Add class for Ray's check-box
Fix some typos Change the default index for auth Add some hard code in object_auth.rb to handle page_context A user cannot select himself in authorisation
This commit is contained in:
parent
b1755bdc80
commit
d632439f80
|
@ -1,10 +1,5 @@
|
||||||
module AdminHelper
|
module AdminHelper
|
||||||
|
|
||||||
def show_parent_items_link
|
|
||||||
@parent_items = @parent_item.ancestors.map{ |i| i }
|
|
||||||
link_to('/' , admin_items_path) + ( @parent_items.map{ |i| link_to(i.name, admin_items_path(:parent_id=>i.id) ) } << @parent_item.name ).join("/").html_safe
|
|
||||||
end
|
|
||||||
|
|
||||||
# Check if the current_user is manager in current module app
|
# Check if the current_user is manager in current module app
|
||||||
def is_manager?
|
def is_manager?
|
||||||
(@module_app.is_manager?(current_or_guest_user) rescue nil) || is_admin?
|
(@module_app.is_manager?(current_or_guest_user) rescue nil) || is_admin?
|
||||||
|
@ -34,4 +29,14 @@ module AdminHelper
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def get_user_module_role(user)
|
||||||
|
if user.admin?
|
||||||
|
t(:admin)
|
||||||
|
elsif @module_app.is_manager?(user)
|
||||||
|
t(:manager)
|
||||||
|
elsif @module_app.is_sub_manager?(user)
|
||||||
|
t(:sub_manager)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
|
@ -76,9 +76,7 @@ module OrbitBackendHelper
|
||||||
#
|
#
|
||||||
# TODO: link for other types
|
# TODO: link for other types
|
||||||
# ===============================================================
|
# ===============================================================
|
||||||
def get_value(object, field)
|
def get_value(object, field, authorization, approvable)
|
||||||
authorization = !@authorization || (@authorization && is_authorized(object))
|
|
||||||
approvable = !@approvable || (@approvable && is_approvable(object))
|
|
||||||
res = ''
|
res = ''
|
||||||
case field[:type]
|
case field[:type]
|
||||||
when 'associated'
|
when 'associated'
|
||||||
|
@ -145,9 +143,11 @@ module OrbitBackendHelper
|
||||||
end)
|
end)
|
||||||
concat (content_tag :tbody do
|
concat (content_tag :tbody do
|
||||||
(@objects.each do |object|
|
(@objects.each do |object|
|
||||||
|
authorization = !@authorization || (@authorization && is_authorized(object))
|
||||||
|
approvable = !@approvable || (@approvable && is_approvable(object))
|
||||||
concat (content_tag :tr do
|
concat (content_tag :tr do
|
||||||
(@fields.each do |field|
|
(@fields.each do |field|
|
||||||
concat(content_tag :td, get_value(object, field))
|
concat(content_tag :td, get_value(object, field, authorization, approvable))
|
||||||
end)
|
end)
|
||||||
end)
|
end)
|
||||||
end)
|
end)
|
||||||
|
@ -280,11 +280,11 @@ module OrbitBackendHelper
|
||||||
content_tag :li, link_to(t(quick[:translation] || :approval_), eval("#{quick[:link]}('#{object.id}')"), class: "preview_trigger #{quick[:class]}")
|
content_tag :li, link_to(t(quick[:translation] || :approval_), eval("#{quick[:link]}('#{object.id}')"), class: "preview_trigger #{quick[:class]}")
|
||||||
end
|
end
|
||||||
when 'authorization'
|
when 'authorization'
|
||||||
if authorization
|
if is_admin? || is_manager?
|
||||||
content_tag :li, link_to(t(quick[:translation] || :authorization_), eval("#{quick[:link]}"), class: "preview_trigger #{quick[:class]}")
|
content_tag :li, link_to(t(quick[:translation] || :authorization_), eval("#{quick[:link]}"), class: "preview_trigger #{quick[:class]}")
|
||||||
end
|
end
|
||||||
when 'edit'
|
when 'edit'
|
||||||
if authorization || approvable
|
if authorization && approvable
|
||||||
content_tag :li, link_to(t(quick[:translation] || :edit), eval("#{quick[:link]}('#{object.id}')"), class: quick[:class])
|
content_tag :li, link_to(t(quick[:translation] || :edit), eval("#{quick[:link]}('#{object.id}')"), class: quick[:class])
|
||||||
end
|
end
|
||||||
when 'delete'
|
when 'delete'
|
||||||
|
@ -319,7 +319,15 @@ module OrbitBackendHelper
|
||||||
end
|
end
|
||||||
|
|
||||||
def is_authorized(object)
|
def is_authorized(object)
|
||||||
at_least_module_manager || object.category.cur_user_is_sub_manager_of("submit_#{@module_app.key}")
|
autorized = @module_app.authorizable_models.inject(false) do |autorized, klass|
|
||||||
|
if object.is_a?(klass.constantize)
|
||||||
|
autorized ||= object.cur_user_is_sub_manager_of("#{klass.underscore}_#{@module_app.key}")
|
||||||
|
else
|
||||||
|
autorized ||= object.category.cur_user_is_sub_manager_of("category_#{@module_app.key}")
|
||||||
|
end
|
||||||
|
autorized
|
||||||
|
end
|
||||||
|
at_least_module_manager || autorized
|
||||||
end
|
end
|
||||||
|
|
||||||
def quick_edit_link(args)
|
def quick_edit_link(args)
|
||||||
|
|
|
@ -15,8 +15,12 @@ class ObjectAuth < PrototypeAuth
|
||||||
end
|
end
|
||||||
|
|
||||||
def check_user_has_can_access_app
|
def check_user_has_can_access_app
|
||||||
sub_managing_users = auth_obj.module_app.sub_managing_users rescue []
|
if auth_obj.is_a?(PageContext)
|
||||||
module_app = auth_obj.module_app
|
module_app = ModuleApp.where(key: 'page_content').first
|
||||||
|
else
|
||||||
|
module_app = auth_obj.module_app
|
||||||
|
end
|
||||||
|
sub_managing_users = module_app.sub_managing_users rescue []
|
||||||
self.auth_users.each do |auth_user|
|
self.auth_users.each do |auth_user|
|
||||||
if !sub_managing_users.include? auth_user && !auth_user.admin?
|
if !sub_managing_users.include? auth_user && !auth_user.admin?
|
||||||
module_app.assign_sub_manager(auth_user,User.current)
|
module_app.assign_sub_manager(auth_user,User.current)
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
<li class="filter-item selected_user" id="<%= user.id %>">
|
<li class="filter-item selected_user <%= 'check-item' unless user == current_user || is_admin? %>" id="<%= user.id %>">
|
||||||
<label>
|
<label>
|
||||||
<%= image_tag (user.avatar? ? user.avatar.thumb : 'menber-pic.png'), :class => "user-pic" %>
|
<%= image_tag (user.avatar? ? user.avatar.thumb : 'menber-pic.png'), :class => "user-pic" %>
|
||||||
<span class="user-name"><%= user.name %></span>
|
<span class="user-name"><%= user.name %></span>
|
||||||
<!-- <span>國際事務學院,國際研究英語碩士學位學程</span> -->
|
<span><%= get_user_module_role(user) %></span>
|
||||||
</label>
|
</label>
|
||||||
<input type="checkbox">
|
<% unless user == current_user || is_admin? %>
|
||||||
|
<input type="checkbox">
|
||||||
|
<% end %>
|
||||||
</li>
|
</li>
|
|
@ -15,7 +15,7 @@
|
||||||
<div class="mini-layout-body span10">
|
<div class="mini-layout-body span10">
|
||||||
<%= link_to t(:module_authorization), admin_authorizations_path(@module_app.key) %>
|
<%= link_to t(:module_authorization), admin_authorizations_path(@module_app.key) %>
|
||||||
<% @module_app.authorizable_models.each do |authorizable_model| %>
|
<% @module_app.authorizable_models.each do |authorizable_model| %>
|
||||||
<%= link_to (authorizable_model.eql?('Category') ? t(:category_auth) : "#{authorizable_model.underscore.humanize.capitalize} #{t(:authorization_)}"), admin_authorizations_path(@module_app.key, type: authorizable_model.downcase) %>
|
<%= link_to (authorizable_model.eql?('Category') ? t(:category_auth) : "#{authorizable_model.underscore.humanize.capitalize} #{t(:authorization_)}"), admin_authorizations_path(@module_app.key, type: authorizable_model.underscore) %>
|
||||||
<% end %>
|
<% end %>
|
||||||
<%= link_to t(:approval_), admin_authorizations_path(@module_app.key, type: 'approval') if @module_app.is_approvable %>
|
<%= link_to t(:approval_), admin_authorizations_path(@module_app.key, type: 'approval') if @module_app.is_approvable %>
|
||||||
<% if @error %>
|
<% if @error %>
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
$("#select_user").html("<%= j render partial: 'admin/member_selects/modal_select', locals: {role_form_url: admin_add_roles_authorizations_path(@module_app.key, @type, @object_id), user_form_url: admin_add_users_authorizations_path(@module_app.key, @type, @cobject_id)} %>");
|
$("#select_user").html("<%= j render partial: 'admin/member_selects/modal_select', locals: {role_form_url: admin_add_roles_authorizations_path(@module_app.key, @type, @object_id), user_form_url: admin_add_users_authorizations_path(@module_app.key, @type, @object_id)} %>");
|
||||||
$("#member-filter").modal();
|
$("#member-filter").modal();
|
|
@ -39,7 +39,7 @@
|
||||||
<div class="content">
|
<div class="content">
|
||||||
<ul class="checkbox-card clearfix">
|
<ul class="checkbox-card clearfix">
|
||||||
<% users.each do |user| %>
|
<% users.each do |user| %>
|
||||||
<li>
|
<li class="check-item">
|
||||||
<label>
|
<label>
|
||||||
<%= image_tag (user.avatar.file ? user.avatar : "menber-pic.png"), class: "user-pic" %>
|
<%= image_tag (user.avatar.file ? user.avatar : "menber-pic.png"), class: "user-pic" %>
|
||||||
<span class="user-name"><%= user.name %></span>
|
<span class="user-name"><%= user.name %></span>
|
||||||
|
@ -72,9 +72,7 @@
|
||||||
$('#member-filter').on('shown', function() {
|
$('#member-filter').on('shown', function() {
|
||||||
$('#member-filter').off('shown')
|
$('#member-filter').off('shown')
|
||||||
$(this).find('.nano').nanoScroller({ scrollTop: 0, iOSNativeScrolling: true });
|
$(this).find('.nano').nanoScroller({ scrollTop: 0, iOSNativeScrolling: true });
|
||||||
$(this).find('.checkbox-card > li').cardCheck({
|
$(this).find('.checkbox-card').cardCheck();
|
||||||
check: $(this).find('.checkbox-card > li input[type="checkbox"]'),
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
|
@ -5,11 +5,11 @@
|
||||||
<%= render 'layouts/meta' %>
|
<%= render 'layouts/meta' %>
|
||||||
<%= render 'layouts/google_font' %>
|
<%= render 'layouts/google_font' %>
|
||||||
<%= stylesheet_link_tag "back_end" %>
|
<%= stylesheet_link_tag "back_end" %>
|
||||||
<%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset params[:controller] %>
|
<%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.css" %>
|
||||||
<%= yield :page_specific_css %>
|
<%= yield :page_specific_css %>
|
||||||
<%= render 'layouts/ie_html5_fix' %>
|
<%= render 'layouts/ie_html5_fix' %>
|
||||||
<%= javascript_include_tag "back_end" %>
|
<%= javascript_include_tag "back_end" %>
|
||||||
<%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset params[:controller] %>
|
<%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.js" %>
|
||||||
<%= yield :page_specific_javascript %>
|
<%= yield :page_specific_javascript %>
|
||||||
<%= csrf_meta_tag %>
|
<%= csrf_meta_tag %>
|
||||||
</head>
|
</head>
|
||||||
|
|
|
@ -5,10 +5,10 @@
|
||||||
<%= render 'layouts/meta' %>
|
<%= render 'layouts/meta' %>
|
||||||
<%= render 'layouts/google_font' %>
|
<%= render 'layouts/google_font' %>
|
||||||
<%= stylesheet_link_tag "basic" %>
|
<%= stylesheet_link_tag "basic" %>
|
||||||
<%= stylesheet_link_tag params[:controller] %>
|
<%= stylesheet_link_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.css" %>
|
||||||
<%= render 'layouts/ie_html5_fix' %>
|
<%= render 'layouts/ie_html5_fix' %>
|
||||||
<%= javascript_include_tag "basic" %>
|
<%= javascript_include_tag "basic" %>
|
||||||
<%= javascript_include_tag params[:controller] %>
|
<%= javascript_include_tag params[:controller] if Rails.application.assets.find_asset "#{params[:controller]}.js" %>
|
||||||
<%= yield :page_specific_css %>
|
<%= yield :page_specific_css %>
|
||||||
<%= yield :page_specific_javascript %>
|
<%= yield :page_specific_javascript %>
|
||||||
<%= csrf_meta_tag %>
|
<%= csrf_meta_tag %>
|
||||||
|
|
|
@ -9,7 +9,7 @@ module OrbitCategory
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def get_categories_for_form(func_authed_for_sub_manager = "submit_#{@module_app.key}")
|
def get_categories_for_form(func_authed_for_sub_manager = "category_#{@module_app.key}")
|
||||||
categories = if is_manager? || is_admin?
|
categories = if is_manager? || is_admin?
|
||||||
@module_app.categories.enabled
|
@module_app.categories.enabled
|
||||||
elsif is_sub_manager?
|
elsif is_sub_manager?
|
||||||
|
|
Loading…
Reference in New Issue