fix bugs with token
This commit is contained in:
parent
5640e07733
commit
d2689bc59c
|
@ -10,7 +10,6 @@ class OrbitBackendController< ApplicationController
|
||||||
def setup_vars
|
def setup_vars
|
||||||
@app_title = request.fullpath.split('/')[2]
|
@app_title = request.fullpath.split('/')[2]
|
||||||
@module_app = ModuleApp.first(conditions: {:key => @app_title} )
|
@module_app = ModuleApp.first(conditions: {:key => @app_title} )
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
class ModuleApp
|
class ModuleApp
|
||||||
include Mongoid::Document
|
include Mongoid::Document
|
||||||
include Mongoid::Timestamps
|
include Mongoid::Timestamps
|
||||||
|
include OrbitCoreLib::ObjectTokenUnility
|
||||||
|
|
||||||
field :key
|
field :key
|
||||||
field :title
|
field :title
|
||||||
|
@ -78,4 +79,5 @@ class ModuleApp
|
||||||
self.key = self.title.underscore if self.title
|
self.key = self.title.underscore if self.title
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
class ObjectAuth < PrototypeAuth
|
class ObjectAuth < PrototypeAuth
|
||||||
|
include OrbitCoreLib::ObjectTokenUnility
|
||||||
belongs_to :obj_authable, polymorphic: true
|
belongs_to :obj_authable, polymorphic: true
|
||||||
# > - Something.find_with_auth(query)
|
# > - Something.find_with_auth(query)
|
||||||
# > - or Something.find(query).auth
|
# > - or Something.find(query).auth
|
||||||
|
|
|
@ -4,7 +4,6 @@ class PrototypeAuth
|
||||||
# after_save :update_block_list,:update_privilage_list
|
# after_save :update_block_list,:update_privilage_list
|
||||||
|
|
||||||
field :title
|
field :title
|
||||||
field :token
|
|
||||||
field :all ,type: Boolean,default: false
|
field :all ,type: Boolean,default: false
|
||||||
|
|
||||||
belongs_to :users
|
belongs_to :users
|
||||||
|
@ -12,12 +11,13 @@ class PrototypeAuth
|
||||||
has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
|
has_and_belongs_to_many :blocked_users, :inverse_of => nil, :class_name => "User"
|
||||||
has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
|
has_and_belongs_to_many :privilege_users, :inverse_of => nil, :class_name => "User"
|
||||||
|
|
||||||
|
|
||||||
has_and_belongs_to_many :roles
|
has_and_belongs_to_many :roles
|
||||||
has_and_belongs_to_many :sub_roles
|
has_and_belongs_to_many :sub_roles
|
||||||
|
|
||||||
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
|
attr_protected :roles,:sub_roles,:privilege_users,:blocked_users
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
def add_role role
|
def add_role role
|
||||||
add_operation(:roles,role)
|
add_operation(:roles,role)
|
||||||
end
|
end
|
||||||
|
@ -87,7 +87,6 @@ class PrototypeAuth
|
||||||
auth_users_before_block_list - self.blocked_users
|
auth_users_before_block_list - self.blocked_users
|
||||||
end
|
end
|
||||||
|
|
||||||
# protected
|
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
|
@ -1,5 +1,7 @@
|
||||||
<div id="user_role_management">
|
<div id="user_role_management">
|
||||||
<h1>User Role</h1>
|
<h1>User Role</h1>
|
||||||
|
All User
|
||||||
|
|
||||||
<%= form_tag(submit_url) do %>
|
<%= form_tag(submit_url) do %>
|
||||||
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
<%= collection_select(:new,:role, Role.all, :id, :key, :prompt => true) %>
|
||||||
<%= submit_tag 'Add Role' %><br/>
|
<%= submit_tag 'Add Role' %><br/>
|
||||||
|
@ -10,7 +12,6 @@
|
||||||
<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
|
<%= collection_select(:new,:blocked_user, User.all, :id, :name, :prompt => true) %>
|
||||||
<%= submit_tag 'Add BlockedList' %><br/>
|
<%= submit_tag 'Add BlockedList' %><br/>
|
||||||
<% end %>
|
<% end %>
|
||||||
<ul>Roles </ul>
|
|
||||||
<% unless auth.nil? %>
|
<% unless auth.nil? %>
|
||||||
<% auth.roles.each do |role| %>
|
<% auth.roles.each do |role| %>
|
||||||
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
|
<li> <%= role.key %> Build in:<%= role.built_in ? 'Yes' : 'No' %>
|
||||||
|
|
|
@ -24,21 +24,21 @@ PrototypeR4::Application.configure do
|
||||||
config.action_dispatch.best_standards_support = :builtin
|
config.action_dispatch.best_standards_support = :builtin
|
||||||
|
|
||||||
|
|
||||||
config.middleware.use ExceptionNotifier,
|
# config.middleware.use ExceptionNotifier,
|
||||||
:email_prefix => "[R4_error]",
|
# :email_prefix => "[R4_error]",
|
||||||
:sender_address => %{"notifier" <redmine@rulingcom.com>},
|
# :sender_address => %{"notifier" <redmine@rulingcom.com>},
|
||||||
:exception_recipients => %w{chris@rulingcom.com}
|
# :exception_recipients => %w{chris@rulingcom.com}
|
||||||
|
#
|
||||||
config.action_mailer.delivery_method = :smtp
|
# config.action_mailer.delivery_method = :smtp
|
||||||
config.action_mailer.smtp_settings = {
|
# config.action_mailer.smtp_settings = {
|
||||||
:tls => true,
|
# :tls => true,
|
||||||
:enable_starttls_auto => true,
|
# :enable_starttls_auto => true,
|
||||||
:address => "smtp.gmail.com",
|
# :address => "smtp.gmail.com",
|
||||||
:port => '587',
|
# :port => '587',
|
||||||
:domain => "smtp.gmail.com",
|
# :domain => "smtp.gmail.com",
|
||||||
:authentication => "plain",
|
# :authentication => "plain",
|
||||||
:user_name => "redmine@rulingcom.com",
|
# :user_name => "redmine@rulingcom.com",
|
||||||
:password => "rulingredmine" }
|
# :password => "rulingredmine" }
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ PrototypeR4::Application.routes.draw do
|
||||||
resources :app_auths
|
resources :app_auths
|
||||||
resources :object_auths do
|
resources :object_auths do
|
||||||
collection do
|
collection do
|
||||||
match 'new/:type/:obj_id/:module_app_id',:action => 'new',:via => "get",:as => :init
|
match 'new/:type/:obj_id',:action => 'new',:via => "get",:as => :init
|
||||||
end
|
end
|
||||||
member do
|
member do
|
||||||
match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
|
match ':id/create_role',:action => 'create_role',:via => "post",:as => :create_role
|
||||||
|
|
|
@ -31,12 +31,28 @@ module OrbitCoreLib
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
module ObjectTokenUnility
|
||||||
|
def self.included(base)
|
||||||
|
base.instance_eval("field :s_token")
|
||||||
|
base.instance_eval("after_create :generate_token")
|
||||||
|
end
|
||||||
|
|
||||||
|
def token
|
||||||
|
return self.s_token
|
||||||
|
end
|
||||||
|
|
||||||
|
protected
|
||||||
|
def generate_token
|
||||||
|
self.s_token = ActiveSupport::SecureRandom.hex(16)
|
||||||
|
self.save!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
module PermissionUnility
|
module PermissionUnility
|
||||||
private
|
private
|
||||||
def check_permission(type = :use)
|
def check_permission(type = :use)
|
||||||
permission_grant = current_user.admin?? true : false
|
permission_grant = current_user.admin?? true : false
|
||||||
module_app = @module_app.nil?? ModuleApp.find(params[:module_app_id]) : @module_app
|
module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
|
||||||
unless permission_grant
|
unless permission_grant
|
||||||
permission_grant = case type
|
permission_grant = case type
|
||||||
when :use
|
when :use
|
||||||
|
@ -51,6 +67,8 @@ module OrbitCoreLib
|
||||||
end
|
end
|
||||||
permission_grant
|
permission_grant
|
||||||
end
|
end
|
||||||
|
def find_module_app_by_token(token)
|
||||||
|
ModuleApp.first(conditions: {s_token: token})
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,9 +7,9 @@
|
||||||
<td><%= bulletin_category.display %></td>
|
<td><%= bulletin_category.display %></td>
|
||||||
<% if is_manager? %>
|
<% if is_manager? %>
|
||||||
<td>
|
<td>
|
||||||
<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,@module_app) %> <br/ >
|
<%= link_to t('blog.new_auth'), init_admin_object_auths_path("BulletinCategory",bulletin_category,:token => @module_app.token) %> <br/ >
|
||||||
<% bulletin_category.object_auths.each do |obj_auth| %>
|
<% bulletin_category.object_auths.each do |obj_auth| %>
|
||||||
<%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth) %><br />
|
<%= link_to obj_auth.title,edit_admin_object_auth_url(obj_auth,:token => @module_app.token) %><br />
|
||||||
<% end %>
|
<% end %>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
|
|
Reference in New Issue