From 5448b69278a31c51bf9e7858e9a516043936b062 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=82=B1=E5=8D=9A=E4=BA=9E?= <naruto0426@gmail.com>
Date: Sat, 19 Dec 2020 18:28:18 +0800
Subject: [PATCH] add privacy setting for file

---
 app/controllers/announcements_controller.rb   |   5 +-
 app/models/bulletin_file.rb                   |  10 +-
 app/views/admin/announcements/_form.html.erb  | 277 +++++++++---------
 .../admin/announcements/_form_file.html.erb   |  22 +-
 4 files changed, 179 insertions(+), 135 deletions(-)

diff --git a/app/controllers/announcements_controller.rb b/app/controllers/announcements_controller.rb
index fdcb6d9..177288b 100644
--- a/app/controllers/announcements_controller.rb
+++ b/app/controllers/announcements_controller.rb
@@ -233,7 +233,10 @@ class AnnouncementsController < ApplicationController
       "tag" => tag.name ,
       "url" => OrbitHelper.page_for_tag(tag)
     } } rescue []
-    files = announcement.bulletin_files.map{|file|  { "file_url" =>  file.file.url, "file_title" => (file.title.blank? ? URI.unescape(File.basename(file.file.path)) : file.title rescue '') } if file.enabled_for?(locale) } rescue []
+    files = announcement.bulletin_files.map do |file|  
+              { "file_url" =>  file.file.url, 
+                "file_title" => (file.title.blank? ? URI.unescape(File.basename(file.file.path)) : file.title rescue '') } if file.enabled_for?(locale) and file.can_access?(OrbitHelper.current_user)
+            end rescue []
     files.delete(nil)
     files.each do |file|
       if file["file_url"] =="" || file["file_url"] == nil
diff --git a/app/models/bulletin_file.rb b/app/models/bulletin_file.rb
index 5585035..f6ade0a 100644
--- a/app/models/bulletin_file.rb
+++ b/app/models/bulletin_file.rb
@@ -9,7 +9,7 @@ class BulletinFile
   field :description, localize: true
   field :title, localize: true
   field :choose_lang, :type => Array, :default => ["en","zh_tw"]
-  
+  field :privacy_type, type: String, default: 'public'
   belongs_to :bulletin
 
 
@@ -20,5 +20,11 @@ class BulletinFile
   		return self.choose_lang.include?(lang)
   	end
   end
-
+  def can_access?(user)
+    if user.nil? && self.privacy_type == 'logged_in'
+      return false
+    else
+      return true
+    end
+  end
 end
diff --git a/app/views/admin/announcements/_form.html.erb b/app/views/admin/announcements/_form.html.erb
index 666095b..27c25a3 100644
--- a/app/views/admin/announcements/_form.html.erb
+++ b/app/views/admin/announcements/_form.html.erb
@@ -13,6 +13,12 @@
     cursor: default;
     display: inline-block;
   }
+  .add-on.btn-group .dropdown-menu{
+    margin: 0;
+  }
+  .main-forms fieldset .input-area .controls .input-prepend a:hover{
+    color: #fff;
+  }
 </style>
 <% content_for :page_specific_javascript do %>
   <%= javascript_include_tag "lib/bootstrap-fileupload" %>
@@ -482,138 +488,147 @@
     })
   </script>
 <% end %>
-<% content_for :page_specific_javascript do %>
-  <script>
-    function Appendzero(obj)
-    {
-      if(obj<10) return "0" +""+ obj;
-      else return obj;  
-    }
-    
-    $(function() {
-      $('#bulletin_open_comment').change(function(){
-        $(this).prop('checked') ? $('div[data-for="open_comment"]').removeClass('hide') : $('div[data-for="open_comment"]').addClass('hide')
-      })
-      $('.role_all_member').change(function(){
-        if ($(this).prop('checked')){
-          $('.role').each(function() {
-             $(this).prop("checked", true);
-          })
-        } else{
-          $('.role').each(function() {
-             $(this).prop("checked", false);
-           })
-        }
-      })
-      $('.role').change(function(){
-        if (!$(this).prop('checked') && $('.role_all_member').prop('checked')){
-          $('.role_all_member').prop('checked',false)
-        }
-      })
-      if (location.pathname.substr(-3)=='new'){
-        var getDate = new Date();
-        var toDay = getDate.getFullYear()+"/"+ (Appendzero(getDate.getMonth()+1))+"/"+Appendzero(getDate.getDate())+" "+Appendzero(getDate.getHours())+":"+Appendzero(getDate.getMinutes());
-        $('input[name="bulletin[postdate]"]').val(toDay);
+<script>
+  function Appendzero(obj)
+  {
+    if(obj<10) return "0" +""+ obj;
+    else return obj;  
+  }
+  
+  $(function() {
+    $('#bulletin_open_comment').change(function(){
+      $(this).prop('checked') ? $('div[data-for="open_comment"]').removeClass('hide') : $('div[data-for="open_comment"]').addClass('hide')
+    })
+    $('.role_all_member').change(function(){
+      if ($(this).prop('checked')){
+        $('.role').each(function() {
+           $(this).prop("checked", true);
+        })
+      } else{
+        $('.role').each(function() {
+           $(this).prop("checked", false);
+         })
       }
+    })
+    $('.role').change(function(){
+      if (!$(this).prop('checked') && $('.role_all_member').prop('checked')){
+        $('.role_all_member').prop('checked',false)
+      }
+    })
+    if (location.pathname.substr(-3)=='new'){
+      var getDate = new Date();
+      var toDay = getDate.getFullYear()+"/"+ (Appendzero(getDate.getMonth()+1))+"/"+Appendzero(getDate.getDate())+" "+Appendzero(getDate.getHours())+":"+Appendzero(getDate.getMinutes());
+      $('input[name="bulletin[postdate]"]').val(toDay);
+    }
 
-      $("#main-wrap").after("");
-
-      $(document).on('click', '#add_link', function(){
-        var new_id = $(this).prev().attr('value');
-        var old_id = new RegExp("new_bulletin_links", "g");
-        var on = $('.language-nav li.active').index();
-        var le = $(this).parent('.add-btn').prev('.add-target').children('.start-line').length;
-        $(this).prev().attr('value', parseInt(new_id) + 1);
-        $(this).parent().siblings('.add-target').append(("<%= escape_javascript(add_attribute 'form_link', f, :bulletin_links) %>").replace(old_id, new_id));
-        $(this).parent('.add-btn').prev('.add-target').children('.start-line').eq(le).children('.tab-content').children('.tab-pane').eq(on).addClass('in active').siblings().removeClass('in active');
-        formTip();
-      });
-      $(document).on('click', '#add_file', function(){
-        var new_id = $(this).prev().attr('value');
-        var old_id = new RegExp("new_bulletin_files", "g");
-        var on = $('.language-nav li.active').index();
-        var le = $(this).parent('.add-btn').prev('.add-target').children('.start-line').length;
-        $(this).prev().attr('value', parseInt(new_id) + 1);
-        $(this).parent().siblings('.add-target').append(("<%= escape_javascript(add_attribute 'form_file', f, :bulletin_files) %>").replace(old_id, new_id));
-        $(this).parent('.add-btn').prev('.add-target').children('.start-line').eq(le).children('.input-append').find('.tab-content').each(function() {
-          $(this).children('.tab-pane').eq(on).addClass('in active').siblings().removeClass('in active');
-        });
-        formTip();
-      });
-      $(document).on('click', '.delete_link', function(){
-        $(this).parents('.input-prepend').remove();
-      });
-      $(document).on('click', '.delete_file', function(){
-        $(this).parents('.input-prepend').remove();
-      });
-      $(document).on('click', '.remove_existing_record', function(){
-        if(confirm("<%= I18n.t(:sure?)%>")){
-          $(this).children('.should_destroy').attr('value', 1);
-          $(this).parents('.start-line').hide();
-        }
-      });
-
-      $('#remind-check').prop('checked') ? '':$('.content-box').addClass('hide')
-      $('#remind-check').on('change', function() {
-          $(this).prop('checked') ? $('.content-box').removeClass('hide'):$('.content-box').addClass('hide')
-      })
-
-      $('#button_for_preview').click(function(){
-        var method = $('.main-forms input[name="_method"]').val();
-        $('.main-forms input[name="_method"]').val("post");
-        
-        for ( instance in CKEDITOR.instances )
-          CKEDITOR.instances[instance].updateElement();
-
-        var formData = new FormData( $('.main-forms')[0] );
-        formData.append("preview_type", ( (method==undefined) ? "new" : "edit" ));
-        formData.append("bulletin_id", '<%= @bulletin.id.to_s %>');
-
-        $.ajax({
-          type: "post",
-          url: '<%= admin_announcement_preview_path %>',
-          data : formData,
-          processData: false,
-          contentType: false
-        }).done(function(data){
-          if(window.location.protocol === "https:"){
-            data = data.replace("http:","https:");
-          }
-          $('.modal-body iframe').attr('src',data);
-          $('#show_preview .modal').modal();
-          $('#show_preview .modal').height(function() {
-            return $(window).height() * 0.7;
-          });
-
-          var slug = data.split('/')[(data.split('/').length-1)];
-          // $('#preview-iframe').on('load', function(){
-          //   $.get('/admin/announcement/destroy_preview/'+slug,function(data){
-          //   });
-          // });
-        });
-        $('.main-forms input[name="_method"]').val(method);
-        return false;
-      });
-
-      $("#bulletin_is_top").parent().on("click",function(){
-        setTimeout(function(){
-          if($("#bulletin_is_top").parent().hasClass("active")){
-            $("div[data-for=is_top]").removeClass("hide");
-          }else{
-            $("div[data-for=is_top]").addClass("hide");
-            $("div[data-for=is_top]").find("input[type=text]").val("");
-          }
-        },100)
-      })
-
-      $("#bulletin_is_external_link").on("click",function(){
-        if($(this).is(":checked")){
-          $("#external_link_box").show();
-        }else{
-          $("#external_link_box").hide();
-        }
-      })
+    $("#main-wrap").after("");
 
+    $(document).on('click', '#add_link', function(){
+      var new_id = $(this).prev().attr('value');
+      var old_id = new RegExp("new_bulletin_links", "g");
+      var on = $('.language-nav li.active').index();
+      var le = $(this).parent('.add-btn').prev('.add-target').children('.start-line').length;
+      $(this).prev().attr('value', parseInt(new_id) + 1);
+      $(this).parent().siblings('.add-target').append(("<%= escape_javascript(add_attribute 'form_link', f, :bulletin_links) %>").replace(old_id, new_id));
+      $(this).parent('.add-btn').prev('.add-target').children('.start-line').eq(le).children('.tab-content').children('.tab-pane').eq(on).addClass('in active').siblings().removeClass('in active');
+      formTip();
     });
-  </script>
-<% end %>
+    $(document).on('click', '#add_file', function(){
+      var new_id = $(this).prev().attr('value');
+      var old_id = new RegExp("new_bulletin_files", "g");
+      var on = $('.language-nav li.active').index();
+      var le = $(this).parent('.add-btn').prev('.add-target').children('.start-line').length;
+      $(this).prev().attr('value', parseInt(new_id) + 1);
+      $(this).parent().siblings('.add-target').append(("<%= escape_javascript(add_attribute 'form_file', f, :bulletin_files) %>").replace(old_id, new_id));
+      $(this).parent('.add-btn').prev('.add-target').children('.start-line').eq(le).children('.input-append').find('.tab-content').each(function() {
+        $(this).children('.tab-pane').eq(on).addClass('in active').siblings().removeClass('in active');
+      });
+      formTip();
+    });
+    $(document).on('click', '.delete_link', function(){
+      $(this).parents('.input-prepend').remove();
+    });
+    $(document).on('click', '.delete_file', function(){
+      $(this).parents('.input-prepend').remove();
+    });
+    $(document).on('click', '.remove_existing_record', function(){
+      if(confirm("<%= I18n.t(:sure?)%>")){
+        $(this).children('.should_destroy').attr('value', 1);
+        $(this).parents('.start-line').hide();
+      }
+    });
+
+    $('#remind-check').prop('checked') ? '':$('.content-box').addClass('hide')
+    $('#remind-check').on('change', function() {
+        $(this).prop('checked') ? $('.content-box').removeClass('hide'):$('.content-box').addClass('hide')
+    })
+
+    $('#button_for_preview').click(function(){
+      var method = $('.main-forms input[name="_method"]').val();
+      $('.main-forms input[name="_method"]').val("post");
+      
+      for ( instance in CKEDITOR.instances )
+        CKEDITOR.instances[instance].updateElement();
+
+      var formData = new FormData( $('.main-forms')[0] );
+      formData.append("preview_type", ( (method==undefined) ? "new" : "edit" ));
+      formData.append("bulletin_id", '<%= @bulletin.id.to_s %>');
+
+      $.ajax({
+        type: "post",
+        url: '<%= admin_announcement_preview_path %>',
+        data : formData,
+        processData: false,
+        contentType: false
+      }).done(function(data){
+        if(window.location.protocol === "https:"){
+          data = data.replace("http:","https:");
+        }
+        $('.modal-body iframe').attr('src',data);
+        $('#show_preview .modal').modal();
+        $('#show_preview .modal').height(function() {
+          return $(window).height() * 0.7;
+        });
+
+        var slug = data.split('/')[(data.split('/').length-1)];
+        // $('#preview-iframe').on('load', function(){
+        //   $.get('/admin/announcement/destroy_preview/'+slug,function(data){
+        //   });
+        // });
+      });
+      $('.main-forms input[name="_method"]').val(method);
+      return false;
+    });
+
+    $("#bulletin_is_top").parent().on("click",function(){
+      setTimeout(function(){
+        if($("#bulletin_is_top").parent().hasClass("active")){
+          $("div[data-for=is_top]").removeClass("hide");
+        }else{
+          $("div[data-for=is_top]").addClass("hide");
+          $("div[data-for=is_top]").find("input[type=text]").val("");
+        }
+      },100)
+    })
+
+    $("#bulletin_is_external_link").on("click",function(){
+      if($(this).is(":checked")){
+        $("#external_link_box").show();
+      }else{
+        $("#external_link_box").hide();
+      }
+    })
+
+  });
+  $(".privacy-changer-btn").click(function(){
+    var val = $(this).attr('for')
+    var parent_node = $(this).parents('.add-on.btn-group').eq(0)
+    parent_node.find('.privacy_type').val(val)
+    parent_node.find('i').eq(0).attr('class',$(this).find('i').attr('class'))
+    parent_node.find('.dropdown-menu').hide()
+    window.setTimeout(function(){
+                        parent_node.find('.dropdown-menu').css('display','')
+                      },1000)
+    
+  })
+</script>
diff --git a/app/views/admin/announcements/_form_file.html.erb b/app/views/admin/announcements/_form_file.html.erb
index d6bb736..84b03db 100644
--- a/app/views/admin/announcements/_form_file.html.erb
+++ b/app/views/admin/announcements/_form_file.html.erb
@@ -40,7 +40,7 @@
       <% end %>
     </span>
     </span>
-     <span class="add-on btn-group btn" title="<%= t('archive.show_lang') %>">
+    <span class="add-on btn-group btn" title="<%= t('archive.show_lang') %>">
       <i class="icons-earth"></i> <span class="caret"></span>
       <ul class="dropdown-menu">
         <% @site_in_use_locales.each do |locale| %>
@@ -65,5 +65,25 @@
         <%= f.hidden_field :_destroy, :value => nil, :class => 'should_destroy' %>
       </span>
     <% end %>
+    <span class="add-on btn-group btn" style="background: white;border: 0;margin-left: 1em;">
+      <%  case form_file.privacy_type
+            when "public"
+              icon = "icons-earth"
+            when "logged_in"
+              icon = "icons-users"
+            end
+          %>
+      <i class="<%= icon %>"></i> <span class="caret"></span>
+      <ul class="dropdown-menu">
+          <li>
+            <a class="privacy-changer-btn" for="public"><i class="icons-earth"></i><%= t('privacy_type.public') %></a>
+          </li>
+          <li class="divider"></li>
+          <li>
+            <a class="privacy-changer-btn" for="logged_in"><i class="icons-users"></i><%= t('privacy_type.logged_in') %></a>
+          </li>
+      </ul>
+      <%= f.hidden_field :privacy_type, class: 'privacy_type' %>
+    </span>
   </div>
 </div>
\ No newline at end of file