orbit-basic/app/controllers/admin/object_auths_new_interface_...

class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController
  include OrbitCoreLib::PermissionUnility
  before_filter :force_order
  
  
  def setting
    @sys_users = User.all(conditions: {admin: false}).includes(:avatar)
    @ob_auth = ObjectAuth.find params[:object_auth_id]
    @options_from_collection_for_select_ob_auth = [@ob_auth].collect{|oa| [oa.auth_obj.pp_object,oa.id] }
    @users_array = @ob_auth.privilege_users rescue []

    respond_to do |format|
      format.html
      format.js
    end
  end
  
  def update_setting
    ob_auth = update_setting_by_params
    if ob_auth.save!
      flash[:notice] = t("admin.object_auth.update_done")
    else
      flash[:notice] = t("admin.object_auth.update_failed")
    end
  end
  
  def user_list
    @ob_auth = ObjectAuth.find params[:ob_auth][:id]
  end

  protected
  def update_setting_by_params
    user_sat = []
    oa = ObjectAuth.find params[:ob_auth][:id]
    user_sat += User.find params[:users].keys if params.has_key? :users
    users_to_new = user_sat - oa.auth_users
    users_to_remove = oa.auth_users - user_sat

    users_to_new.each do |new_user|
      oa.add_user_to_privilege_list(new_user)
    end

    users_to_remove.each do |remove_user|
      oa.remove_user_from_privilege_list(remove_user)
    end
    oa
  end
  
  # def get_categorys(id = nil)
  #   @bulletin_categorys = []
  #   if(is_manager? || is_admin?)
  #     @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
  #   elsif is_sub_manager?
  #     @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
  #   end
  # end

  def force_order
    authenticate_user!
    check_if_user_can_do_object_auth
  end

  def check_if_user_can_do_object_auth
    unless  check_permission(:manager)
      render :nothing => true, :status => 403 
    end
  end

end
Change to apply page to had object_auth 2012-05-14 04:34:15 +00:00			`class Admin::ObjectAuthsNewInterfaceController < OrbitBackendController`
New Interface for App Auth and Object Auth 2012-05-11 08:44:40 +00:00			`include OrbitCoreLib::PermissionUnility`
			`before_filter :force_order`


			`def setting`
cache privilege user list. 2012-05-22 09:55:18 +00:00			`@sys_users = User.all(conditions: {admin: false}).includes(:avatar)`
New Interface for App Auth and Object Auth 2012-05-11 08:44:40 +00:00			`@ob_auth = ObjectAuth.find params[:object_auth_id]`
			`@options_from_collection_for_select_ob_auth = [@ob_auth].collect{\|oa\| [oa.auth_obj.pp_object,oa.id] }`
			`@users_array = @ob_auth.privilege_users rescue []`

			`respond_to do \|format\|`
			`format.html`
			`format.js`
			`end`
			`end`

			`def update_setting`
			`ob_auth = update_setting_by_params`
			`if ob_auth.save!`
			`flash[:notice] = t("admin.object_auth.update_done")`
			`else`
			`flash[:notice] = t("admin.object_auth.update_failed")`
			`end`
			`end`

			`def user_list`
			`@ob_auth = ObjectAuth.find params[:ob_auth][:id]`
			`end`

			`protected`
			`def update_setting_by_params`
Change to apply page to had object_auth 2012-05-14 04:34:15 +00:00			`user_sat = []`
New Interface for App Auth and Object Auth 2012-05-11 08:44:40 +00:00			`oa = ObjectAuth.find params[:ob_auth][:id]`
Change to apply page to had object_auth 2012-05-14 04:34:15 +00:00			`user_sat += User.find params[:users].keys if params.has_key? :users`
New Interface for App Auth and Object Auth 2012-05-11 08:44:40 +00:00			`users_to_new = user_sat - oa.auth_users`
			`users_to_remove = oa.auth_users - user_sat`

			`users_to_new.each do \|new_user\|`
			`oa.add_user_to_privilege_list(new_user)`
			`end`

			`users_to_remove.each do \|remove_user\|`
			`oa.remove_user_from_privilege_list(remove_user)`
			`end`
			`oa`
			`end`

			`# def get_categorys(id = nil)`
			`# @bulletin_categorys = []`
			`# if(is_manager? \|\| is_admin?)`
			`# @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))`
			`# elsif is_sub_manager?`
			`# @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')`
			`# end`
			`# end`

			`def force_order`
			`authenticate_user!`
			`check_if_user_can_do_object_auth`
			`end`

			`def check_if_user_can_do_object_auth`
			`unless check_permission(:manager)`
			`render :nothing => true, :status => 403`
			`end`
			`end`

			`end`