New Interface for App Auth and Object Auth

This commit is contained in:
Matthew K. Fu JuYuan 2012-05-11 16:44:40 +08:00
parent cb25cf60a9
commit 20a1a6e30f
23 changed files with 442 additions and 14 deletions

View File

@ -0,0 +1,66 @@
class Admin::ModuleAppsNewInterfaceController < ApplicationController
before_filter :authenticate_user!
before_filter :is_admin?
include AdminHelper
layout "new_admin"
def setting
@sys_users = User.all(conditions: {admin: false})
@module_app = ModuleApp.find(params[:module_app_id])
@options_from_collection_for_select_bulletin_categorys = [@module_app].collect{|ma| [ma.title,ma.id] }
# if params.has_key? :category
# @bulletin_category = BulletinCategory.find params[:category][:id]
# else
# @bulletin_category = @bulletin_categorys.first
# end
@users_array = @module_app.managing_users rescue []
respond_to do |format|
format.html
format.js
end
end
def update_setting
module_app = update_setting_by_params
if module_app.save!
flash[:notice] = "Update Done"
else
flash[:notice] = "Update Failed"
end
end
def user_list
@module_app = ModuleApp.find params[:module_app][:id]
end
protected
def update_setting_by_params
ma = ModuleApp.find params[:module_app][:id]
user_sat = User.find params[:users].keys
users_to_new = user_sat - ma.managing_users
users_to_remove = ma.managing_users - user_sat
users_to_new.each do |new_user|
ma.assign_manager(new_user,current_user)
end
users_to_remove.each do |remove_user|
ma.remove_manager(remove_user)
end
ma
end
def get_categorys(id = nil)
@bulletin_categorys = []
if(is_manager? || is_admin?)
@bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
elsif is_sub_manager?
@bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
end
end
end

View File

@ -0,0 +1,71 @@
class Admin::ObjectAuthsNewInterfaceController < ApplicationController
include OrbitCoreLib::PermissionUnility
layout "new_admin"
before_filter :force_order
layout "new_admin"
def setting
@sys_users = User.all(conditions: {admin: false})
@ob_auth = ObjectAuth.find params[:object_auth_id]
@options_from_collection_for_select_ob_auth = [@ob_auth].collect{|oa| [oa.auth_obj.pp_object,oa.id] }
@users_array = @ob_auth.privilege_users rescue []
respond_to do |format|
format.html
format.js
end
end
def update_setting
ob_auth = update_setting_by_params
if ob_auth.save!
flash[:notice] = t("admin.object_auth.update_done")
else
flash[:notice] = t("admin.object_auth.update_failed")
end
end
def user_list
@ob_auth = ObjectAuth.find params[:ob_auth][:id]
end
protected
def update_setting_by_params
oa = ObjectAuth.find params[:ob_auth][:id]
user_sat = User.find params[:users].keys
users_to_new = user_sat - oa.auth_users
users_to_remove = oa.auth_users - user_sat
users_to_new.each do |new_user|
oa.add_user_to_privilege_list(new_user)
end
users_to_remove.each do |remove_user|
oa.remove_user_from_privilege_list(remove_user)
end
oa
end
# def get_categorys(id = nil)
# @bulletin_categorys = []
# if(is_manager? || is_admin?)
# @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
# elsif is_sub_manager?
# @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
# end
# end
def force_order
authenticate_user!
check_if_user_can_do_object_auth
end
def check_if_user_can_do_object_auth
unless check_permission(:manager)
render :nothing => true, :status => 403
end
end
end

View File

@ -68,9 +68,23 @@ module ApplicationHelper
end
end
def active_sys_call_for_app(controller_name,action_name,app_title,field = :id)
unless active_for_action(controller_name,action_name).nil?
app = ModuleApp.find params[field]
def active_for_ob_auths_object(object_class,field = :object_auth_id)
unless active_for_action("object_auths_new_interface","setting").nil?
ob_auth = ObjectAuth.find params[field]
ob_auth.obj_authable_type == object_class.to_s ? 'active' : nil
end
end
def active_for_ob_auth(ob_auth_title,field = :object_auth_id)
unless active_for_action("module_apps_new_interface","setting").nil?
oa_auth = ObjectAuth.find params[field]
oa_auth.title == ob_auth_title ? 'active' : nil
end
end
def active_for_app_auth(app_title ='', opt={:controller_name => 'module_apps_new_interface',:action_name=>'setting',:field => :module_app_id})
unless active_for_action(opt[:controller_name],opt[:action_name]).nil?
app = ModuleApp.find params[opt[:field]]
app.title == app_title ? 'active' : nil
else
nil

View File

@ -0,0 +1,42 @@
<% if module_app -%>
<div class="modal hide fade in" id="module_app-<%=module_app.id%>">
<div class="modal-header">
<a class="close" data-dismiss="modal">×</a>
<h3><%= t("admin.user_role.auth.manager") %></h3>
</div>
<div class="modal-body">
<div class="clear">
<% module_app.managing_users.each do |user| %>
<div class="checkbox clear checked">
<div class='member-avatar'>
<% if user.avatar? %>
<%= image_tag(user.avatar.thumb.url,:class => "member-img") %>
<% else %>
<%= image_tag "person.png",:class => "member-img" %>
<% end %>
</div>
<%= label_tag "lab-user-#{user.id}", (user.name rescue ''),:class=>"member-name",:id=>nil -%>
</div>
<% end -%>
<divl>
</div>
<div class="modal-footer">
<a href="#" class="btn" data-dismiss="modal"><%= t("modal.close") %></a>
</div>
<div>
<script type="text/javascript" src="/static/kernel.js"></script>
<script type="text/javascript">
$(document).ready(function() {
$("#module_app-<%=module_app.id%>").on("show", function () {
});
$(".modal").on("hidden", function () {
$("#show_preview").remove();
});
});
</script>
</div>
</div>
<% end -%>

View File

@ -0,0 +1,25 @@
<%= content_tag :div ,:id => "users_checkbox_ary",:class => 'clear' do -%>
<% @sys_users.each do |sys_user| -%>
<div class="checkblock">
<% sys_user.sub_roles.each do |sr| %>
<div class="for_unit" style="display:none;"> <%= sr.key %></div>
<% end %>
<%= content_tag :div,:data=>{'original-title'=>t('announcement.bulletin.approval_setting_window_title'),:content => "#{sys_user.sub_roles.collect{|sr| sr.i18n_variable[I18n.locale]}.join(',')}"},:class=>"checkbox clear" do %>
<div class="check-icon">
</div>
<div class='member-avatar'>
<% if sys_user.avatar? %>
<%= image_tag(sys_user.avatar.thumb.url,:class => "member-img") %>
<% else %>
<%= image_tag "person.png",:class => "member-img" %>
<% end %>
</div>
<%= label_tag "lab-user-#{sys_user.id}", (sys_user.name rescue ''),:class=>"member-name",:id=>nil -%>
<%= check_box_tag "[users][#{sys_user.id}]", 'true',users.include?(sys_user),:class => "check" -%>
<%end -%>
</div>
<% end -%>
<% end -%>

View File

@ -0,0 +1,56 @@
<% content_for :page_specific_css do %>
<%= stylesheet_link_tag "inc/permission-checkbox" %>
<% end %>
<% content_for :page_specific_javascript do %>
<%= javascript_include_tag "inc/permission-checkbox" %>
<%= javascript_include_tag "inc/search" %>
<%= javascript_include_tag "inc/modal-preview" %>
<% end %>
<%#= label_tag :fact_check_setting, t("announcement.bulletin.fact_check_setting") %>
<%= form_tag('', :remote => true,:class => "prevent_enter_submit_form") %>
<div class="subnav clear">
<ul class="nav nav-pills filter pull-left">
<li class="accordion-group">
<div class="form-search" style="margin: 5px 10px;">
<%= label_tag :module, t("module") %>
<%= select "module_app",'id',@options_from_collection_for_select_bulletin_categorys %>
<%= search_field_tag 'user_filter' %>
</div>
</li>
</ul>
<%= link_to t("admin.user_role.auth.manager"), admin_module_app_manager_auth_show_path , :class=>'preview_trigger btn btn-success pull-right'%>
</div>
<%#= label_tag :role, t("admin.roles") %>
<div class="clear">
<%= content_tag :div do -%>
<% form_tag admin_module_app_manager_auth_proc_path do %>
<%= render :partial => "privilege_user", :locals => {:users => @users_array} %>
<div class="form-actions form-fixed pagination-right">
<%= submit_tag "Update", :class => 'btn btn-primary' %>
</div>
<% end -%>
<% end -%>
</div>
<script type="text/javascript" charset="utf-8">
var availableTags = [];
$(document).ready(function() {
$(".prevent_enter_submit_form").bind("keypress", function(e) {
if (e.keyCode == 13) {
return false;
}
});
$('#category_id').change(function() {
$.ajax({
type: 'GET',
dataType: "script",
url:$(this).parents("from").attr("href"),
data:$(this).parents("form").serialize()
});
});
});
</script>

View File

@ -0,0 +1,2 @@
$("#users_checkbox_ary").replaceWith('<%= escape_javascript(render :partial => "privilege_user", :locals => {:users => @users_array})%>');
permissionCheckbox();

View File

@ -0,0 +1 @@
alert( "<% flash.each do |key, msg| %><%= msg %><% end%>");

View File

@ -0,0 +1,2 @@
$('#show_preview').html("<%= escape_javascript(render(:partial => 'modal_list',:locals => {:module_app => @module_app})) %>");
var start_modal_with_id = "module_app-<%=@module_app.id%>"

View File

@ -0,0 +1,42 @@
<% if ob_auth -%>
<div class="modal hide fade in" id="ob_auth-<%=ob_auth.id%>">
<div class="modal-header">
<a class="close" data-dismiss="modal">×</a>
<h3><%= t("admin.object_auth.list_title_of_users",:auth_title => ob_auth.title) %></h3>
</div>
<div class="modal-body">
<div class="clear">
<% ob_auth.auth_users.each do |user| %>
<div class="checkbox clear checked">
<div class='member-avatar'>
<% if user.avatar? %>
<%= image_tag(user.avatar.thumb.url,:class => "member-img") %>
<% else %>
<%= image_tag "person.png",:class => "member-img" %>
<% end %>
</div>
<%= label_tag "lab-user-#{user.id}", (user.name rescue ''),:class=>"member-name",:id=>nil -%>
</div>
<% end -%>
<divl>
</div>
<div class="modal-footer">
<a href="#" class="btn" data-dismiss="modal"><%= t("modal.close") %></a>
</div>
<div>
<script type="text/javascript" src="/static/kernel.js"></script>
<script type="text/javascript">
$(document).ready(function() {
$("#ob_auth-<%=ob_auth.id%>").on("show", function () {
});
$(".modal").on("hidden", function () {
$("#show_preview").remove();
});
});
</script>
</div>
</div>
<% end -%>

View File

@ -0,0 +1,25 @@
<%= content_tag :div ,:id => "users_checkbox_ary",:class => 'clear' do -%>
<% @sys_users.each do |sys_user| -%>
<div class="checkblock">
<% sys_user.sub_roles.each do |sr| %>
<div class="for_unit" style="display:none;"> <%= sr.key %></div>
<% end %>
<%= content_tag :div,:data=>{'original-title'=>t('announcement.bulletin.approval_setting_window_title'),:content => "#{sys_user.sub_roles.collect{|sr| sr.i18n_variable[I18n.locale]}.join(',')}"},:class=>"checkbox clear" do %>
<div class="check-icon">
</div>
<div class='member-avatar'>
<% if sys_user.avatar? %>
<%= image_tag(sys_user.avatar.thumb.url,:class => "member-img") %>
<% else %>
<%= image_tag "person.png",:class => "member-img" %>
<% end %>
</div>
<%= label_tag "lab-user-#{sys_user.id}", (sys_user.name rescue ''),:class=>"member-name",:id=>nil -%>
<%= check_box_tag "[users][#{sys_user.id}]", 'true',users.include?(sys_user),:class => "check" -%>
<%end -%>
</div>
<% end -%>
<% end -%>

View File

@ -0,0 +1,57 @@
<% content_for :page_specific_css do %>
<%= stylesheet_link_tag "inc/permission-checkbox" %>
<% end %>
<% content_for :page_specific_javascript do %>
<%= javascript_include_tag "inc/permission-checkbox" %>
<%= javascript_include_tag "inc/search" %>
<%= javascript_include_tag "inc/modal-preview" %>
<% end %>
<%#= label_tag :fact_check_setting, t("announcement.bulletin.fact_check_setting") %>
<%= form_tag('', :remote => true,:class => "prevent_enter_submit_form") %>
<div class="subnav clear">
<ul class="nav nav-pills filter pull-left">
<li class="accordion-group">
<div class="form-search" style="margin: 5px 10px;">
<%= label_tag :object, @ob_auth.auth_obj.class %>
<%= label_tag :module,"::" %>
<%= select "ob_auth",'id',@options_from_collection_for_select_ob_auth %>
<%= search_field_tag 'user_filter' %>
</div>
</li>
</ul>
<%= link_to t("admin.object_auth.list_title_of_users",:auth_title => @ob_auth.title), admin_object_auth_ob_auth_show_path , :class=>'preview_trigger btn btn-success pull-right'%>
</div>
<%#= label_tag :role, t("admin.roles") %>
<div class="clear">
<%= content_tag :div do -%>
<% form_tag admin_object_auth_ob_auth_path do %>
<%#= render :partial => "privilege_user", :locals => {:users => @users_array} %>
<div class="form-actions form-fixed pagination-right">
<%= submit_tag "Update", :class => 'btn btn-primary' %>
</div>
<% end -%>
<% end -%>
</div>
<script type="text/javascript" charset="utf-8">
var availableTags = [];
$(document).ready(function() {
$(".prevent_enter_submit_form").bind("keypress", function(e) {
if (e.keyCode == 13) {
return false;
}
});
$('#category_id').change(function() {
$.ajax({
type: 'GET',
dataType: "script",
url:$(this).parents("from").attr("href"),
data:$(this).parents("form").serialize()
});
});
});
</script>

View File

@ -0,0 +1,2 @@
$("#users_checkbox_ary").replaceWith('<%= escape_javascript(render :partial => "privilege_user", :locals => {:users => @users_array})%>');
permissionCheckbox();

View File

@ -0,0 +1 @@
alert( "<% flash.each do |key, msg| %><%= msg %><% end%>");

View File

@ -0,0 +1,2 @@
$('#show_preview').html("<%= escape_javascript(render(:partial => 'modal_list',:locals => {:ob_auth => @ob_auth})) %>");
var start_modal_with_id = "ob_auth-<%=@ob_auth.id%>"

View File

@ -5,29 +5,29 @@
<%= javascript_include_tag "/static/kernel.js" %>
<% end %>
<%= content_tag :li, :class => (active_for_controllers('bulletins', '/panel/announcement/back_end/tags', 'bulletin_categorys', 'approvals') || active_sys_call_for_app('new_interface_module_apps','setting','Announcement',:module_app_id) ) do -%>
<%= content_tag :li, :class => (active_for_controllers('bulletins', '/panel/announcement/back_end/tags', 'bulletin_categorys', 'approvals') || active_for_app_auth('Announcement') || active_for_ob_auths_object("BulletinCategory") ) do -%>
<%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.announcement'), panel_announcement_back_end_bulletins_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('bulletins', '/panel/announcement/back_end/tags', 'bulletin_categorys', 'approvals')) do -%>
<%= content_tag :li, link_to(t('announcement.all_articles'), panel_announcement_back_end_bulletins_path), :class => active_for_action('bulletins', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_announcement_back_end_bulletin_path), :class => active_for_action('bulletins', 'new') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_announcement_back_end_bulletin_categorys_path), :class => active_for_action('bulletin_categorys', 'index') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_announcement_back_end_bulletin_categorys_path), :class =>( active_for_action('bulletin_categorys', 'index') || active_for_ob_auths_object("BulletinCategory") ) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_announcement_back_end_tags_path), :class => active_for_action('/panel/announcement/back_end/tags', 'index') %>
<%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_announcement_back_end_approval_setting_path), :class => active_for_action('approvals', 'setting') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "Announcement"}))), :class => active_sys_call_for_app('new_interface_module_apps','setting','Announcement',:module_app_id) if (is_admin? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "Announcement"}))), :class => active_for_app_auth('Announcement') if (is_admin? rescue nil) %>
<% end -%>
<% end -%>
<%= content_tag :li, :class =>( active_for_controllers('news_bulletins', '/panel/news/back_end/tags', 'news_bulletin_categorys', 'news_approvals')|| active_sys_call_for_app('new_interface_module_apps','setting','news',:module_app_id)) do -%>
<%= content_tag :li, :class =>( active_for_controllers('news_bulletins', '/panel/news/back_end/tags', 'news_bulletin_categorys', 'news_approvals')|| active_for_app_auth('news') || active_for_ob_auths_object("NewsBulletinCategory")) do -%>
<%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.news'), panel_news_back_end_news_bulletins_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('news_bulletins', '/panel/news/back_end/tags', 'news_bulletin_categorys', 'news_approvals')) do -%>
<%= content_tag :li, link_to(t('announcement.all_articles'), panel_news_back_end_news_bulletins_path), :class => active_for_action('news_bulletins', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_news_back_end_news_bulletin_path), :class => active_for_action('news_bulletins', 'new') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_news_back_end_news_bulletin_categorys_path), :class => active_for_action('news_bulletin_categorys', 'index') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_news_back_end_news_bulletin_categorys_path), :class => active_for_action('news_bulletin_categorys', 'index') || active_for_ob_auths_object("NewsBulletinCategory") %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_news_back_end_tags_path), :class => active_for_action('/panel/news/back_end/tags', 'index') %>
<%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_news_back_end_news_approval_setting_path), :class => active_for_action('news_approvals', 'setting') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "news"}))), :class => active_sys_call_for_app('new_interface_module_apps','setting','news',:module_app_id) if (is_admin? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "news"}))), :class => active_for_app_auth('news') if (is_admin? rescue nil) %>
<% end -%>
<% end -%>
@ -47,14 +47,14 @@
<%= link_to content_tag(:i, nil, :class => 'icons-window-block') + t('admin.design'), admin_designs_path %>
<% end -%>
<%= content_tag :li, :class => active_for_controllers('ad_banners', 'ad_images') || active_sys_call_for_app('module_apps','edit','ad_banners') do -%>
<%= content_tag :li, :class => active_for_controllers('ad_banners', 'ad_images') || active_for_app_auth('ad_banners') do -%>
<%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.ad_banner'), admin_ad_banners_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('ad_banners', 'ad_images') ) do -%>
<%#= content_tag :li, link_to(t('admin.ad.all_banners'), admin_ad_banners_path), :class => active_for_action('ad_banners', 'index') %>
<%#= content_tag :li, link_to(t('admin.ad.new_banner'), new_admin_ad_banner_path), :class => active_for_action('ad_banners', 'new') %>
<%#= content_tag :li, link_to(t('admin.ad.new_image'), new_ad_image_admin_ad_banners_path), :class => active_for_action('ad_images', 'new') %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "ad_banners"}))), :class => active_sys_call_for_app('new_interface_module_apps','setting','ad_banners',:module_app_id) if (is_admin? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "ad_banners"}))), :class => active_for_app_auth('ad_banners') if (is_admin? rescue nil) %>
<% end -%>
<% end %>

View File

@ -197,6 +197,10 @@ en:
new_role: New user role
news: News
non_multilingual: Non multilingual
object_auth:
list_title_of_users: %{auth_title} Auth List
update_done: Update done,reulst showing in list
update_failed: Update failed
options: Options
orig_upload_file: Original filename
page: Page

View File

@ -191,7 +191,11 @@ zh_tw:
new_info: 新增用戶資料
new_role: 新增用戶身份
news: 新聞
non_multilingual: 非多種語言
non_multilingual:
object_auth:
list_title_of_users: 授權清單-%{auth_title}
update_done: 更新完成,結果顯示於清單
update_failed: 更新失敗
options: 選項
orig_upload_file: 原上傳檔名
page: 頁面管理

View File

@ -19,6 +19,10 @@ module OrbitCoreLib
end
def pp_object
"Object Auth method 'pp_object' need to be defined for class #{self.class}"
end
def get_object_auth_by_title(title)
self.object_auths.where({title: title }).first
end

View File

@ -10,7 +10,7 @@ include ActionView::Helpers::UrlHelper
oa = bulletin_category.get_object_auth_by_title(type)
end
# link_to t('announcement.bulletin.cate_auth'), edit_admin_object_auth_path(oa)
link_to t('announcement.bulletin.cate_auth'),panel_announcement_back_end_bulletin_category_setting_path(bulletin_category)
link_to t('announcement.bulletin.cate_auth'),admin_object_auth_ob_auth_path(oa)
end
end

View File

@ -18,6 +18,10 @@ class BulletinCategory
has_many :bulletins
def pp_object
i18n_variable[I18n.locale]
end
def self.from_id(id)
BulletinCategory.find(id) rescue nil
end

View File

@ -10,7 +10,7 @@ include ActionView::Helpers::UrlHelper
oa = news_bulletin_category.get_object_auth_by_title(type)
end
# link_to t('announcement.bulletin.cate_auth'), edit_admin_object_auth_path(oa)
link_to t('announcement.bulletin.cate_auth'),panel_news_back_end_news_bulletin_category_setting_path(news_bulletin_category)
link_to t('announcement.bulletin.cate_auth'),admin_object_auth_ob_auth_path(oa)
end

View File

@ -18,6 +18,10 @@ class NewsBulletinCategory
has_many :news_bulletins
def pp_object
i18n_variable[I18n.locale]
end
def self.from_id(id)
NewsBulletinCategory.find(id) rescue nil
end