diff --git a/app/controllers/admin/app_auths_controller.rb b/app/controllers/admin/app_auths_controller.rb index 6cbbf62e..1bbb5a2e 100644 --- a/app/controllers/admin/app_auths_controller.rb +++ b/app/controllers/admin/app_auths_controller.rb @@ -1,7 +1,7 @@ class Admin::AppAuthsController < ApplicationController layout "admin" before_filter :authenticate_user! - before_filter :is_admin? +# before_filter :is_admin? ,:only => :index def index # @roles = Role.all.entries @@ -12,13 +12,17 @@ class Admin::AppAuthsController < ApplicationController # obj_auth = obj.send "auth" # [:app_obj => app,:auth_field => obj_auth] # end - @module_apps = ModuleApp.all + if current_user.admin? + @module_apps = ModuleApp.all + else + @module_apps = current_user.managing_apps.collect{|t| t.managing_app} + end end def edit @module_app = ModuleApp.find(params[:id]) end - + end \ No newline at end of file diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb index 129453b1..914c5138 100644 --- a/app/controllers/admin/module_apps_controller.rb +++ b/app/controllers/admin/module_apps_controller.rb @@ -37,7 +37,7 @@ class Admin::ModuleAppsController < ApplicationController def assign_sub_manager - unless @assign_to_user.nil? + unless @assign_to_user.nil? || @assign_to_user.admin? if @module_app.assign_sub_manager(@assign_to_user,current_user) flash[:notice] = t('admin.app_auth.assigning_manager.add_sub_manager_ok') else @@ -46,12 +46,13 @@ class Admin::ModuleAppsController < ApplicationController else flash[:notice] = t('admin.app_auth.assigning_manager.failed_no_user') end - redirect_to :action => "edit" + flash[:notice] = t('admin.app_auth.can_not_add_this_user') + redirect_to :action => "edit" end def assign_manager - unless @assign_to_user.nil? + unless @assign_to_user.nil? || @assign_to_user.admin? if @module_app.assign_manager(@assign_to_user,current_user) flash[:notice] = t('admin.app_auth.assigning_sub_manager.add_manager_ok') else @@ -60,11 +61,13 @@ class Admin::ModuleAppsController < ApplicationController else flash[:notice] = t('admin.app_auth.assigning_sub_manager.failed_no_user') end - redirect_to :action => "edit" + flash[:notice] = t('admin.app_auth.can_not_add_this_user') + redirect_to :action => "edit" end def remove_manager + @app_manager = AppManager.find(params[:app_manager_id]) if @module_app.remove_manager(@app_manager.user) flash[:notice] = t('admin.app_auth.delete_manager.success') else @@ -75,6 +78,7 @@ class Admin::ModuleAppsController < ApplicationController def remove_sub_manager + @app_sub_manager = AppManager.find(params[:app_sub_manager_id]) if @module_app.remove_sub_manager(@app_sub_manager.user) flash[:notice] = t('admin.app_auth.delete_sub_manager.success') else @@ -100,7 +104,7 @@ class Admin::ModuleAppsController < ApplicationController def user_has_sub_manager_privilege? @module_app = ModuleApp.find(params[:id]) @assign_to_user = User.find params[:sub_manager_id] rescue nil - if current_user.admin? || @module_app.managers.include?(current_user) #admin or app's manager can assign app's subanager + if current_user.admin? || @module_app.managing_users.include?(current_user) #admin or app's manager can assign app's subanager return end #user is not permited to do that diff --git a/app/helpers/admin/module_app_helper.rb b/app/helpers/admin/module_app_helper.rb new file mode 100644 index 00000000..0a636e9c --- /dev/null +++ b/app/helpers/admin/module_app_helper.rb @@ -0,0 +1,19 @@ +module Admin::ModuleAppHelper + + def if_permit_to_delete(item) + case item.downcase + when :manager + current_user.admin? + when :sub_manager + @module_app.managing_users.include?(current_user) || current_user.admin? + end + end + + def if_permit_to_assign(item) + if_permit_to_delete(item) + end + + def get_auth_by(manager_obj) + "-AuthBy: " +( manager_obj.rule_creator==current_user ? t('me') : manager_obj.rule_creator.name) + end +end diff --git a/app/models/module_app.rb b/app/models/module_app.rb index 029d55fa..f4a63618 100644 --- a/app/models/module_app.rb +++ b/app/models/module_app.rb @@ -19,11 +19,17 @@ class ModuleApp has_one :app_auth,dependent: :delete - + def managing_users + self.managers.collect{ |t| t.user } + end + + def sub_managing_users + self.sub_managers.collect{ |t| t.user } + end def assign_manager(user,assigner) manager = AppManager.first(conditions: {managing_app_id: self.id,user_id: user.id}) rescue nil - if manager.nil? + if manager.nil? manager = self.managers.create(:user => user,:rule_creator => assigner) end manager @@ -31,7 +37,7 @@ class ModuleApp def assign_sub_manager(user,assigner) submanager = AppManager.first(conditions: {sub_managing_app_id: self.id,user_id: user.id}) rescue nil - if submanager.nil? + if submanager.nil? && !self.managing_users.include?(user) submanager = self.sub_managers.create(:user => user,:rule_creator => assigner) end submanager diff --git a/app/views/admin/module_apps/edit.html.erb b/app/views/admin/module_apps/edit.html.erb index ff967273..96859a21 100644 --- a/app/views/admin/module_apps/edit.html.erb +++ b/app/views/admin/module_apps/edit.html.erb @@ -12,11 +12,11 @@
Manager <% @module_app.managers.each do |manager| %> -
<%= manager.user.name %> -AuthBy:<%= manager.rule_creator.name %> <%= link_to '[X]',remove_manager_admin_module_app_path(@module_app,manager),:method => :delete unless manager.user == current_user%>
+
<%= manager.user.name %> <%= get_auth_by(manager) %> <%= link_to '[X]',remove_manager_admin_module_app_path(@module_app,manager),:method => :delete if if_permit_to_delete(:manager) && manager.user != current_user %>
<% end %>
Add: <%= form_tag(assign_manager_admin_module_app_path) do %> - <%= text_field_tag 'manager_id' %> + <%= text_field_tag 'manager_id','Enter User ID here',:disabled => !if_permit_to_assign(:manager)%> <%= submit_tag 'Add Manager' %> <% end %>
@@ -26,11 +26,11 @@
Sub Manager <% @module_app.sub_managers.each do |manager| %> -
<%= manager.user.name %> -AuthBy:<%= manager.rule_creator.name %> <%= link_to '[X]',remove_sub_manager_admin_module_app_path(@module_app,manager),:method => :delete unless manager.user == current_user%>
+
<%= manager.user.name %> -AuthBy:<%= manager.rule_creator.name %> <%= link_to '[X]',remove_sub_manager_admin_module_app_path(@module_app,manager),:method => :delete if if_permit_to_delete(:sub_manager) && manager.user != current_user %>
<% end %>
Add: <%= form_tag(assign_sub_manager_admin_module_app_path) do %> - <%= text_field_tag 'sub_manager_id' %> + <%= text_field_tag 'sub_manager_id','Enter User ID here',:disabled => !if_permit_to_assign(:sub_manager)%> <%= submit_tag 'Add Sub Manager' %> <% end %>
diff --git a/config/locales/en.yml b/config/locales/en.yml index 27d5cbb2..07f5ec73 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -5,6 +5,8 @@ en: _locale: English + me: Me + add: Add back: Back create: Create diff --git a/config/locales/zh_tw.yml b/config/locales/zh_tw.yml index a83f327b..7555c3a5 100644 --- a/config/locales/zh_tw.yml +++ b/config/locales/zh_tw.yml @@ -2,6 +2,8 @@ zh_tw: _locale: 中文 + me: 我 + add: 新增 back: 回去 create: 創造