biovision 0.0.200518.1 → 0.12.211124.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +105 -52
- data/app/assets/images/biovision/icons/back.svg +19 -0
- data/app/assets/images/biovision/icons/create.svg +19 -0
- data/app/assets/images/biovision/icons/destroy.svg +12 -0
- data/app/assets/images/biovision/icons/dropdown.svg +3 -0
- data/app/assets/images/biovision/icons/edit.svg +22 -0
- data/app/assets/images/biovision/icons/gear.svg +11 -0
- data/app/assets/images/biovision/icons/return.svg +25 -0
- data/app/assets/images/biovision/icons/world.svg +11 -0
- data/app/assets/stylesheets/biovision/admin/components/users.scss +20 -0
- data/app/assets/stylesheets/biovision/admin/components.scss +13 -1
- data/app/assets/stylesheets/biovision/admin/layout.scss +27 -12
- data/app/assets/stylesheets/biovision/biovision.scss +105 -26
- data/app/assets/stylesheets/biovision/components/breadcrumbs.scss +13 -0
- data/app/assets/stylesheets/biovision/components/buttons.scss +130 -0
- data/app/assets/stylesheets/biovision/components/filters.scss +39 -0
- data/app/assets/stylesheets/biovision/components/forms.scss +208 -1
- data/app/assets/stylesheets/biovision/components/lists.scss +6 -7
- data/app/assets/stylesheets/biovision/{biovision → components}/messages.scss +9 -0
- data/app/assets/stylesheets/biovision/components/pagination.scss +34 -0
- data/app/assets/stylesheets/biovision/components/quick_search.scss +24 -0
- data/app/assets/stylesheets/biovision/components/simple_image.scss +112 -0
- data/app/assets/stylesheets/biovision/components/toggleable.scss +71 -0
- data/app/assets/stylesheets/biovision/components.scss +7 -0
- data/app/assets/stylesheets/biovision/default.scss +4 -4
- data/app/assets/stylesheets/biovision/themes/default_theme/components/users/dashboard.scss +4 -0
- data/app/assets/stylesheets/biovision/themes/default_theme/components/users/form_tabs.scss +101 -0
- data/app/assets/stylesheets/biovision/themes/default_theme/components/users/profile.scss +77 -0
- data/app/assets/stylesheets/biovision/themes/default_theme/components/users.scss +3 -0
- data/app/assets/stylesheets/biovision/themes/default_theme/components.scss +2 -3
- data/app/assets/stylesheets/biovision/themes/default_theme/layout/footer.scss +3 -0
- data/app/assets/stylesheets/biovision/themes/default_theme/layout/header.scss +12 -0
- data/app/assets/stylesheets/biovision/themes/default_theme/layout.scss +8 -19
- data/app/assets/stylesheets/biovision/themes/default_theme.scss +0 -1
- data/app/assets/stylesheets/biovision/vars.scss +5 -0
- data/app/controllers/admin/biovision_components_controller.rb +10 -0
- data/app/controllers/admin/components_controller.rb +37 -97
- data/app/controllers/admin/dynamic_blocks_controller.rb +15 -0
- data/app/controllers/admin/dynamic_pages_controller.rb +15 -0
- data/app/controllers/admin/index_controller.rb +8 -2
- data/app/controllers/admin/navigation_groups_controller.rb +45 -0
- data/app/controllers/admin/tokens_controller.rb +15 -0
- data/app/controllers/admin/users_controller.rb +101 -0
- data/app/controllers/admin_controller.rb +2 -8
- data/app/controllers/authentication_controller.rb +6 -34
- data/app/controllers/concerns/authentication.rb +12 -12
- data/app/controllers/concerns/component_stories.rb +22 -0
- data/app/controllers/concerns/crud_entities.rb +140 -0
- data/app/controllers/concerns/entity_priority.rb +10 -0
- data/app/controllers/concerns/my_crud_entities.rb +146 -0
- data/app/controllers/concerns/processed_forms.rb +28 -0
- data/app/controllers/concerns/restricted_access.rb +37 -0
- data/app/controllers/concerns/toggleable_entity.rb +31 -0
- data/app/controllers/contact_controller.rb +49 -0
- data/app/controllers/errors_controller.rb +37 -0
- data/app/controllers/fallback_controller.rb +12 -0
- data/app/controllers/index_controller.rb +1 -0
- data/app/controllers/legal_controller.rb +14 -0
- data/app/controllers/my/components_controller.rb +26 -0
- data/app/controllers/my/confirmations_controller.rb +44 -0
- data/app/controllers/my/index_controller.rb +7 -1
- data/app/controllers/my/profiles_controller.rb +33 -16
- data/app/controllers/oembed_controller.rb +12 -0
- data/app/controllers/profile_controller.rb +14 -0
- data/app/controllers/users_controller.rb +63 -0
- data/app/helpers/biovision_components_helper.rb +7 -3
- data/app/helpers/biovision_helper.rb +170 -0
- data/app/helpers/entity_helper.rb +77 -0
- data/app/helpers/my_helper.rb +34 -0
- data/app/helpers/simple_image_helper.rb +125 -0
- data/app/jobs/application_job.rb +7 -0
- data/app/jobs/send_phone_confirmation_job.rb +16 -0
- data/app/lib/biovision/components/base/component_parameters.rb +55 -0
- data/app/lib/biovision/components/base/component_privileges.rb +75 -0
- data/app/lib/biovision/components/base/component_settings.rb +40 -0
- data/app/lib/biovision/components/base/component_stories.rb +30 -0
- data/app/lib/biovision/components/base/entity_links.rb +38 -0
- data/app/lib/biovision/components/base/image_handling.rb +33 -0
- data/app/lib/biovision/components/base_component.rb +63 -95
- data/app/lib/biovision/components/contact_component.rb +26 -0
- data/app/lib/biovision/components/content/oembed/receiver.rb +98 -0
- data/app/lib/biovision/components/content/oembed/twitter_receiver.rb +20 -0
- data/app/lib/biovision/components/content/oembed/vimeo_receiver.rb +20 -0
- data/app/lib/biovision/components/content/oembed/youtube_receiver.rb +20 -0
- data/app/lib/biovision/components/content_component.rb +65 -0
- data/app/lib/biovision/components/track_component.rb +3 -0
- data/app/lib/biovision/components/users/authentication.rb +15 -7
- data/app/lib/biovision/components/users/codes.rb +104 -0
- data/app/lib/biovision/components/users/flag_helpers.rb +72 -0
- data/app/lib/biovision/components/users/profile_handler.rb +111 -1
- data/app/lib/biovision/components/users/registration_handler.rb +40 -52
- data/app/lib/biovision/components/users/validation.rb +83 -0
- data/app/lib/biovision/components/users_component.rb +114 -19
- data/app/lib/biovision/helpers/data_helper.rb +70 -0
- data/app/lib/biovision/helpers/export_helper.rb +97 -0
- data/app/lib/biovision/migrations/component_migration.rb +56 -0
- data/app/lib/biovision/notifiers/base_notifier.rb +2 -2
- data/app/lib/biovision/notifiers/contact_notifier.rb +15 -0
- data/app/lib/biovision/stories/component_story.rb +55 -0
- data/app/lib/canonizer.rb +38 -0
- data/app/lib/carrier_wave/image_optim.rb +32 -0
- data/app/mailers/code_sender.rb +29 -0
- data/app/mailers/feedback_mailer.rb +14 -0
- data/app/models/agent.rb +4 -0
- data/app/models/biovision_component.rb +39 -3
- data/app/models/code.rb +31 -8
- data/app/models/concerns/checkable.rb +2 -1
- data/app/models/concerns/has_simple_image.rb +9 -0
- data/app/models/concerns/has_uploaded_file.rb +26 -0
- data/app/models/concerns/meta_texts.rb +25 -5
- data/app/models/concerns/simple_tag.rb +30 -0
- data/app/models/concerns/toggleable.rb +2 -1
- data/app/models/concerns/tree_structure.rb +75 -0
- data/app/models/contact_method.rb +47 -0
- data/app/models/contact_type.rb +27 -0
- data/app/models/dynamic_block.rb +43 -0
- data/app/models/dynamic_page.rb +73 -0
- data/app/models/feedback_message.rb +65 -0
- data/app/models/feedback_response.rb +50 -0
- data/app/models/group.rb +48 -0
- data/app/models/language.rb +4 -0
- data/app/models/metric.rb +4 -0
- data/app/models/navigation_group.rb +43 -0
- data/app/models/navigation_group_page.rb +23 -0
- data/app/models/oembed_domain.rb +25 -0
- data/app/models/oembed_link.rb +19 -0
- data/app/models/oembed_receiver.rb +15 -0
- data/app/models/role.rb +86 -0
- data/app/models/role_group.rb +13 -0
- data/app/models/simple_image.rb +49 -8
- data/app/models/simple_image_tag.rb +1 -16
- data/app/models/token.rb +6 -2
- data/app/models/uploaded_file.rb +62 -0
- data/app/models/uploaded_file_tag.rb +15 -0
- data/app/models/uploaded_file_tag_file.rb +13 -0
- data/app/models/user.rb +122 -29
- data/app/models/user_group.rb +20 -0
- data/app/models/user_role.rb +18 -0
- data/app/uploaders/simple_file_uploader.rb +23 -0
- data/app/uploaders/simple_image_uploader.rb +29 -20
- data/app/uploaders/uploaders/path_slug.rb +22 -0
- data/app/views/admin/agents/index.html.erb +1 -3
- data/app/views/admin/biovision_components/_nav_item.html.erb +6 -0
- data/app/views/admin/biovision_components/entity/_in_list.html.erb +12 -0
- data/app/views/admin/biovision_components/index.html.erb +11 -0
- data/app/views/admin/components/_image.jbuilder +18 -0
- data/app/views/admin/components/_list.html.erb +1 -1
- data/app/views/admin/components/entity/_links.html.erb +31 -21
- data/app/views/admin/components/image.jbuilder +1 -0
- data/app/views/admin/components/images.jbuilder +4 -0
- data/app/views/admin/components/links/_base.html.erb +1 -0
- data/app/views/admin/components/settings/_new_parameter.html.erb +4 -2
- data/app/views/admin/components/settings/_parameters.html.erb +8 -2
- data/app/views/admin/components/settings/_settings.html.erb +4 -4
- data/app/views/admin/components/settings.html.erb +2 -1
- data/app/views/admin/components/update_privileges.jbuilder +21 -0
- data/app/views/admin/dynamic_blocks/_form.html.erb +16 -0
- data/app/views/admin/dynamic_blocks/_nav_item.html.erb +6 -0
- data/app/views/admin/dynamic_blocks/entity/_in_list.html.erb +12 -0
- data/app/views/admin/dynamic_blocks/index.html.erb +17 -0
- data/app/views/admin/dynamic_blocks/show.html.erb +25 -0
- data/app/views/admin/dynamic_pages/_dynamic_page.jbuilder +18 -0
- data/app/views/admin/dynamic_pages/_form.html.erb +21 -0
- data/app/views/admin/dynamic_pages/_nav_item.html.erb +6 -0
- data/app/views/admin/dynamic_pages/entity/_in_list.html.erb +17 -0
- data/app/views/admin/dynamic_pages/entity/_in_search.html.erb +7 -0
- data/app/views/admin/dynamic_pages/index.html.erb +17 -0
- data/app/views/admin/dynamic_pages/search.jbuilder +4 -0
- data/app/views/admin/dynamic_pages/show.html.erb +28 -0
- data/app/views/admin/index/index.html.erb +7 -5
- data/app/views/admin/ip_addresses/index.html.erb +2 -4
- data/app/views/admin/navigation_group_pages/entity/_in_list.html.erb +26 -0
- data/app/views/admin/navigation_groups/_form.html.erb +15 -0
- data/app/views/admin/navigation_groups/_nav_item.html.erb +6 -0
- data/app/views/admin/navigation_groups/entity/_dynamic_pages.html.erb +38 -0
- data/app/views/admin/navigation_groups/entity/_in_list.html.erb +14 -0
- data/app/views/admin/navigation_groups/index.html.erb +17 -0
- data/app/views/admin/navigation_groups/show.html.erb +33 -0
- data/app/views/admin/tokens/_form.html.erb +31 -0
- data/app/views/admin/tokens/_nav_item.html.erb +6 -0
- data/app/views/admin/tokens/entity/_in_list.html.erb +27 -0
- data/app/views/admin/tokens/index.html.erb +11 -0
- data/app/views/admin/tokens/show.html.erb +26 -0
- data/app/views/admin/unauthorized.html.erb +2 -5
- data/app/views/admin/users/_form.html.erb +81 -0
- data/app/views/admin/users/_nav_item.html.erb +6 -0
- data/app/views/admin/users/_user.jbuilder +18 -0
- data/app/views/admin/users/entity/_fields.html.erb +53 -0
- data/app/views/admin/users/entity/_in_list.html.erb +38 -0
- data/app/views/admin/users/entity/_in_search.html.erb +18 -0
- data/app/views/admin/users/entity/_profile.html.erb +26 -0
- data/app/views/admin/users/entity/in_list/_additional_data.html.erb +0 -0
- data/app/views/admin/users/index.html.erb +24 -0
- data/app/views/admin/users/roles/_component.html.erb +22 -0
- data/app/views/admin/users/roles.html.erb +23 -0
- data/app/views/admin/users/search.jbuilder +4 -0
- data/app/views/admin/users/show.html.erb +62 -0
- data/app/views/admin/widgets/_filters.html.erb +20 -0
- data/app/views/admin/widgets/_quick_search.html.erb +13 -0
- data/app/views/admin/widgets/filters/_flag.html.erb +15 -0
- data/app/views/admin/widgets/filters/_text.html.erb +7 -0
- data/app/views/application/forbidden.html.erb +9 -0
- data/app/views/application/forbidden.jbuilder +4 -0
- data/app/views/application/not_found.html.erb +9 -0
- data/app/views/application/not_found.jbuilder +4 -0
- data/app/views/application/unauthorized.html.erb +19 -0
- data/app/views/application/unauthorized.jbuilder +4 -0
- data/app/views/authentication/new.html.erb +2 -8
- data/app/views/components/content/_dynamic_page.html.erb +17 -0
- data/app/views/components/content/_dynamic_page_content.html.erb +14 -0
- data/app/views/components/users/_form_tabs.html.erb +31 -0
- data/app/views/components/users/_join_form.html.erb +192 -0
- data/app/views/components/users/_login_form.html.erb +46 -0
- data/app/views/components/users/form/_image.html.erb +17 -0
- data/app/views/components/users/form/_profile_data.html.erb +54 -0
- data/app/views/contact/_form.html.erb +108 -0
- data/app/views/contact/create_feedback_message.js.erb +1 -0
- data/app/views/contact/feedback.html.erb +13 -0
- data/app/views/contact/index.html.erb +16 -0
- data/app/views/errors/error.html.erb +1 -0
- data/app/views/fallback/show.html.erb +6 -0
- data/app/views/feedback_mailer/new_feedback_request.html.erb +11 -0
- data/app/views/feedback_mailer/new_feedback_request.text.erb +6 -0
- data/app/views/index/index.html.erb +14 -0
- data/app/views/layouts/admin/_footer.html.erb +1 -1
- data/app/views/layouts/admin/_header.html.erb +7 -2
- data/app/views/layouts/admin.html.erb +0 -1
- data/app/views/layouts/application/_footer.html.erb +1 -1
- data/app/views/layouts/application/header/_authentication.html.erb +4 -1
- data/app/views/legal/privacy.html.erb +5 -0
- data/app/views/legal/tos.html.erb +5 -0
- data/app/views/my/components/index.html.erb +25 -0
- data/app/views/my/components/show.html.erb +21 -0
- data/app/views/my/confirmations/show.html.erb +62 -0
- data/app/views/my/index/_cards.html.erb +15 -0
- data/app/views/my/index/_email.html.erb +14 -0
- data/app/views/my/index/_navigation.html.erb +33 -0
- data/app/views/my/index/index.html.erb +12 -0
- data/app/views/my/profiles/_form.html.erb +10 -0
- data/app/views/my/profiles/check.jbuilder +4 -0
- data/app/views/my/profiles/edit.html.erb +14 -0
- data/app/views/my/profiles/form/_basic_parameters.html.erb +9 -0
- data/app/views/my/profiles/form/_sensitive_parameters.html.erb +68 -0
- data/app/views/my/profiles/new.html.erb +6 -8
- data/app/views/my/profiles/show.html.erb +36 -0
- data/app/views/my/recoveries/show.html.erb +0 -0
- data/app/views/shared/_flash_messages.html.erb +1 -1
- data/app/views/shared/_list_of_errors.html.erb +7 -0
- data/app/views/shared/admin/_breadcrumbs.html.erb +8 -0
- data/app/views/shared/admin/_list.html.erb +10 -19
- data/app/views/shared/admin/_list_with_priority.html.erb +10 -19
- data/app/views/shared/admin/_priority.html.erb +6 -0
- data/app/views/shared/admin/_toggle.html.erb +6 -0
- data/app/views/shared/entity/_date_field.html.erb +6 -0
- data/app/views/shared/entity/_formatted_text_field.html.erb +10 -0
- data/app/views/shared/entity/_image.html.erb +31 -0
- data/app/views/shared/entity/_language.html.erb +6 -0
- data/app/views/shared/entity/_linked_entity.html.erb +6 -0
- data/app/views/shared/entity/_list.html.erb +22 -0
- data/app/views/shared/entity/_list_with_priority.html.erb +22 -0
- data/app/views/shared/entity/_meta_texts.html.erb +16 -0
- data/app/views/shared/entity/_metadata.html.erb +18 -0
- data/app/views/shared/entity/_parent.html.erb +6 -0
- data/app/views/shared/entity/_priority.html.erb +4 -0
- data/app/views/shared/entity/_priority_icons.html.erb +8 -0
- data/app/views/shared/entity/_raw_text_field.html.erb +10 -0
- data/app/views/shared/entity/_simple_image.html.erb +10 -0
- data/app/views/shared/entity/_slug.html.erb +6 -0
- data/app/views/shared/entity/_text_field.html.erb +6 -0
- data/app/views/shared/entity/_text_fields.html.erb +9 -0
- data/app/views/shared/entity/_time_field.html.erb +6 -0
- data/app/views/shared/entity/_timestamps.html.erb +13 -0
- data/app/views/shared/entity/_toggle.html.erb +12 -0
- data/app/views/shared/entity/_track.html.erb +12 -0
- data/app/views/shared/entity/_tree_caches.html.erb +19 -0
- data/app/views/shared/entity/_uuid.html.erb +4 -0
- data/app/views/shared/entity/edit.html.erb +23 -0
- data/app/views/shared/entity/new.html.erb +16 -0
- data/app/views/shared/forms/_entity_flags.html.erb +15 -0
- data/app/views/shared/forms/_field.html.erb +50 -0
- data/app/views/shared/forms/_field_with_search.html.erb +17 -0
- data/app/views/shared/forms/_fields.html.erb +3 -0
- data/app/views/shared/forms/_language.html.erb +40 -0
- data/app/views/shared/forms/_meta_texts.html.erb +27 -0
- data/app/views/shared/forms/_priority.html.erb +13 -0
- data/app/views/shared/forms/_simple_entity_link.html.erb +14 -0
- data/app/views/shared/forms/_simple_image.html.erb +47 -0
- data/app/views/shared/forms/_state_container.html.erb +7 -0
- data/app/views/shared/forms/_text_area.html.erb +25 -0
- data/app/views/shared/forms/_text_field.html.erb +24 -0
- data/app/views/shared/forms/_text_fields.html.erb +3 -0
- data/app/views/shared/forms/check.jbuilder +4 -0
- data/app/views/shared/forms/errors.jbuilder +3 -0
- data/app/views/shared/forms/simple_image/_browse.html.erb +14 -0
- data/app/views/shared/forms/simple_image/_load_image.html.erb +38 -0
- data/app/views/shared/my/_list.html.erb +10 -0
- data/app/views/shared/my/_list_with_priority.html.erb +10 -0
- data/app/views/shared/my/entity/edit.html.erb +25 -0
- data/app/views/shared/my/entity/new.html.erb +18 -0
- data/app/views/simple_images/_simple_image.jbuilder +13 -0
- data/app/views/users/_profile.html.erb +30 -0
- data/app/views/users/profile/_data.html.erb +20 -0
- data/app/views/users/show.html.erb +21 -0
- data/config/locales/biovision-ru.yml +76 -1
- data/config/locales/components-ru.yml +55 -4
- data/config/locales/contact-ru.yml +110 -0
- data/config/locales/content-ru.yml +115 -0
- data/config/locales/users-ru.yml +142 -3
- data/config/routes.rb +99 -48
- data/db/migrate/20191228000000_create_biovision_components.rb +6 -5
- data/db/migrate/20200224000000_create_track_component.rb +9 -14
- data/db/migrate/20200224000010_create_users_component.rb +14 -83
- data/db/migrate/20200404000000_create_simple_images.rb +4 -3
- data/db/migrate/20210405000000_create_acl.rb +88 -0
- data/db/migrate/20210421000000_create_content_component.rb +80 -0
- data/db/migrate/20210421000010_create_contact_component.rb +74 -0
- data/db/migrate/20210616000000_create_uploaded_files.rb +52 -0
- data/db/migrate/amends/20210816060606_create_oembed_receivers.rb +21 -0
- data/db/migrate/amends/20210907070707_add_checksum_to_simple_images.rb +13 -0
- data/lib/biovision/base_methods.rb +17 -29
- data/lib/biovision/engine.rb +8 -13
- data/lib/biovision/version.rb +1 -1
- data/lib/tasks/components.rake +51 -0
- metadata +266 -27
- data/app/assets/images/biovision/placeholders/user.svg +0 -15
- data/app/helpers/users_helper.rb +0 -11
- data/app/lib/biovision/components/component_settings.rb +0 -30
- data/app/lib/biovision/components/privilege_handler.rb +0 -77
- data/app/lib/biovision/components/users/code_handler.rb +0 -23
- data/app/models/biovision_component_user.rb +0 -21
- data/app/models/foreign_site.rb +0 -34
- data/app/models/foreign_user.rb +0 -21
- data/app/uploaders/user_image_uploader.rb +0 -58
- data/app/views/admin/components/links/_track.html.erb +0 -2
- data/app/views/admin/components/links/_users.html.erb +0 -11
- data/app/views/admin/components/privileges/_component_user.html.erb +0 -17
- data/app/views/admin/components/privileges/_links.html.erb +0 -35
- data/app/views/admin/components/privileges/_privilege_flag.html.erb +0 -28
- data/app/views/admin/components/privileges/_users.html.erb +0 -23
- data/app/views/admin/components/privileges.html.erb +0 -20
- data/app/views/authentication/_form.html.erb +0 -40
- data/app/views/authentication/failed.js.erb +0 -3
- data/app/views/my/profiles/new/_form.html.erb +0 -147
- data/app/views/shared/admin/_toggleable.html.erb +0 -8
@@ -0,0 +1,45 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Administrative part for handling navigation_groups
|
4
|
+
class Admin::NavigationGroupsController < AdminController
|
5
|
+
include CrudEntities
|
6
|
+
|
7
|
+
before_action :set_entity, except: %i[check create index new]
|
8
|
+
|
9
|
+
# put /admin/navigation_groups/:id/dynamic_pages/:page_id
|
10
|
+
def add_page
|
11
|
+
@entity.add_dynamic_page(DynamicPage.find_by(id: params[:page_id]))
|
12
|
+
|
13
|
+
head :no_content
|
14
|
+
end
|
15
|
+
|
16
|
+
# delete /admin/navigation_groups/:id/dynamic_pages/:page_id
|
17
|
+
def remove_page
|
18
|
+
@entity.remove_dynamic_page(DynamicPage.find_by(id: params[:page_id]))
|
19
|
+
|
20
|
+
head :no_content
|
21
|
+
end
|
22
|
+
|
23
|
+
# post /admin/navigation_groups/:id/dynamic_pages/:page_id/priority
|
24
|
+
def page_priority
|
25
|
+
link = @entity.navigation_group_pages.find_by(id: params[:page_id])
|
26
|
+
|
27
|
+
if link.nil?
|
28
|
+
handle_http_404
|
29
|
+
else
|
30
|
+
render json: { data: link.change_priority(params[:delta].to_s.to_i) }
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def component_class
|
37
|
+
Biovision::Components::ContentComponent
|
38
|
+
end
|
39
|
+
|
40
|
+
def action_to_role_map
|
41
|
+
super.merge(
|
42
|
+
%w[add_page page_priority remove_page] => 'navigation_groups.edit',
|
43
|
+
)
|
44
|
+
end
|
45
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Handling user tokens
|
4
|
+
class Admin::TokensController < AdminController
|
5
|
+
include CrudEntities
|
6
|
+
include ToggleableEntity
|
7
|
+
|
8
|
+
before_action :set_entity, except: %i[check create index new search]
|
9
|
+
|
10
|
+
private
|
11
|
+
|
12
|
+
def component_class
|
13
|
+
Biovision::Components::UsersComponent
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,101 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Administrative part for handling users
|
4
|
+
class Admin::UsersController < AdminController
|
5
|
+
include Authentication
|
6
|
+
include CrudEntities
|
7
|
+
include ProcessedForms
|
8
|
+
include ToggleableEntity
|
9
|
+
|
10
|
+
before_action :set_entity, except: %i[check create index new search]
|
11
|
+
|
12
|
+
# post /admin/users
|
13
|
+
def create
|
14
|
+
@entity = component_handler.create_user(entity_parameters, profile_parameters)
|
15
|
+
if @entity.persisted?
|
16
|
+
form_processed_ok(path_after_save)
|
17
|
+
else
|
18
|
+
form_processed_with_error(view_for_new)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
# patch /admin/users/:id
|
23
|
+
def update
|
24
|
+
if component_handler.update_user(@entity, entity_parameters, profile_parameters)
|
25
|
+
form_processed_ok(path_after_save)
|
26
|
+
else
|
27
|
+
form_processed_with_error(view_for_edit)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
# post /admin/users/:id/authenticate
|
32
|
+
def authenticate
|
33
|
+
if component_handler.permit?('log_in', @entity) && !@entity.super_user?
|
34
|
+
cookies['pt'] = {
|
35
|
+
value: cookies['token'],
|
36
|
+
expires: 1.year.from_now,
|
37
|
+
domain: :all,
|
38
|
+
httponly: true
|
39
|
+
}
|
40
|
+
create_token_for_user(@entity)
|
41
|
+
end
|
42
|
+
|
43
|
+
redirect_to my_path
|
44
|
+
end
|
45
|
+
|
46
|
+
# get /admin/users/:id/roles
|
47
|
+
def roles
|
48
|
+
if current_user&.super_user?
|
49
|
+
@components = BiovisionComponent.list_for_administration
|
50
|
+
else
|
51
|
+
handle_http_401
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
# put /admin/users/:id/roles/:role_id
|
56
|
+
def add_role
|
57
|
+
if current_user&.super_user?
|
58
|
+
role = Role.find_by(id: params[:role_id])
|
59
|
+
@entity.add_role(role)
|
60
|
+
end
|
61
|
+
|
62
|
+
head :no_content
|
63
|
+
end
|
64
|
+
|
65
|
+
# delete /admin/users/:id/roles/:role_id
|
66
|
+
def remove_role
|
67
|
+
if current_user&.super_user?
|
68
|
+
role = Role.find_by(id: params[:role_id])
|
69
|
+
@entity.remove_role(role)
|
70
|
+
end
|
71
|
+
|
72
|
+
head :no_content
|
73
|
+
end
|
74
|
+
|
75
|
+
private
|
76
|
+
|
77
|
+
def component_class
|
78
|
+
Biovision::Components::UsersComponent
|
79
|
+
end
|
80
|
+
|
81
|
+
def entity_parameters
|
82
|
+
excluded = @entity&.super_user? ? User.sensitive_parameters : []
|
83
|
+
permitted = User.entity_parameters - excluded
|
84
|
+
params.require(:user).permit(permitted)
|
85
|
+
end
|
86
|
+
|
87
|
+
def creation_parameters
|
88
|
+
permitted = User.entity_parameters
|
89
|
+
parameters = params.require(:user).permit(permitted)
|
90
|
+
parameters.merge(tracking_for_entity)
|
91
|
+
end
|
92
|
+
|
93
|
+
def profile_parameters
|
94
|
+
if params.key?(:profile)
|
95
|
+
list = Biovision::Components::Users::ProfileHandler.permitted_for_request
|
96
|
+
params.require(:profile).permit(list)
|
97
|
+
else
|
98
|
+
{}
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
@@ -2,13 +2,7 @@
|
|
2
2
|
|
3
3
|
# Common administrative controller
|
4
4
|
class AdminController < ApplicationController
|
5
|
-
|
6
|
-
|
7
|
-
protected
|
5
|
+
include RestrictedAccess
|
8
6
|
|
9
|
-
|
10
|
-
error = t('admin.errors.unauthorized.message')
|
11
|
-
|
12
|
-
handle_http_401(error) unless component_handler.allow?
|
13
|
-
end
|
7
|
+
before_action :restrict_access
|
14
8
|
end
|
@@ -5,7 +5,6 @@ class AuthenticationController < ApplicationController
|
|
5
5
|
include Authentication
|
6
6
|
|
7
7
|
before_action :redirect_authenticated_user, except: %i[new destroy]
|
8
|
-
before_action :set_foreign_site, only: :auth_callback
|
9
8
|
|
10
9
|
# get /login
|
11
10
|
def new
|
@@ -13,7 +12,9 @@ class AuthenticationController < ApplicationController
|
|
13
12
|
|
14
13
|
# post /login
|
15
14
|
def create
|
16
|
-
|
15
|
+
user = User[param_from_request(:login).downcase]
|
16
|
+
|
17
|
+
handler = Biovision::Components::UsersComponent[user]
|
17
18
|
if handler.authenticate(params[:password], tracking_for_entity)
|
18
19
|
auth_success(handler.user)
|
19
20
|
else
|
@@ -28,52 +29,23 @@ class AuthenticationController < ApplicationController
|
|
28
29
|
redirect_to root_path
|
29
30
|
end
|
30
31
|
|
31
|
-
# get /auth/:provider/callback
|
32
|
-
def auth_callback
|
33
|
-
data = request.env['omniauth.auth']
|
34
|
-
user = @foreign_site.authenticate(data, tracking_for_entity)
|
35
|
-
create_token_for_user(user) unless user.banned?
|
36
|
-
|
37
|
-
redirect_to my_path
|
38
|
-
end
|
39
|
-
|
40
32
|
private
|
41
33
|
|
42
34
|
def component_class
|
43
35
|
Biovision::Components::UsersComponent
|
44
36
|
end
|
45
37
|
|
46
|
-
def set_foreign_site
|
47
|
-
@foreign_site = ForeignSite[params[:provider]]
|
48
|
-
|
49
|
-
handle_http_503('Cannot set foreign site') if @foreign_site.nil?
|
50
|
-
end
|
51
|
-
|
52
|
-
def find_user
|
53
|
-
login = param_from_request(:login).downcase
|
54
|
-
user = User.find_by(slug: login)
|
55
|
-
|
56
|
-
# Try to authenticate by email, if login does not match anything
|
57
|
-
if user.nil? && login.index('@').to_i.positive?
|
58
|
-
user = User.with_email(login).first
|
59
|
-
end
|
60
|
-
|
61
|
-
user
|
62
|
-
end
|
63
|
-
|
64
38
|
# @param [User] user
|
65
39
|
def auth_success(user)
|
66
40
|
create_token_for_user(user)
|
67
41
|
|
68
42
|
from = param_from_request(:from)
|
69
43
|
next_page = from =~ %r{\A/[^/]} ? from : my_path
|
70
|
-
render
|
44
|
+
render json: { links: { next: next_page } }
|
71
45
|
end
|
72
46
|
|
73
47
|
def auth_failed
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
render 'failed', formats: :js
|
48
|
+
response = { errors: [{ title: t('authentication.create.failed') }] }
|
49
|
+
render json: response, status: :unauthorized
|
78
50
|
end
|
79
51
|
end
|
@@ -15,12 +15,7 @@ module Authentication
|
|
15
15
|
|
16
16
|
token = user.tokens.create!(tracking_for_entity)
|
17
17
|
|
18
|
-
cookies['token'] =
|
19
|
-
value: token.cookie_pair,
|
20
|
-
expires: 1.year.from_now,
|
21
|
-
domain: :all,
|
22
|
-
httponly: true
|
23
|
-
}
|
18
|
+
cookies['token'] = cookie_data(token.cookie_pair)
|
24
19
|
end
|
25
20
|
|
26
21
|
def deactivate_token
|
@@ -31,15 +26,20 @@ module Authentication
|
|
31
26
|
|
32
27
|
def pop_token
|
33
28
|
if cookies['pt']
|
34
|
-
cookies['token'] =
|
35
|
-
value: cookies['pt'],
|
36
|
-
expires: 1.year.from_now,
|
37
|
-
domain: :all,
|
38
|
-
httponly: true
|
39
|
-
}
|
29
|
+
cookies['token'] = cookie_data(cookies['pt'])
|
40
30
|
cookies.delete 'pt', domain: :all
|
41
31
|
else
|
42
32
|
cookies.delete 'token', domain: :all
|
43
33
|
end
|
44
34
|
end
|
35
|
+
|
36
|
+
# @param [String] value
|
37
|
+
def cookie_data(value)
|
38
|
+
{
|
39
|
+
value: value,
|
40
|
+
expires: 1.year.from_now,
|
41
|
+
domain: :all,
|
42
|
+
httponly: true
|
43
|
+
}
|
44
|
+
end
|
45
45
|
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Adds method for working with component stories
|
4
|
+
module ComponentStories
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
# Perform story
|
8
|
+
#
|
9
|
+
# Parameters:
|
10
|
+
# slug: story slug app/lib/biovision/components/.../stories/<slug>_story.rb
|
11
|
+
# entity_id: optional parameter for setting entity context
|
12
|
+
#
|
13
|
+
# post [...]/stories/:slug
|
14
|
+
def story
|
15
|
+
story_parameters = params[:parameters]&.permit!.to_h
|
16
|
+
entity_id = param_from_request(:entity_id)
|
17
|
+
story_handler = component_handler.story(params[:slug], entity_id)
|
18
|
+
result = story_handler.perform(story_parameters)
|
19
|
+
|
20
|
+
render json: { meta: { result: result } }
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,140 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Adds method for CRUD
|
4
|
+
module CrudEntities
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
include ProcessedForms
|
7
|
+
|
8
|
+
# get [scope]/[table_name]/search?q=
|
9
|
+
def search
|
10
|
+
q = param_from_request(:q)
|
11
|
+
@collection = model_class.search(q).list_for_administration.page(current_page)
|
12
|
+
end
|
13
|
+
|
14
|
+
# get [scope]/[table_name]
|
15
|
+
def index
|
16
|
+
@filter = params[:filter]&.permit!.to_h
|
17
|
+
data_helper = Biovision::Helpers::DataHelper.new(model_class, @filter)
|
18
|
+
@collection = data_helper.administrative_collection(current_page)
|
19
|
+
end
|
20
|
+
|
21
|
+
# get [scope]/[table_name]/:id
|
22
|
+
def show
|
23
|
+
end
|
24
|
+
|
25
|
+
# post [scope]/[table_name]/check
|
26
|
+
def check
|
27
|
+
@entity = model_class.instance_for_check(params[:entity_id], entity_parameters)
|
28
|
+
|
29
|
+
render 'shared/forms/check'
|
30
|
+
end
|
31
|
+
|
32
|
+
# get [scope]/[table_name]/new
|
33
|
+
def new
|
34
|
+
@entity = model_class.new
|
35
|
+
render view_for_new
|
36
|
+
end
|
37
|
+
|
38
|
+
# post [scope]/[table_name]
|
39
|
+
def create
|
40
|
+
@entity = component_handler.new_entity(model_class, creation_parameters)
|
41
|
+
apply_meta if @entity.respond_to?(:meta=)
|
42
|
+
if @entity.save
|
43
|
+
form_processed_ok(path_after_save)
|
44
|
+
else
|
45
|
+
form_processed_with_error(view_for_new)
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
# get [scope]/[table_name]/:id/edit
|
50
|
+
def edit
|
51
|
+
render view_for_edit
|
52
|
+
end
|
53
|
+
|
54
|
+
# patch [scope]/[table_name]/:id
|
55
|
+
def update
|
56
|
+
apply_meta if @entity.respond_to?(:meta=)
|
57
|
+
|
58
|
+
if component_handler.update_entity(@entity, entity_parameters)
|
59
|
+
form_processed_ok(path_after_save)
|
60
|
+
else
|
61
|
+
form_processed_with_error(view_for_edit)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
# delete [scope]/[table_name]/:id
|
66
|
+
def destroy
|
67
|
+
flash[:notice] = t('.success') if @entity.destroy
|
68
|
+
redirect_to path_after_destroy
|
69
|
+
end
|
70
|
+
|
71
|
+
private
|
72
|
+
|
73
|
+
def view_for_new
|
74
|
+
default_view = "#{controller_path}/new"
|
75
|
+
lookup_context.exists?(default_view) ? default_view : 'shared/entity/new'
|
76
|
+
end
|
77
|
+
|
78
|
+
def view_for_edit
|
79
|
+
default_view = "#{controller_path}/edit"
|
80
|
+
lookup_context.exists?(default_view) ? default_view : 'shared/entity/edit'
|
81
|
+
end
|
82
|
+
|
83
|
+
def model_class
|
84
|
+
@model_class ||= controller_name.classify.constantize
|
85
|
+
end
|
86
|
+
|
87
|
+
def model_key
|
88
|
+
model_class.model_name.to_s.underscore
|
89
|
+
end
|
90
|
+
|
91
|
+
def path_after_save
|
92
|
+
scope = self.class.module_parent.to_s.downcase
|
93
|
+
prefix = scope.blank? ? '' : "/#{scope}"
|
94
|
+
"#{prefix}/#{model_class.table_name}/#{@entity.id}"
|
95
|
+
end
|
96
|
+
|
97
|
+
def path_after_destroy
|
98
|
+
scope = self.class.module_parent.to_s.downcase
|
99
|
+
prefix = scope.blank? ? '' : "/#{scope}"
|
100
|
+
"#{prefix}/#{model_class.table_name}"
|
101
|
+
end
|
102
|
+
|
103
|
+
def set_entity
|
104
|
+
@entity = model_class.find_by(id: params[:id])
|
105
|
+
handle_http_404("Cannot find #{model_class.model_name}") if @entity.nil?
|
106
|
+
end
|
107
|
+
|
108
|
+
def creation_parameters
|
109
|
+
if model_class.respond_to?(:creation_parameters)
|
110
|
+
explicit_creation_parameters
|
111
|
+
else
|
112
|
+
implicit_creation_parameters
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
def explicit_creation_parameters
|
117
|
+
permitted = model_class.creation_parameters
|
118
|
+
parameters = params.require(model_key).permit(permitted)
|
119
|
+
parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
|
120
|
+
parameters.merge!(owner_for_entity) if model_class.include?(HasOwner)
|
121
|
+
parameters
|
122
|
+
end
|
123
|
+
|
124
|
+
def implicit_creation_parameters
|
125
|
+
parameters = entity_parameters
|
126
|
+
parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
|
127
|
+
parameters.merge!(owner_for_entity) if model_class.include?(HasOwner)
|
128
|
+
parameters
|
129
|
+
end
|
130
|
+
|
131
|
+
def entity_parameters
|
132
|
+
permitted = model_class.entity_parameters
|
133
|
+
params.require(model_key).permit(permitted)
|
134
|
+
end
|
135
|
+
|
136
|
+
def apply_meta
|
137
|
+
new_data = params[:meta]&.permit!.to_h
|
138
|
+
@entity.meta = new_data
|
139
|
+
end
|
140
|
+
end
|
@@ -0,0 +1,146 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Adds methods for CRUD in My namespace
|
4
|
+
module MyCrudEntities
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
included ProcessedForms
|
7
|
+
|
8
|
+
# get [scope]/[table_name]/search?q=
|
9
|
+
def search
|
10
|
+
q = param_from_request(:q)
|
11
|
+
@collection = model_class.search(q).list_for_owner(current_user).page(current_page)
|
12
|
+
end
|
13
|
+
|
14
|
+
# get [scope]/[table_name]
|
15
|
+
def index
|
16
|
+
@filter = params[:filter]&.permit!.to_h
|
17
|
+
data_helper = Biovision::Helpers::DataHelper.new(model_class, @filter)
|
18
|
+
@collection = data_helper.personal_collection(current_user, current_page)
|
19
|
+
end
|
20
|
+
|
21
|
+
# get [scope]/[table_name]/:id
|
22
|
+
def show
|
23
|
+
end
|
24
|
+
|
25
|
+
# post [scope]/[table_name]/check
|
26
|
+
def check
|
27
|
+
@entity = model_class.instance_for_check(params[:entity_id], entity_parameters)
|
28
|
+
|
29
|
+
render 'shared/forms/check'
|
30
|
+
end
|
31
|
+
|
32
|
+
# get [scope]/[table_name]/new
|
33
|
+
def new
|
34
|
+
@entity = model_class.new
|
35
|
+
render view_for_new
|
36
|
+
end
|
37
|
+
|
38
|
+
# post [scope]/[table_name]
|
39
|
+
def create
|
40
|
+
@entity = component_handler.new_entity(model_class, creation_parameters)
|
41
|
+
apply_meta if @entity.respond_to?(:meta=)
|
42
|
+
if @entity.save
|
43
|
+
form_processed_ok(path_after_save)
|
44
|
+
else
|
45
|
+
form_processed_with_error(view_for_new)
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
# get [scope]/[table_name]/:id/edit
|
50
|
+
def edit
|
51
|
+
render view_for_edit
|
52
|
+
end
|
53
|
+
|
54
|
+
# patch [scope]/[table_name]/:id
|
55
|
+
def update
|
56
|
+
apply_meta if @entity.respond_to?(:meta=)
|
57
|
+
|
58
|
+
if component_handler.update_entity(@entity, entity_parameters)
|
59
|
+
form_processed_ok(path_after_save)
|
60
|
+
else
|
61
|
+
form_processed_with_error(view_for_edit)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
# delete [scope]/[table_name]/:id
|
66
|
+
def destroy
|
67
|
+
flash[:notice] = t('.success') if @entity.destroy
|
68
|
+
redirect_to path_after_destroy
|
69
|
+
end
|
70
|
+
|
71
|
+
private
|
72
|
+
|
73
|
+
def view_for_new
|
74
|
+
default_view = "#{controller_path}/new"
|
75
|
+
lookup_context.exists?(default_view) ? default_view : 'shared/my/entity/new'
|
76
|
+
end
|
77
|
+
|
78
|
+
def view_for_edit
|
79
|
+
default_view = "#{controller_path}/edit"
|
80
|
+
lookup_context.exists?(default_view) ? default_view : 'shared/my/entity/edit'
|
81
|
+
end
|
82
|
+
|
83
|
+
def model_class
|
84
|
+
@model_class ||= controller_name.classify.constantize
|
85
|
+
end
|
86
|
+
|
87
|
+
def model_key
|
88
|
+
model_class.model_name.to_s.underscore
|
89
|
+
end
|
90
|
+
|
91
|
+
def path_after_save
|
92
|
+
if @entity.respond_to?(:my_url)
|
93
|
+
@entity.my_url
|
94
|
+
else
|
95
|
+
scope = self.class.module_parent.to_s.downcase
|
96
|
+
prefix = scope.blank? ? '' : "/#{scope}"
|
97
|
+
key = model_class.column_names.include?('uuid') ? @entity.uuid : @entity.id
|
98
|
+
"#{prefix}/#{model_class.table_name}/#{key}"
|
99
|
+
end
|
100
|
+
end
|
101
|
+
|
102
|
+
def path_after_destroy
|
103
|
+
scope = self.class.module_parent.to_s.downcase
|
104
|
+
prefix = scope.blank? ? '' : "/#{scope}"
|
105
|
+
"#{prefix}/#{model_class.table_name}"
|
106
|
+
end
|
107
|
+
|
108
|
+
def set_entity
|
109
|
+
id = params[:id].to_s
|
110
|
+
has_uuid = model_class.column_names.include?('uuid')
|
111
|
+
key = id.include?('-') && has_uuid ? :uuid : :id
|
112
|
+
@entity = model_class.owned_by(current_user).find_by(key => params[:id])
|
113
|
+
handle_http_404("Cannot find #{model_class.model_name}") if @entity.nil?
|
114
|
+
end
|
115
|
+
|
116
|
+
def creation_parameters
|
117
|
+
if model_class.respond_to?(:creation_parameters)
|
118
|
+
explicit_creation_parameters
|
119
|
+
else
|
120
|
+
implicit_creation_parameters
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
124
|
+
def explicit_creation_parameters
|
125
|
+
permitted = model_class.creation_parameters
|
126
|
+
parameters = params.require(model_key).permit(permitted)
|
127
|
+
parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
|
128
|
+
parameters.merge(owner_for_entity)
|
129
|
+
end
|
130
|
+
|
131
|
+
def implicit_creation_parameters
|
132
|
+
parameters = entity_parameters
|
133
|
+
parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
|
134
|
+
parameters.merge(owner_for_entity)
|
135
|
+
end
|
136
|
+
|
137
|
+
def entity_parameters
|
138
|
+
permitted = model_class.entity_parameters
|
139
|
+
params.require(model_key).permit(permitted)
|
140
|
+
end
|
141
|
+
|
142
|
+
def apply_meta
|
143
|
+
new_data = params[:meta].permit!
|
144
|
+
@entity.meta = new_data
|
145
|
+
end
|
146
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Adds method for redirects after processed forms
|
4
|
+
module ProcessedForms
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
private
|
8
|
+
|
9
|
+
# @param [String] next_page
|
10
|
+
def form_processed_ok(next_page)
|
11
|
+
respond_to do |format|
|
12
|
+
format.js { render(js: "document.location.href = '#{next_page}'") }
|
13
|
+
format.json { render(json: { links: { next: next_page } }) }
|
14
|
+
format.html { redirect_to(next_page) }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
# @param [Symbol|String] view_to_render
|
19
|
+
# @param [Array] errors
|
20
|
+
def form_processed_with_error(view_to_render, errors = [])
|
21
|
+
@errors = errors
|
22
|
+
respond_to do |format|
|
23
|
+
format.js { render('shared/forms/errors', status: :bad_request) }
|
24
|
+
format.json { render('shared/forms/errors', status: :bad_request) }
|
25
|
+
format.html { render(view_to_render, status: :bad_request) }
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Adds method for restricting access
|
4
|
+
module RestrictedAccess
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
private
|
8
|
+
|
9
|
+
# Restrict access for anonymous users
|
10
|
+
def restrict_anonymous_access
|
11
|
+
return unless current_user.nil?
|
12
|
+
|
13
|
+
handle_http_401(t('application.errors.restricted_access'))
|
14
|
+
end
|
15
|
+
|
16
|
+
def restrict_access
|
17
|
+
user_action = role_end_from_action
|
18
|
+
role_name = "#{component_handler.slug}.#{user_action}"
|
19
|
+
error = t('admin.errors.unauthorized.missing_role', role: role_name)
|
20
|
+
|
21
|
+
handle_http_401(error) unless component_handler.permit?(user_action)
|
22
|
+
end
|
23
|
+
|
24
|
+
def role_end_from_action
|
25
|
+
role = action_to_role_map.select { |k| k.include?(action_name) }.values.last
|
26
|
+
role || 'default'
|
27
|
+
end
|
28
|
+
|
29
|
+
def action_to_role_map
|
30
|
+
view = %w[index show search]
|
31
|
+
edit = %w[create destroy edit new priority toggle update]
|
32
|
+
{
|
33
|
+
view => "#{controller_name}.view",
|
34
|
+
edit => "#{controller_name}.edit"
|
35
|
+
}
|
36
|
+
end
|
37
|
+
end
|