alberich 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +18 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +37 -0
- data/Rakefile +34 -0
- data/alberich.gemspec +34 -0
- data/app/assets/javascripts/alberich/application.js +15 -0
- data/app/assets/javascripts/alberich/permissions.js +2 -0
- data/app/assets/javascripts/alberich/privileges.js +2 -0
- data/app/assets/javascripts/alberich/roles.js +2 -0
- data/app/assets/stylesheets/alberich/application.css +13 -0
- data/app/assets/stylesheets/alberich/permissions.css +4 -0
- data/app/assets/stylesheets/alberich/privileges.css +4 -0
- data/app/assets/stylesheets/alberich/roles.css +4 -0
- data/app/assets/stylesheets/scaffold.css +56 -0
- data/app/controllers/alberich/application_controller.rb +4 -0
- data/app/controllers/alberich/application_controller_helper.rb +118 -0
- data/app/controllers/alberich/permissions_controller.rb +211 -0
- data/app/controllers/alberich/privileges_controller.rb +105 -0
- data/app/controllers/alberich/roles_controller.rb +97 -0
- data/app/helpers/alberich/application_helper.rb +4 -0
- data/app/helpers/alberich/permissions_helper.rb +4 -0
- data/app/helpers/alberich/privileges_helper.rb +4 -0
- data/app/helpers/alberich/roles_helper.rb +4 -0
- data/app/models/alberich/base_permission_object.rb +42 -0
- data/app/models/alberich/derived_permission.rb +25 -0
- data/app/models/alberich/entity.rb +27 -0
- data/app/models/alberich/entity_target_observer.rb +16 -0
- data/app/models/alberich/permission.rb +59 -0
- data/app/models/alberich/permission_session.rb +33 -0
- data/app/models/alberich/permissioned_object.rb +139 -0
- data/app/models/alberich/privilege.rb +29 -0
- data/app/models/alberich/role.rb +37 -0
- data/app/models/alberich/session_entity.rb +15 -0
- data/app/views/alberich/permissions/_form.html.haml +27 -0
- data/app/views/alberich/permissions/_list.html.haml +1 -0
- data/app/views/alberich/permissions/_objects.html.haml +38 -0
- data/app/views/alberich/permissions/_permissions.html.haml +45 -0
- data/app/views/alberich/permissions/index.html.haml +2 -0
- data/app/views/alberich/permissions/new.html.haml +5 -0
- data/app/views/alberich/permissions/show.html.haml +12 -0
- data/app/views/alberich/privileges/_form.html.haml +19 -0
- data/app/views/alberich/privileges/_list.html.haml +17 -0
- data/app/views/alberich/privileges/create.html.haml +2 -0
- data/app/views/alberich/privileges/destroy.html.haml +2 -0
- data/app/views/alberich/privileges/edit.html.haml +5 -0
- data/app/views/alberich/privileges/index.html.haml +5 -0
- data/app/views/alberich/privileges/new.html.haml +5 -0
- data/app/views/alberich/privileges/show.html.haml +12 -0
- data/app/views/alberich/privileges/update.html.haml +2 -0
- data/app/views/alberich/roles/_form.html.haml +24 -0
- data/app/views/alberich/roles/edit.html.haml +7 -0
- data/app/views/alberich/roles/index.html.haml +23 -0
- data/app/views/alberich/roles/new.html.haml +5 -0
- data/app/views/alberich/roles/show.html.haml +16 -0
- data/app/views/layouts/alberich/application.html.erb +14 -0
- data/config/initializers/haml.rb +1 -0
- data/config/routes.rb +17 -0
- data/db/migrate/20120925162242_create_alberich_roles.rb +12 -0
- data/db/migrate/20121022223626_create_alberich_privileges.rb +12 -0
- data/db/migrate/20121023051301_create_alberich_base_permission_objects.rb +9 -0
- data/db/migrate/20121023233648_create_alberich_permission_sessions.rb +11 -0
- data/db/migrate/20121027023136_create_alberich_entities.rb +34 -0
- data/db/migrate/20121204205213_create_alberich_session_entities.rb +12 -0
- data/db/migrate/20121205180518_create_alberich_permissions.rb +13 -0
- data/db/migrate/20130107043252_create_alberich_derived_permissions.rb +18 -0
- data/lib/alberich.rb +10 -0
- data/lib/alberich/#version.rb# +3 -0
- data/lib/alberich/engine.rb +10 -0
- data/lib/alberich/version.rb +3 -0
- data/lib/generators/alberich/install_generator.rb +15 -0
- data/lib/generators/alberich/templates/README +6 -0
- data/lib/generators/alberich/templates/alberich.rb +11 -0
- data/lib/tasks/alberich_tasks.rake +4 -0
- data/spec/controllers/alberich/permissions_controller_spec.rb +112 -0
- data/spec/controllers/alberich/privileges_controller_spec.rb +131 -0
- data/spec/controllers/alberich/roles_controller_spec.rb +130 -0
- data/spec/factories/alberich/permission.rb +51 -0
- data/spec/factories/alberich/permission_session.rb +7 -0
- data/spec/factories/alberich/privilege.rb +6 -0
- data/spec/factories/alberich/role.rb +103 -0
- data/spec/factories/child_resource.rb +14 -0
- data/spec/factories/child_resource.rb~ +7 -0
- data/spec/factories/global_resource.rb +11 -0
- data/spec/factories/global_resource.rb~ +25 -0
- data/spec/factories/parent_resource.rb +12 -0
- data/spec/factories/parent_resource.rb~ +7 -0
- data/spec/factories/standalone_resource.rb +7 -0
- data/spec/factories/standalone_resource.rb~ +11 -0
- data/spec/factories/user.rb +30 -0
- data/spec/factories/user_group.rb +8 -0
- data/spec/models/alberich/derived_permission_spec.rb +34 -0
- data/spec/models/alberich/entity_spec.rb +15 -0
- data/spec/models/alberich/permission_spec.rb +133 -0
- data/spec/models/alberich/privilege_spec.rb +39 -0
- data/spec/models/alberich/role_spec.rb +33 -0
- data/spec/models/alberich/session_entity_spec.rb +24 -0
- data/spec/spec_helper.rb +81 -0
- data/spec/support/routes.rb +41 -0
- data/test/dummy/README.rdoc +261 -0
- data/test/dummy/Rakefile +7 -0
- data/test/dummy/app/assets/javascripts/application.js +15 -0
- data/test/dummy/app/assets/javascripts/child_resources.js +2 -0
- data/test/dummy/app/assets/javascripts/global_resources.js +2 -0
- data/test/dummy/app/assets/javascripts/parent_resources.js +2 -0
- data/test/dummy/app/assets/javascripts/standalone_resources.js +2 -0
- data/test/dummy/app/assets/javascripts/user_groups.js +2 -0
- data/test/dummy/app/assets/javascripts/users.js +2 -0
- data/test/dummy/app/assets/stylesheets/application.css +13 -0
- data/test/dummy/app/assets/stylesheets/child_resources.css +4 -0
- data/test/dummy/app/assets/stylesheets/global_resources.css +4 -0
- data/test/dummy/app/assets/stylesheets/parent_resources.css +4 -0
- data/test/dummy/app/assets/stylesheets/scaffold.css +56 -0
- data/test/dummy/app/assets/stylesheets/standalone_resources.css +4 -0
- data/test/dummy/app/assets/stylesheets/user_groups.css +4 -0
- data/test/dummy/app/assets/stylesheets/users.css +4 -0
- data/test/dummy/app/controllers/application_controller.rb +73 -0
- data/test/dummy/app/controllers/child_resources_controller.rb +99 -0
- data/test/dummy/app/controllers/child_resources_controller.rb~ +83 -0
- data/test/dummy/app/controllers/global_resources_controller.rb +95 -0
- data/test/dummy/app/controllers/global_resources_controller.rb~ +83 -0
- data/test/dummy/app/controllers/parent_resources_controller.rb +101 -0
- data/test/dummy/app/controllers/parent_resources_controller.rb~ +83 -0
- data/test/dummy/app/controllers/standalone_resources_controller.rb +101 -0
- data/test/dummy/app/controllers/standalone_resources_controller.rb~ +83 -0
- data/test/dummy/app/controllers/user_groups_controller.rb +131 -0
- data/test/dummy/app/controllers/user_sessions_controller.rb +38 -0
- data/test/dummy/app/controllers/users_controller.rb +87 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/helpers/child_resources_helper.rb +2 -0
- data/test/dummy/app/helpers/global_resources_helper.rb +2 -0
- data/test/dummy/app/helpers/parent_resources_helper.rb +2 -0
- data/test/dummy/app/helpers/standalone_resources_helper.rb +2 -0
- data/test/dummy/app/helpers/user_groups_helper.rb +2 -0
- data/test/dummy/app/helpers/users_helper.rb +2 -0
- data/test/dummy/app/models/child_resource.rb +25 -0
- data/test/dummy/app/models/child_resource.rb~ +4 -0
- data/test/dummy/app/models/global_resource.rb +3 -0
- data/test/dummy/app/models/parent_resource.rb +32 -0
- data/test/dummy/app/models/parent_resource.rb~ +3 -0
- data/test/dummy/app/models/standalone_resource.rb +22 -0
- data/test/dummy/app/models/standalone_resource.rb~ +3 -0
- data/test/dummy/app/models/user.rb +80 -0
- data/test/dummy/app/models/user_group.rb +12 -0
- data/test/dummy/app/views/child_resources/_form.html.erb +30 -0
- data/test/dummy/app/views/child_resources/_form.html.erb~ +29 -0
- data/test/dummy/app/views/child_resources/edit.html.erb +6 -0
- data/test/dummy/app/views/child_resources/index.html.erb +25 -0
- data/test/dummy/app/views/child_resources/index.html.erb~ +27 -0
- data/test/dummy/app/views/child_resources/new.html.erb +5 -0
- data/test/dummy/app/views/child_resources/show.html.erb +20 -0
- data/test/dummy/app/views/child_resources/show.html.erb~ +20 -0
- data/test/dummy/app/views/global_resources/_form.html.erb +25 -0
- data/test/dummy/app/views/global_resources/edit.html.erb +6 -0
- data/test/dummy/app/views/global_resources/index.html.erb +25 -0
- data/test/dummy/app/views/global_resources/new.html.erb +5 -0
- data/test/dummy/app/views/global_resources/show.html.erb +15 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/app/views/parent_resources/_form.html.erb +25 -0
- data/test/dummy/app/views/parent_resources/edit.html.erb +6 -0
- data/test/dummy/app/views/parent_resources/index.html.erb +25 -0
- data/test/dummy/app/views/parent_resources/index.html.erb~ +25 -0
- data/test/dummy/app/views/parent_resources/new.html.erb +5 -0
- data/test/dummy/app/views/parent_resources/show.html.erb +44 -0
- data/test/dummy/app/views/parent_resources/show.html.erb~ +15 -0
- data/test/dummy/app/views/standalone_resources/_form.html.erb +25 -0
- data/test/dummy/app/views/standalone_resources/edit.html.erb +6 -0
- data/test/dummy/app/views/standalone_resources/index.html.erb +25 -0
- data/test/dummy/app/views/standalone_resources/new.html.erb +5 -0
- data/test/dummy/app/views/standalone_resources/show.html.erb +15 -0
- data/test/dummy/app/views/user_groups/_form.html.haml +9 -0
- data/test/dummy/app/views/user_groups/add_members.html.haml +18 -0
- data/test/dummy/app/views/user_groups/edit.html.haml +13 -0
- data/test/dummy/app/views/user_groups/index.html.haml +20 -0
- data/test/dummy/app/views/user_groups/new.html.haml +11 -0
- data/test/dummy/app/views/user_groups/show.html.haml +42 -0
- data/test/dummy/app/views/user_sessions/new.html.haml +26 -0
- data/test/dummy/app/views/users/_form.html.haml +25 -0
- data/test/dummy/app/views/users/edit.html.haml +14 -0
- data/test/dummy/app/views/users/index.html.haml +26 -0
- data/test/dummy/app/views/users/new.html.haml +11 -0
- data/test/dummy/app/views/users/show.html.haml +56 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/config/application.rb +59 -0
- data/test/dummy/config/boot.rb +10 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +37 -0
- data/test/dummy/config/environments/production.rb +67 -0
- data/test/dummy/config/environments/test.rb +37 -0
- data/test/dummy/config/initializers/alberich.rb +13 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/inflections.rb +15 -0
- data/test/dummy/config/initializers/mime_types.rb +5 -0
- data/test/dummy/config/initializers/secret_token.rb +7 -0
- data/test/dummy/config/initializers/session_store.rb +8 -0
- data/test/dummy/config/initializers/warden.rb +79 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +5 -0
- data/test/dummy/config/routes.rb +33 -0
- data/test/dummy/db/migrate/20120801010101_create_users.rb +20 -0
- data/test/dummy/db/migrate/20121121054319_create_user_groups.rb +16 -0
- data/test/dummy/db/migrate/20130220160811_create_global_resources.rb +10 -0
- data/test/dummy/db/migrate/20130220175258_create_standalone_resources.rb +10 -0
- data/test/dummy/db/migrate/20130226145412_create_parent_resources.rb +10 -0
- data/test/dummy/db/migrate/20130226151256_create_child_resources.rb +12 -0
- data/test/dummy/db/migrate/20130226151256_create_child_resources.rb~ +12 -0
- data/test/dummy/db/schema.rb +151 -0
- data/test/dummy/db/seeds.rb +65 -0
- data/test/dummy/lib/password.rb +58 -0
- data/test/dummy/public/404.html +26 -0
- data/test/dummy/public/422.html +26 -0
- data/test/dummy/public/500.html +25 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/script/rails +6 -0
- data/test/dummy/test/fixtures/child_resources.yml +11 -0
- data/test/dummy/test/fixtures/global_resources.yml +9 -0
- data/test/dummy/test/fixtures/parent_resources.yml +9 -0
- data/test/dummy/test/fixtures/standalone_resources.yml +9 -0
- data/test/dummy/test/fixtures/user_groups.yml +9 -0
- data/test/dummy/test/fixtures/users.yml +37 -0
- data/test/dummy/test/functional/child_resources_controller_test.rb +49 -0
- data/test/dummy/test/functional/global_resources_controller_test.rb +49 -0
- data/test/dummy/test/functional/parent_resources_controller_test.rb +49 -0
- data/test/dummy/test/functional/standalone_resources_controller_test.rb +49 -0
- data/test/dummy/test/functional/user_groups_controller_test.rb +49 -0
- data/test/dummy/test/functional/users_controller_test.rb +39 -0
- data/test/dummy/test/unit/child_resource_test.rb +7 -0
- data/test/dummy/test/unit/global_resource_test.rb +7 -0
- data/test/dummy/test/unit/helpers/child_resources_helper_test.rb +4 -0
- data/test/dummy/test/unit/helpers/global_resources_helper_test.rb +4 -0
- data/test/dummy/test/unit/helpers/parent_resources_helper_test.rb +4 -0
- data/test/dummy/test/unit/helpers/standalone_resources_helper_test.rb +4 -0
- data/test/dummy/test/unit/helpers/user_groups_helper_test.rb +4 -0
- data/test/dummy/test/unit/helpers/users_helper_test.rb +4 -0
- data/test/dummy/test/unit/parent_resource_test.rb +7 -0
- data/test/dummy/test/unit/standalone_resource_test.rb +7 -0
- data/test/dummy/test/unit/user_group_test.rb +7 -0
- data/test/dummy/test/unit/user_test.rb +7 -0
- data/test/integration/alberich/permission_test.rb +7 -0
- data/test/integration/alberich/privilege_test.rb +7 -0
- data/test/integration/alberich/role_test.rb +7 -0
- metadata +639 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
module Alberich
|
2
|
+
class Privilege < ActiveRecord::Base
|
3
|
+
attr_accessible :action, :role, :role_id, :target_type
|
4
|
+
|
5
|
+
PERM_SET = "set_perms" # can create/modify/delete permission
|
6
|
+
# records on this object
|
7
|
+
PERM_VIEW = "view_perms" # can view permission records on this
|
8
|
+
# object
|
9
|
+
CREATE = "create" # can create objects of this type here
|
10
|
+
MODIFY = "modify" # can modify objects of this type here
|
11
|
+
VIEW = "view" # can view objects of this type here
|
12
|
+
USE = "use" # can use objects of this type here
|
13
|
+
|
14
|
+
ACTIONS = [ CREATE, MODIFY, USE, VIEW,
|
15
|
+
PERM_SET, PERM_VIEW]
|
16
|
+
TARGET_TYPES = ["Alberich::BasePermissionObject"] +
|
17
|
+
Alberich.permissioned_object_classes +
|
18
|
+
Alberich.additional_privilege_scopes
|
19
|
+
|
20
|
+
belongs_to :role
|
21
|
+
validates_presence_of :role_id
|
22
|
+
validates_presence_of :target_type
|
23
|
+
validates_presence_of :action
|
24
|
+
validates_uniqueness_of :action, :scope => [:target_type, :role_id]
|
25
|
+
validates_inclusion_of :target_type, :in => TARGET_TYPES
|
26
|
+
validates_inclusion_of :action, :in => ACTIONS
|
27
|
+
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module Alberich
|
2
|
+
class Role < ActiveRecord::Base
|
3
|
+
VALID_SCOPES = ["Alberich::BasePermissionObject"] + Alberich.permissioned_object_classes
|
4
|
+
has_many :permissions, :dependent => :destroy
|
5
|
+
has_many :derived_permissions, :dependent => :destroy
|
6
|
+
has_many :privileges, :dependent => :destroy
|
7
|
+
|
8
|
+
attr_accessible :name, :assign_to_owner, :scope
|
9
|
+
|
10
|
+
validates_presence_of :scope
|
11
|
+
validates_presence_of :name
|
12
|
+
validates_uniqueness_of :name
|
13
|
+
|
14
|
+
validates_associated :privileges
|
15
|
+
|
16
|
+
validates_length_of :name, :maximum => 255
|
17
|
+
validates_inclusion_of :scope, :in => VALID_SCOPES
|
18
|
+
def privilege_target_types
|
19
|
+
privileges.collect {|x| x.target_type.constantize}.uniq
|
20
|
+
end
|
21
|
+
def privilege_target_match(obj_type)
|
22
|
+
(privilege_target_types & obj_type.active_privilege_target_types).any?
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.all_by_scope
|
26
|
+
roles = self.all
|
27
|
+
role_hash = {}
|
28
|
+
roles.each do |role|
|
29
|
+
role_hash[role.scope] ||= []
|
30
|
+
role_hash[role.scope] << role
|
31
|
+
end
|
32
|
+
role_hash
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module Alberich
|
2
|
+
class SessionEntity < ActiveRecord::Base
|
3
|
+
attr_accessible :entity_id, :permission_session_id, :user_id,
|
4
|
+
:entity, :user
|
5
|
+
belongs_to :user
|
6
|
+
belongs_to :entity
|
7
|
+
belongs_to :permission_session
|
8
|
+
|
9
|
+
validates_presence_of :user_id
|
10
|
+
validates_presence_of :permission_session_id
|
11
|
+
validates_presence_of :entity_id
|
12
|
+
validates_uniqueness_of :entity_id, :scope => [:user_id, :permission_session_id]
|
13
|
+
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
= form_tag({:method => :post, :action => :create}) do
|
2
|
+
%table.flat.checkbox_table{ 'data-none_selected' => "none selected", 'data-confirm' => "are you sure?" }
|
3
|
+
%thead
|
4
|
+
%tr
|
5
|
+
- @header.each do |column|
|
6
|
+
- if column[:name] == 'checkbox'
|
7
|
+
%th{:class => column[:class]}= check_box_tag :select_all, true, false, :class => 'select_all'
|
8
|
+
-else
|
9
|
+
%th{:class => column[:class]}= column[:name]
|
10
|
+
- if !@entities.any?
|
11
|
+
%tr
|
12
|
+
%td{:colspan => @header.size}= "nothing here"
|
13
|
+
- @entities.each do |entity|
|
14
|
+
%tr{:class => cycle('nostripe','stripe')}
|
15
|
+
%td
|
16
|
+
-# - selected = params[:select] == 'all'
|
17
|
+
-# = check_box_tag "entity_selected[]", entity.id, selected, :id => "entity_checkbox_#{entity.id}"
|
18
|
+
%td= link_to entity.name, main_app.url_for(entity.entity_target)
|
19
|
+
%td= select_tag "entity_role_selected[]", options_for_select([['', "#{entity.id},"]] + @roles.map {|r| [t(r.name, :scope=> :role_defs, :default => r.name), "#{entity.id},#{r.id}" ] }, :disabled => @permission_object.permissions.where(:entity_id=>entity.id).collect {|p| "#{entity.id},#{p.role.id}"}), :id => "entity_role_selected_#{entity.id}"
|
20
|
+
|
21
|
+
%fieldset.options
|
22
|
+
= hidden_field_tag :permission_object_type, @permission_object.class.name
|
23
|
+
= hidden_field_tag :permission_object_id, @permission_object.id
|
24
|
+
= hidden_field_tag :path_prefix, @path_prefix
|
25
|
+
= hidden_field_tag :use_tabs, @use_tabs
|
26
|
+
= submit_tag "Grant Access"
|
27
|
+
= link_to 'Cancel', @return_path, :class => 'button danger'
|
@@ -0,0 +1 @@
|
|
1
|
+
= render :partial => 'permissions'
|
@@ -0,0 +1,38 @@
|
|
1
|
+
- content_for :permissions_form_header do
|
2
|
+
%span{:id => ("tab-container-1-nav" unless @inline)}
|
3
|
+
- if @show_inherited
|
4
|
+
%li= link_to "Direct Access", params.merge(:show_inherited => false, :page => 1), { :class => 'button primary', :id => 'direct_permission_button'}
|
5
|
+
- else
|
6
|
+
%li= link_to "Inherited Access", params.merge(:show_inherited => true, :page => 1), { :class => 'button primary', :id => 'inherited_permission_button'}
|
7
|
+
|
8
|
+
= form_tag do
|
9
|
+
%div.controls
|
10
|
+
%ul.actions
|
11
|
+
= yield :permissions_form_header
|
12
|
+
%table.flat.checkbox_table{ 'data-none_selected' => "Please make a selection first.", 'data-confirm' => "Are you sure?" }
|
13
|
+
%thead
|
14
|
+
%tr
|
15
|
+
- @permission_list_header.each do |column|
|
16
|
+
- if column[:name] == 'checkbox'
|
17
|
+
- # checkboxes ignored for engine UI
|
18
|
+
-else
|
19
|
+
%th{:class => column[:class]}= column[:name]
|
20
|
+
- if !@permissions.any?
|
21
|
+
%tr
|
22
|
+
%td{:colspan => columns.size}= "No matching results"
|
23
|
+
- @permissions.each do |permission|
|
24
|
+
%tr{:class => cycle('nostripe','stripe')}
|
25
|
+
- if permission.permission_object.class == Alberich::BasePermissionObject
|
26
|
+
%td Global
|
27
|
+
%td
|
28
|
+
- else
|
29
|
+
%td= permission_object_type
|
30
|
+
%td= link_to permission.permission_object.name, permission.permission_object
|
31
|
+
%td= permission.role.name
|
32
|
+
- if not(@show_inherited) && check_privilege(Alberich::Privilege::PERM_SET)
|
33
|
+
%td= link_to 'Destroy', alberich.permission_path(permission), method: :delete, data: { confirm: 'Are you sure?' }
|
34
|
+
- if @show_inherited
|
35
|
+
- if permission.permission.permission_object.class == Alberich::BasePermissionObject
|
36
|
+
%td= t'permissions.global'
|
37
|
+
- else
|
38
|
+
%td= link_to permission.permission.permission_object.name, permission.permission.permission_object
|
@@ -0,0 +1,45 @@
|
|
1
|
+
- has_admin_perms = check_privilege(Alberich::Privilege::PERM_SET)
|
2
|
+
- prevent_admin_deletion = has_admin_perms && !(@show_inherited || @show_global) && (@permission_object == Alberich::BasePermissionObject.general_permission_scope) && (Alberich::BasePermissionObject.global_admin_permission_count == 1)
|
3
|
+
- content_for :permissions_form_header do
|
4
|
+
- if not(@show_inherited or @show_global) && check_privilege(Alberich::Privilege::PERM_SET)
|
5
|
+
%li= link_to "Grant Access", new_permission_path(:permission_object_type => @permission_object.class.name, :permission_object_id => @permission_object.id, :path_prefix => @path_prefix, :use_tabs => @use_tabs ? @use_tabs : (@tabs ? 'yes' : 'no')), { :class => 'button primary', :id => 'new_permission_button'}
|
6
|
+
|
7
|
+
%span{:id => ("tab-container-1-nav" unless @inline)}
|
8
|
+
- unless @permission_object == Alberich::BasePermissionObject.general_permission_scope
|
9
|
+
- if @show_inherited
|
10
|
+
%li= link_to "Direct Access", params.merge(:show_inherited => false, :show_global => false, :page => 1), { :class => 'button', :id => 'direct_permission_button'}
|
11
|
+
%li= link_to "Global Access", params.merge(:show_inherited => false, :show_global => true, :page => 1), { :class => 'button', :id => 'global_permission_button'}
|
12
|
+
- elsif @show_global
|
13
|
+
%li= link_to "Direct Accress", params.merge(:show_inherited => false, :show_global => false, :page => 1), { :class => 'button', :id => 'direct_permission_button'}
|
14
|
+
%li= link_to "Inherited Access", params.merge(:show_inherited => true, :show_global => false, :page => 1), { :class => 'button', :id => 'inherited_permission_button'}
|
15
|
+
- else
|
16
|
+
%li= link_to "Inherited Access", params.merge(:show_inherited => true, :show_global => false, :page => 1), { :class => 'button', :id => 'inherited_permission_button'}
|
17
|
+
%li= link_to "Global Access", params.merge(:show_inherited => false, :show_global => true, :page => 1), { :class => 'button', :id => 'global_permission_button'}
|
18
|
+
|
19
|
+
= form_tag do
|
20
|
+
%div.controls
|
21
|
+
%ul.actions
|
22
|
+
= yield :permissions_form_header
|
23
|
+
%table.flat.checkbox_table{ 'data-none_selected' => "Please make a selection first.", 'data-confirm' => "Are you sure?" }
|
24
|
+
%thead
|
25
|
+
%tr
|
26
|
+
- @permission_list_header.each do |column|
|
27
|
+
- if column[:name] == 'checkbox'
|
28
|
+
- # checkboxes ignored for engine UI
|
29
|
+
-else
|
30
|
+
%th{:class => column[:class]}= column[:name]
|
31
|
+
- if !@permissions.any?
|
32
|
+
%tr
|
33
|
+
%td{:colspan => columns.size}= "No matching results"
|
34
|
+
- @permissions.each do |permission|
|
35
|
+
%tr{:class => cycle('nostripe','stripe')}
|
36
|
+
%td= permission.entity.entity_target.class.model_name.human
|
37
|
+
%td= link_to permission.entity.name, main_app.url_for(permission.entity.entity_target)
|
38
|
+
%td= permission.role.name
|
39
|
+
- if !(@show_inherited || @show_global) && has_admin_perms && !(prevent_admin_deletion && Alberich::BasePermissionObject.is_global_admin_perm(permission))
|
40
|
+
%td= link_to 'Destroy', permission, method: :delete, data: { confirm: 'Are you sure?' }
|
41
|
+
- if @show_inherited
|
42
|
+
%td= permission.permission.permission_object.name
|
43
|
+
|
44
|
+
- if @permissions.respond_to?(:total_pages)
|
45
|
+
= render_pagination(@permissions)
|
@@ -0,0 +1,19 @@
|
|
1
|
+
= form_for @privilege do |f|
|
2
|
+
- if @privilege.errors.any?
|
3
|
+
#error_explanation
|
4
|
+
%h2= "#{pluralize(@privilege.errors.count, "error")} prohibited this privilege from being saved:"
|
5
|
+
%ul
|
6
|
+
- @privilege.errors.full_messages.each do |msg|
|
7
|
+
%li= msg
|
8
|
+
|
9
|
+
= f.hidden_field :role_id
|
10
|
+
.field
|
11
|
+
= f.label :target_type
|
12
|
+
.input
|
13
|
+
= f.select :target_type, @target_type_list
|
14
|
+
.field
|
15
|
+
= f.label :action
|
16
|
+
.input
|
17
|
+
= f.select :action, @action_list
|
18
|
+
.actions
|
19
|
+
= f.submit 'Save'
|
@@ -0,0 +1,17 @@
|
|
1
|
+
%table
|
2
|
+
%tr
|
3
|
+
%th Target type
|
4
|
+
%th Action
|
5
|
+
%th
|
6
|
+
%th
|
7
|
+
%th
|
8
|
+
|
9
|
+
- privileges.each do |privilege|
|
10
|
+
%tr
|
11
|
+
%td= privilege.target_type
|
12
|
+
%td= privilege.action
|
13
|
+
%td= link_to 'Show', privilege
|
14
|
+
%td= link_to 'Edit', edit_privilege_path(privilege)
|
15
|
+
%td= link_to 'Destroy', privilege, method: :delete, data: { confirm: 'Are you sure?' }
|
16
|
+
|
17
|
+
%br
|
@@ -0,0 +1,24 @@
|
|
1
|
+
= form_for(@role) do |f|
|
2
|
+
- if @role.errors.any?
|
3
|
+
%div#error_explanation
|
4
|
+
%h2= "#{pluralize(@role.errors.count, 'error')} prohibited this role from being saved:"
|
5
|
+
|
6
|
+
%ul
|
7
|
+
- @role.errors.full_messages.each do |msg|
|
8
|
+
%li= msg
|
9
|
+
%fieldset
|
10
|
+
.field
|
11
|
+
= f.label :name, :class => 'em'
|
12
|
+
.input
|
13
|
+
= f.text_field :name, :class => "em long"
|
14
|
+
.field
|
15
|
+
= f.label :scope, :class => 'em'
|
16
|
+
.input
|
17
|
+
= f.select :scope, @scope_list
|
18
|
+
.field
|
19
|
+
= f.label :assign_to_owner, :class => 'checkbox'
|
20
|
+
.input
|
21
|
+
= f.check_box :assign_to_owner
|
22
|
+
|
23
|
+
%div.actions
|
24
|
+
= f.submit
|
@@ -0,0 +1,23 @@
|
|
1
|
+
%h1=t "Listing roles"
|
2
|
+
|
3
|
+
%table
|
4
|
+
%tr
|
5
|
+
%th=t "Name"
|
6
|
+
%th=t "Scope"
|
7
|
+
%th=t "assign_to_owner"
|
8
|
+
%th
|
9
|
+
%th
|
10
|
+
%th
|
11
|
+
|
12
|
+
- @roles.each do |role|
|
13
|
+
%tr
|
14
|
+
%th= link_to role.name, role
|
15
|
+
%th= role.scope
|
16
|
+
%th= role.assign_to_owner
|
17
|
+
%th= link_to 'Show', role
|
18
|
+
%th= link_to 'Edit', edit_role_path(role)
|
19
|
+
%th= link_to 'Destroy', role, method: :delete, data: { confirm: 'Are you sure?' }, :id => "destroy_role_#{role.id}"
|
20
|
+
|
21
|
+
%br
|
22
|
+
|
23
|
+
= link_to 'New Role', new_role_path
|
@@ -0,0 +1,16 @@
|
|
1
|
+
%p#notice= notice
|
2
|
+
|
3
|
+
%h1= @role.name
|
4
|
+
|
5
|
+
%ul
|
6
|
+
%li= "Scope: #{@role.scope}"
|
7
|
+
%li= "Assign to Owner: #{@role.assign_to_owner}"
|
8
|
+
|
9
|
+
%li
|
10
|
+
%h2 Privileges
|
11
|
+
= render :partial => 'alberich/privileges/list', :locals => { :privileges => @role.privileges }
|
12
|
+
= link_to 'New Privilege', new_role_privilege_path(@role)
|
13
|
+
|
14
|
+
= link_to 'Edit', edit_role_path(@role)
|
15
|
+
|
|
16
|
+
= link_to 'Back', roles_path
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>Alberich</title>
|
5
|
+
<%= stylesheet_link_tag "alberich/application", :media => "all" %>
|
6
|
+
<%= javascript_include_tag "alberich/application" %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'haml'
|
data/config/routes.rb
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
class CreateAlberichRoles < ActiveRecord::Migration
|
2
|
+
def change
|
3
|
+
create_table :alberich_roles do |t|
|
4
|
+
t.string :name, :null => false
|
5
|
+
t.string :scope, :null => false
|
6
|
+
t.integer :lock_version, :default => 0
|
7
|
+
t.boolean :assign_to_owner, :default => false
|
8
|
+
|
9
|
+
t.timestamps
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|