This repository has been archived on 2024-03-16. You can view files and clone it, but cannot push or open issues or pull requests.
orbit-4-1/app/controllers/admin/object_auths_new_interface_...

88 lines
2.4 KiB
Ruby

class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController
include OrbitCoreLib::PermissionUnility
before_filter :force_order
def setting
@sys_users = User.all(conditions: {admin: false}).includes(:avatar)
@ob_auth = ObjectAuth.find params[:object_auth_id]
@options_from_collection_for_select_ob_auth = [@ob_auth].collect{|oa| [oa.auth_obj.pp_object,oa.id] }
@users_array = @ob_auth.privilege_users rescue []
respond_to do |format|
format.html
format.js
end
end
def update_setting
ob_auth = update_setting_by_params
if ob_auth.save!
flash[:notice] = t("admin.object_auth.update_done")
else
flash[:notice] = t("admin.object_auth.update_failed")
end
end
def user_list
@ob_auth = ObjectAuth.find params[:ob_auth][:id]
end
protected
def update_setting_by_params
user_sat = []
oa = ObjectAuth.find params[:ob_auth][:id]
user_sat += User.find params[:users].keys if params.has_key? :users
users_to_new = user_sat - oa.auth_users
users_to_remove = oa.auth_users - user_sat
users_to_new.each do |new_user|
oa.add_user_to_privilege_list(new_user)
end
users_to_remove.each do |remove_user|
oa.remove_user_from_privilege_list(remove_user)
end
oa
end
# def get_categorys(id = nil)
# @bulletin_categorys = []
# if(is_manager? || is_admin?)
# @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.all)
# elsif is_sub_manager?
# @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
# end
# end
def force_order
authenticate_user!
check_if_user_can_do_object_auth
end
def check_if_user_can_do_object_auth
unless check_permission(:manager)
redirect_to '/'
end
end
def check_permission(var)
# binding.pry
#app = ModuleApp.first({conditions:{key: params[:module_app_key]}})
# setup_vars
@module_app.is_manager?(current_user) || current_user.admin?
end
def setup_vars
if request.env['HTTP_REFERER'].split('/')[4] == "object_auths"
@app_key = params[:app_key]
else
@app_key = request.env['HTTP_REFERER'].split('/')[4]
end
#@app_key = request.fullpath.split('/')[1] if(@app_key == "back_end")
@app_key.gsub!(/[?].*/,'')
@module_app = ModuleApp.first(conditions: {:key => @app_key} )
end
end