orbit-basic/app/models/auth/authorization.rb

class Authorization
  include Mongoid::Document
  include Mongoid::Timestamps

  field :title

  belongs_to :module_app

  has_and_belongs_to_many :roles
  has_and_belongs_to_many :sub_roles

  delegate :update_auth_approval_users, :update_auth_manager_users, :update_auth_sub_manager_users, to: :module_app, prefix: true, allow_nil: true

  after_save :update_module_app


  def add_roles(roles)
  	users = []
  	roles = Array(roles)
    add_operation(:roles, roles)
    sub_roles = [] 
    roles.each{|role| role.sub_roles.each{|sub_role| sub_roles << sub_role.id}}
    add_operation(:sub_roles, sub_roles)
    roles.each{|role| role.users.where(admin: false).each{|user| users << user}}
		add_users(users, false)
  end
  
  def add_sub_roles(sub_roles)
  	users = []
  	sub_roles = Array(sub_roles)
    add_operation(:sub_roles, sub_roles)
    sub_roles.each do |sub_role| 
			self.roles << sub_role.role unless self.roles.include?(sub_role.role)
    	sub_role.users.where(admin: false).each{|user| users << user}
    end
		add_users(users, false)
  end
  
  def add_users(users, with_parents = true)
  	users = Array(users)
    add_operation(:authorized_users, users)
    users.each do |user|
    	user.roles.each do |role|
	    	self.roles << role unless self.roles.include?(role)
    	end
    	user.sub_roles.each do |sub_role|
	    	self.sub_roles << sub_role unless self.sub_roles.include?(sub_role)
    	end
    end if with_parents
   	self.save
  end

  def remove_roles(roles)
  	users = []
  	sub_roles = []
  	roles = Array(roles)
  	remove_operation(:roles, roles)
 		roles.each do |role|
 			role.sub_roles.each{|sub_role| sub_roles << sub_role}
 			role.users.where(admin: false).each{|user| users << user}
 		end
		remove_operation(:sub_role_ids, sub_roles)
		remove_operation(:authorized_user_ids, users)
		add_roles(self.roles)
  end

  def remove_sub_roles(sub_roles)
  	users = []
  	sub_roles = Array(sub_roles)
  	remove_operation(:sub_roles, sub_roles)
  	sub_roles.each do |sub_role|
  		users << sub_role.users.where(admin: false)
  	end
		remove_operation(:authorized_user_ids, users)
		add_roles(self.roles)
  end

  def remove_users(users)
  	users = Array(users)
  	remove_operation(:authorized_user_ids, users)
   	self.save
  end

  protected

  def add_operation(db_field, objs)
   	objs.each do |obj|
	   	self.send(db_field) << obj unless self.send(db_field).include?(obj)
   	end
  end  

  def remove_operation(db_field, obj)
    self.write_attribute(db_field, self.send(db_field) - obj.map{|y| y.id})
  end

  private

  def update_module_app
  	case self._type
  	when "AuthApproval"
  		self.module_app_update_auth_approval_users
  	when "AuthManager"
  		self.module_app_update_auth_manager_users
  	when "AuthSubManager"
  		self.module_app_update_auth_sub_manager_users
  	end
  end
end
New authorization 2013-08-19 10:54:35 +00:00			`class Authorization`
			`include Mongoid::Document`
			`include Mongoid::Timestamps`

			`field :title`

			`belongs_to :module_app`

			`has_and_belongs_to_many :roles`
			`has_and_belongs_to_many :sub_roles`

			`delegate :update_auth_approval_users, :update_auth_manager_users, :update_auth_sub_manager_users, to: :module_app, prefix: true, allow_nil: true`

			`after_save :update_module_app`


			`def add_roles(roles)`
			`users = []`
			`roles = Array(roles)`
			`add_operation(:roles, roles)`
			`sub_roles = []`
			`roles.each{\|role\| role.sub_roles.each{\|sub_role\| sub_roles << sub_role.id}}`
			`add_operation(:sub_roles, sub_roles)`
			`roles.each{\|role\| role.users.where(admin: false).each{\|user\| users << user}}`
			`add_users(users, false)`
			`end`

			`def add_sub_roles(sub_roles)`
			`users = []`
			`sub_roles = Array(sub_roles)`
			`add_operation(:sub_roles, sub_roles)`
			`sub_roles.each do \|sub_role\|`
			`self.roles << sub_role.role unless self.roles.include?(sub_role.role)`
			`sub_role.users.where(admin: false).each{\|user\| users << user}`
			`end`
			`add_users(users, false)`
			`end`

			`def add_users(users, with_parents = true)`
			`users = Array(users)`
			`add_operation(:authorized_users, users)`
			`users.each do \|user\|`
			`user.roles.each do \|role\|`
			`self.roles << role unless self.roles.include?(role)`
			`end`
			`user.sub_roles.each do \|sub_role\|`
			`self.sub_roles << sub_role unless self.sub_roles.include?(sub_role)`
			`end`
			`end if with_parents`
			`self.save`
			`end`

			`def remove_roles(roles)`
			`users = []`
			`sub_roles = []`
			`roles = Array(roles)`
			`remove_operation(:roles, roles)`
			`roles.each do \|role\|`
			`role.sub_roles.each{\|sub_role\| sub_roles << sub_role}`
			`role.users.where(admin: false).each{\|user\| users << user}`
			`end`
			`remove_operation(:sub_role_ids, sub_roles)`
			`remove_operation(:authorized_user_ids, users)`
			`add_roles(self.roles)`
			`end`

			`def remove_sub_roles(sub_roles)`
			`users = []`
			`sub_roles = Array(sub_roles)`
			`remove_operation(:sub_roles, sub_roles)`
			`sub_roles.each do \|sub_role\|`
			`users << sub_role.users.where(admin: false)`
			`end`
			`remove_operation(:authorized_user_ids, users)`
			`add_roles(self.roles)`
			`end`

			`def remove_users(users)`
			`users = Array(users)`
			`remove_operation(:authorized_user_ids, users)`
			`self.save`
			`end`

			`protected`

			`def add_operation(db_field, objs)`
			`objs.each do \|obj\|`
			`self.send(db_field) << obj unless self.send(db_field).include?(obj)`
			`end`
			`end`

			`def remove_operation(db_field, obj)`
			`self.write_attribute(db_field, self.send(db_field) - obj.map{\|y\| y.id})`
			`end`

			`private`

			`def update_module_app`
			`case self._type`
			`when "AuthApproval"`
			`self.module_app_update_auth_approval_users`
			`when "AuthManager"`
			`self.module_app_update_auth_manager_users`
			`when "AuthSubManager"`
			`self.module_app_update_auth_sub_manager_users`
			`end`
			`end`
			`end`