Object auth for ad_banner

2012-05-15 16:39:23 +08:00 · 2012-05-15 16:39:23 +08:00 · b23b5e8ec5
parent 0a9f0bcc45
commit b23b5e8ec5
8 changed files with 34 additions and 16 deletions
--- a/app/controllers/admin/ad_banners_controller.rb
+++ b/app/controllers/admin/ad_banners_controller.rb
@ -1,7 +1,8 @@
 class Admin::AdBannersController < OrbitBackendController
  layout "new_admin"
  before_filter :authenticate_user!
-  before_filter :for_app_manager
+  before_filter :for_app_manager,:except => [:index,:show] 
+  before_filter :for_app_sub_manager

  def destroy
    @ad_banner = AdBanner.find(params[:id])
--- a/app/controllers/admin/module_apps_new_interface_controller.rb
+++ b/app/controllers/admin/module_apps_new_interface_controller.rb
@ -37,8 +37,9 @@ class Admin::ModuleAppsNewInterfaceController < ApplicationController

  protected
  def update_setting_by_params
+    user_sat = []
    ma = ModuleApp.find params[:module_app][:id]
-    user_sat = User.find params[:users].keys
+    user_sat = User.find params[:users].keys if params.has_key? :users
    users_to_new = user_sat - ma.managing_users
    users_to_remove = ma.managing_users - user_sat

--- a/app/helpers/admin/ad_banner_helper.rb
+++ b/app/helpers/admin/ad_banner_helper.rb
@ -11,6 +11,9 @@ module Admin::AdBannerHelper
          
      printable_ad_images.shuffle!
 end
+    def sub_manager?(ad_banner)
+      ad_banner.authed_users(:edit).include?(current_user)
+    end

    def show_ad_banner_permission_link(ad_banner)
    type = 'edit'
@ -20,7 +23,11 @@ module Admin::AdBannerHelper
      oa = ad_banner.get_object_auth_by_title(type)
    end
 #    link_to t('announcement.bulletin.cate_auth'), edit_admin_object_auth_path(oa)
-     link_to t('admin.ad.cate_auth'),admin_object_auth_ob_auth_path(oa)
+     link_to t('admin.ad.cate_auth'),admin_object_auth_ob_auth_path(oa),:class => "btn btn-warning"
+  end
+
+    def at_least_module_manager
+      is_manager? || is_admin? 
    end

 end
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@ -11,6 +11,8 @@ class ObjectAuth  < PrototypeAuth
  end

  def check_user_has_app_auth
+debugger
+    a=1
    sub_managing_users = auth_obj.app_auth.sub_managing_users
    app_auth =  auth_obj.app_auth
    self.auth_users.each do |auth_user|
--- a/app/views/admin/ad_banners/_ad_banner_tab.html.erb
+++ b/app/views/admin/ad_banners/_ad_banner_tab.html.erb
@ -1,5 +1,5 @@
 <div class="tab-pane fade <%= "active in" if ad_banner_tab==@active%>" id=<%= ad_banner_tab.title.dehumanize %>>
-
+<% if at_least_module_manager || sub_manager?(ad_banner_tab)%>
 	<%= form_for ad_banner_tab,:url=> admin_ad_banner_path(ad_banner_tab),:method => :put,:class=>"input-medium" do |f| -%>
 		<div class="adbanner-setup well">
 			<!--<p><%#= t("admin.ad.banner_best_size") %>：</p>-->
@ -11,20 +11,23 @@
 			<%= f.submit t("admin.ad.update_banner"), :class => 'btn' %>
 			<%= f.submit t("cancel"),:type=>'reset', :class => 'btn'  %>
 		</div>
-		<h3>圖片列表</h3>
+	<% end -%>
+<% end -%>
+		<h3><%= t("admin.ad.picture_list")%></h3>
 		<div class="adbanner-list">
-			<div class="adbanner-action">
+			<%if  at_least_module_manager || sub_manager?(ad_banner_tab)%>
+				<%=  content_tag :div ,:class=>'adbanner-action' do%>
 					<%= link_to t("admin.ad.new_image"),new_admin_ad_banner_ad_image_path(ad_banner_tab) ,:class => "btn btn-primary"%>
 					<%= link_to t("modal.preview"), admin_realtime_preview_ad_banner_path(ad_banner_tab.id) , :class=>'preview_trigger btn btn-success'%>
-			</div>
+				<% end -%>
+			<% end -%>
 			<ul class="clear">
 				<%= render :partial => "ad_image_update", :collection => ad_banner_tab.ad_images,:as => :ad_image,:locals=>{:ad_banner => ad_banner_tab}  %>
 			</ul>
-			 <% if is_manager? || is_admin? %>
+			 <% if at_least_module_manager  %>
 				<%= show_ad_banner_permission_link ad_banner_tab%>
 			<% end -%>
 			<%#= render :partial => 'new_add_banner_file', :object => ad_banner_tab.ad_images.build, :locals => { :field_name => "new_ad_images[]", :f => f, :classes => "r_destroy" } %>
 		</div>
-	<% end -%>
 	<%#= render :partial => 'preview_block',:locals=> {:ad_banner =>ad_banner_tab} %> 
 </div>
--- a/app/views/admin/ad_banners/_ad_image_update.html.erb
+++ b/app/views/admin/ad_banners/_ad_image_update.html.erb
@ -4,8 +4,10 @@
 				<%= ad_image.display? ? "[#{t('admin.ad.showing')}]" : "[#{t('admin.ad.not_showing')}]" %>
 				<%= "#{ad_image.post_date ||'NeedReset'  }~#{ad_image.unpost_date || 'NeedReset'}" %>
 			</p>
+                  <%if at_least_module_manager || sub_manager?(ad_image.ad_banner) %>
      			<p>
 	       			<%= link_to	t('edit'),edit_admin_ad_banner_ad_image_path(ad_banner,ad_image),:class => 'btn  btn-primary'  %>
 			       	<%= link_to	t('delete'),admin_ad_banner_ad_image_path(ad_banner,ad_image),:class => 'btn',:method => :delete,:confirm => t('sure?') %>
 			     </p>
+                  <% end -%>
 </li>
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -87,6 +87,7 @@ en:
      new_image: New image
      showing: Showing
      not_showing: NotShowing
+      picture_list: Picture List
      title: Title
      transition_sec: Transition time
      trans_unit_sec: sec
--- a/config/locales/zh_tw.yml
+++ b/config/locales/zh_tw.yml
@ -82,6 +82,7 @@ zh_tw:
      new_image: 新增橫幅
      showing: 顯示中
      not_showing: 沒有顯示
+      picture_list: 圖片列表
      title: 標題
      transition_sec: 轉場單位時間
      trans_unit_sec: 秒