privilege list" do
|
||||
user_ary = [@teacher,@staff,@good_g_stu,@good_ug_stu_1]
|
||||
@bulletin_app_auth.add_user_to_privilege_list @good_ug_stu_1
|
||||
@bulletin_app_auth.auth_users.sort.should == user_ary.sort
|
||||
check_user_has_app user_ary
|
||||
end
|
||||
|
||||
it "Adding all graudated-stud into app_auth" do
|
||||
user_ary = [@teacher,@staff,@good_g_stu,@bad_g_stu]
|
||||
@bulletin_app_auth.add_sub_role @graduated_SRK
|
||||
@bulletin_app_auth.auth_users.sort.should == user_ary.sort
|
||||
check_user_has_app user_ary
|
||||
end
|
||||
|
||||
it "Blocking bad-graduate student" do
|
||||
user_ary =[@teacher,@staff,@good_g_stu]
|
||||
@bulletin_app_auth.add_sub_role @graduated_SRK
|
||||
@bulletin_app_auth.add_user_to_black_list @bad_g_stu
|
||||
@bulletin_app_auth.auth_users_after_block_list.sort.should == user_ary.sort
|
||||
check_user_has_app user_ary
|
||||
end
|
||||
|
||||
it "Removing all graudated-stud from app_auth" do
|
||||
user_ary =[@teacher,@staff,@good_g_stu]
|
||||
@bulletin_app_auth.add_sub_role @graduated_SRK
|
||||
@bulletin_app_auth.remove_sub_role @graduated_SRK
|
||||
@bulletin_app_auth.auth_users.sort.should == user_ary.sort
|
||||
check_user_has_app user_ary
|
||||
end
|
||||
|
||||
|
||||
# it "@bulletin_app_auth should have one Privialage user which is belongs to Staff" do
|
||||
# p_user_ary = @bulletin_app_auth.privilege_users.collect do |p_user|
|
||||
# p_user.roles.key
|
||||
# end
|
||||
# p_user_ary.should include("Staff")
|
||||
# end
|
||||
|
||||
# it "@bulletin_app_auth should have one student listed at blocklist" do
|
||||
# @bad_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
|
||||
# @bulletin_app_auth.blocked_users.should have(1).item
|
||||
# @bulletin_app_auth.blocked_users.should include(@bad_stu)
|
||||
# end
|
||||
|
||||
# it "[Development #1]-1.Authorizing roles: roles + blocklist" do
|
||||
# @good_stu = User.first(conditions:{email:"a_good_g_stud@rulingcom.com"})
|
||||
# @teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
|
||||
# @staff = User.first(conditions:{email:"a_staff@rulingcom.com"})
|
||||
# ary = [@good_stu,@teacher,@staff]
|
||||
# @bulletin_app_auth.auth_users_after_block_list.should == ary
|
||||
# end
|
||||
#
|
||||
# it "[Development #1]-2.Authorizing single users: list of users [new_user1~2]" do
|
||||
# user_emails = ["new_user1","new_user2","new_user3","new_user4"]
|
||||
# user_emails.each do |user_email|
|
||||
# email=user_email+"@rulingcom.com"
|
||||
# new_user = User.new :email=> email
|
||||
# new_user.save
|
||||
# end
|
||||
# user1= User.first(conditions:{email:"new_user1@rulingcom.com"})
|
||||
# user2= User.first(conditions:{email:"new_user2@rulingcom.com"})
|
||||
# user3= User.first(conditions:{email:"new_user3@rulingcom.com"})
|
||||
# user4= User.first(conditions:{email:"new_user4@rulingcom.com"})
|
||||
#
|
||||
# @bulletin_app_auth.privilege_users << user1
|
||||
# @bulletin_app_auth.privilege_users << user2
|
||||
#
|
||||
# @bulletin_app_auth.auth_users_after_block_list.should include(user1,user2)
|
||||
# @bulletin_app_auth.auth_users_after_block_list.should_not include(user3,user4)
|
||||
#
|
||||
# end
|
||||
#
|
||||
# it "[Development #1]-3.Authorizing roles and single users: roles + blocklist + list of users" do
|
||||
# @bulletin_app_auth.auth_users.should have(7).item
|
||||
# end
|
||||
#
|
||||
# it "[Development #1]-4.Authorizing all: blocklist" do
|
||||
# @bad_stu = User.first(conditions:{email:"a_bad_g_stud@rulingcom.com"})
|
||||
# @new_bulletin_app_auth = (AppAuth.new :all => true)
|
||||
# @new_bulletin_app_auth.blocked_users << @bad_stu
|
||||
#
|
||||
# @new_bulletin_app_auth.auth_users.should == User.all.entries
|
||||
# @new_bulletin_app_auth.auth_users_after_block_list.should_not include(@bad_stu)
|
||||
# @new_bulletin_app_auth.save!
|
||||
# end
|
||||
def check_user_has_app(user_ary)
|
||||
user_ary.each do |user|
|
||||
user.avb_apps.should include(@bulletin_app_auth)
|
||||
end
|
||||
p_user_ary.should include("Staff")
|
||||
end
|
||||
|
||||
it "@app_auth should have one student listed at blocklist" do
|
||||
@bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
|
||||
@app_auth.blocked_users.should have(1).item
|
||||
@app_auth.blocked_users.should include(@bad_stu)
|
||||
end
|
||||
|
||||
it "[Development #1]-1.Authorizing roles: roles + blocklist" do
|
||||
@good_stu = User.first(conditions:{email:"a_good_stud@rulingcom.com"})
|
||||
@teacher = User.first(conditions:{email:"a_teacher@rulingcom.com"})
|
||||
@staff = User.first(conditions:{email:"a_staff@rulingcom.com"})
|
||||
ary = [@good_stu,@teacher,@staff]
|
||||
@app_auth.auth_users_after_block_list.should == ary
|
||||
end
|
||||
|
||||
it "[Development #1]-2.Authorizing single users: list of users [new_user1~2]" do
|
||||
user_emails = ["new_user1","new_user2","new_user3","new_user4"]
|
||||
user_emails.each do |user_email|
|
||||
email=user_email+"@rulingcom.com"
|
||||
new_user = User.new :email=> email
|
||||
new_user.save
|
||||
end
|
||||
user1= User.first(conditions:{email:"new_user1@rulingcom.com"})
|
||||
user2= User.first(conditions:{email:"new_user2@rulingcom.com"})
|
||||
user3= User.first(conditions:{email:"new_user3@rulingcom.com"})
|
||||
user4= User.first(conditions:{email:"new_user4@rulingcom.com"})
|
||||
|
||||
@app_auth.privilege_users << user1
|
||||
@app_auth.privilege_users << user2
|
||||
|
||||
@app_auth.auth_users_after_block_list.should include(user1,user2)
|
||||
@app_auth.auth_users_after_block_list.should_not include(user3,user4)
|
||||
|
||||
end
|
||||
|
||||
it "[Development #1]-3.Authorizing roles and single users: roles + blocklist + list of users" do
|
||||
@app_auth.auth_users.should have(4).item
|
||||
end
|
||||
|
||||
it "[Development #1]-4.Authorizing all: blocklist" do
|
||||
@bad_stu = User.first(conditions:{email:"a_bad_stud@rulingcom.com"})
|
||||
@new_app_auth = (AppAuth.new :all => true)
|
||||
@new_app_auth.blocked_users << @bad_stu
|
||||
|
||||
@new_app_auth.auth_users.should == User.all.entries
|
||||
@new_app_auth.auth_users_after_block_list.should_not include(@bad_stu)
|
||||
@new_app_auth.save!
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -6,5 +6,6 @@
|
|||
"intro": "A simple blog……",
|
||||
"update_info": "Some info",
|
||||
"create_date": "11-11-2011",
|
||||
"app_pages": ["/panel/blog/front_end/"]
|
||||
"app_pages": ["/panel/blog/front_end/"],
|
||||
"widgets": ["/panel/blog/widget/latest_post","/panel/blog/widget/"]
|
||||
}
|
||||
|
|
Reference in New Issue