biovision 0.1.210414.0 → 0.3.210504.0

data/app/controllers/admin/dynamic_pages_controller.rb

@@ -5,7 +5,7 @@ class Admin::DynamicPagesController < AdminController
   include CrudEntities
   include ToggleableEntity
 
-  before_action :set_entity, except: %i[check create index new]
+  before_action :set_entity, except: %i[check create index new search]
 
   private
 

data/app/controllers/admin/index_controller.rb

@@ -4,8 +4,14 @@
 class Admin::IndexController < AdminController
   # get /admin
   def index
-    return if Biovision::Components::BaseComponent.privileged?(current_user)
+  end
+
+  private
+
+  def restrict_access
+    role_name = "#{component_handler.slug}.admin"
+    error = t('admin.errors.unauthorized.missing_role', role: role_name)
 
-    handle_http_401
+    handle_http_401(error) unless component_handler.permit?('admin')
   end
 end

data/app/controllers/admin/navigation_groups_controller.rb

@@ -6,9 +6,40 @@ class Admin::NavigationGroupsController < AdminController
 
   before_action :set_entity, except: %i[check create index new]
 
+  # put /admin/navigation_groups/:id/dynamic_pages/:page_id
+  def add_page
+    @entity.add_dynamic_page(DynamicPage.find_by(id: params[:page_id]))
+
+    head :no_content
+  end
+
+  # delete /admin/navigation_groups/:id/dynamic_pages/:page_id
+  def remove_page
+    @entity.remove_dynamic_page(DynamicPage.find_by(id: params[:page_id]))
+
+    head :no_content
+  end
+
+  # post /admin/navigation_groups/:id/dynamic_pages/:page_id/priority
+  def page_priority
+    link = @entity.navigation_group_pages.find_by(id: params[:page_id])
+
+    if link.nil?
+      handle_http_404
+    else
+      render json: { data: link.change_priority(params[:delta].to_s.to_i) }
+    end
+  end
+
   private
 
   def component_class
     Biovision::Components::ContentComponent
   end
+
+  def action_to_role_map
+    super.merge(
+      %w[add_page page_priority remove_page] => 'navigation_groups.edit',
+    )
+  end
 end

data/app/controllers/admin/tokens_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+# Handling user tokens
+class Admin::TokensController < AdminController
+  include CrudEntities
+  include ToggleableEntity
+
+  before_action :set_entity, except: %i[check create index new search]
+
+  private
+
+  def component_class
+    Biovision::Components::UsersComponent
+  end
+end

data/app/controllers/admin/users_controller.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
-# Administrative part for handling dynamic_pages
+# Administrative part for handling users
 class Admin::UsersController < AdminController
   include Authentication
   include CrudEntities
   include ToggleableEntity
 
-  before_action :set_entity, except: %i[check create index new]
+  before_action :set_entity, except: %i[check create index new search]
 
   # post /admin/users
   def create
@@ -42,6 +42,35 @@ class Admin::UsersController < AdminController
     redirect_to my_path
   end
 
+  # get /admin/users/:id/roles
+  def roles
+    if current_user&.super_user?
+      @components = BiovisionComponent.list_for_administration
+    else
+      handle_http_401
+    end
+  end
+
+  # put /admin/users/:id/roles/:role_id
+  def add_role
+    if current_user&.super_user?
+      role = Role.find_by(id: params[:role_id])
+      @entity.add_role(role)
+    end
+
+    head :no_content
+  end
+
+  # delete /admin/users/:id/roles/:role_id
+  def remove_role
+    if current_user&.super_user?
+      role = Role.find_by(id: params[:role_id])
+      @entity.remove_role(role)
+    end
+
+    head :no_content
+  end
+
   private
 
   def component_class
@@ -55,7 +84,8 @@ class Admin::UsersController < AdminController
   end
 
   def creation_parameters
-    parameters = params.require(:user).permit(User.entity_parameters)
+    permitted = User.entity_parameters
+    parameters = params.require(:user).permit(permitted)
     parameters.merge(tracking_for_entity)
   end
 

data/app/controllers/admin_controller.rb

@@ -7,9 +7,22 @@ class AdminController < ApplicationController
   private
 
   def restrict_access
-    user_action = "#{controller_name}.default"
-    error = t('admin.errors.unauthorized.message')
+    user_action = "#{controller_name}.#{role_end_from_action}"
+    role_name = "#{component_handler.slug}.#{user_action}"
+    error = t('admin.errors.unauthorized.missing_role', role: role_name)
 
     handle_http_401(error) unless component_handler.permit?(user_action)
   end
+
+  def role_end_from_action
+    role = action_to_role_map.select { |k| k.include?(action_name) }.values.last
+    role || 'default'
+  end
+
+  def action_to_role_map
+    {
+      %w[index show search] => 'view',
+      %w[create destroy edit new priority toggle update] => 'edit'
+    }
+  end
 end

data/app/controllers/concerns/crud_entities.rb

@@ -4,13 +4,17 @@
 module CrudEntities
   extend ActiveSupport::Concern
 
+  # get [scope]/[table_name]/search?q=
+  def search
+    q = param_from_request(:q)
+    @collection = model_class.search(q).list_for_administration.page(current_page)
+  end
+
   # get [scope]/[table_name]
   def index
-    @collection = if paginate_entities?
-                    model_class.page_for_administration(current_page)
-                  else
-                    model_class.list_for_administration
-                  end
+    @filter = params[:filter]&.permit!.to_h
+    data_helper = Biovision::Helpers::DataHelper.new(model_class)
+    @collection = data_helper.administrative_collection(current_page, @filter)
   end
 
   # get [scope]/[table_name]/:id
@@ -32,7 +36,7 @@ module CrudEntities
 
   # post [scope]/[table_name]
   def create
-    @entity = model_class.new(creation_parameters)
+    @entity = component_handler.new_entity(model_class, creation_parameters)
     apply_meta if @entity.respond_to?(:meta=)
     if @entity.save
       form_processed_ok(path_after_save)
@@ -50,7 +54,7 @@ module CrudEntities
   def update
     apply_meta if @entity.respond_to?(:meta=)
 
-    if @entity.update(entity_parameters)
+    if component_handler.update_entity(@entity, entity_parameters)
       form_processed_ok(path_after_save)
     else
       form_processed_with_error(view_for_edit)
@@ -95,10 +99,6 @@ module CrudEntities
     "#{prefix}/#{model_class.table_name}"
   end
 
-  def paginate_entities?
-    model_class.respond_to?(:page_for_administration)
-  end
-
   def set_entity
     @entity = model_class.find_by(id: params[:id])
     handle_http_404("Cannot find #{model_class.model_name}") if @entity.nil?
@@ -113,7 +113,7 @@ module CrudEntities
   end
 
   def explicit_creation_parameters
-    permitted = model_class.creation_parameters(current_user)
+    permitted = model_class.creation_parameters
     parameters = params.require(model_key).permit(permitted)
     parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
     parameters.merge!(owner_for_entity) if model_class.include?(HasOwner)
@@ -121,7 +121,7 @@ module CrudEntities
   end
 
   def entity_parameters
-    permitted = model_class.entity_parameters(current_user)
+    permitted = model_class.entity_parameters
     params.require(model_key).permit(permitted)
   end
 

data/app/controllers/contact_controller.rb

@@ -27,7 +27,7 @@ class ContactController < ApplicationController
   def save_entity
     if @entity.save
       show_result
-      # FeedbackMailer.new_feedback_request(@entity.id).deliver_later
+      FeedbackMailer.new_feedback_request(@entity.id).deliver_later
     else
       redirect_to root_path
     end

data/app/helpers/biovision_components_helper.rb

@@ -6,9 +6,13 @@ module BiovisionComponentsHelper
   # @param [String] text
   # @param [Hash] options
   def admin_biovision_component_link(entity, text = nil, options = {})
-    if text.nil?
-      text = t("biovision.components.#{entity.slug}.name", default: entity.slug)
-    end
+    text ||= component_name(entity.slug)
     link_to(text, admin_component_path(slug: entity.slug), options)
   end
+
+  # @param [String|BiovisionComponent] slug
+  def component_name(slug)
+    slug = slug.respond_to?(:slug) ? slug.slug : slug
+    t("biovision.components.#{slug}.name", default: slug)
+  end
 end

data/app/lib/biovision/components/base/component_parameters.rb

@@ -9,6 +9,14 @@ module Biovision
           false
         end
 
+        def use_images?
+          false
+        end
+
+        def manage_settings?
+          use_parameters? || component.settings.any?
+        end
+
         # Receive parameter value with default
         #
         # Returns value of component's parameter or default value

data/app/lib/biovision/components/base/component_privileges.rb

@@ -5,18 +5,12 @@ module Biovision
     module Base
       # Handling component privileges
       module ComponentPrivileges
-        # @param [String|Array] privileges
-        # @deprecated use #role? or #permit?
-        def allow?(*privileges)
-          permit?(*privileges)
-        end
-
         # @param [String] action
         # @param [Object] context
         def permit?(action = 'default', context = nil)
           return false if user.nil?
 
-          parts = []
+          parts = [slug]
           model = model_from_context(context)
           parts << model.table_name if model.respond_to?(:table_name)
           parts << action
@@ -33,12 +27,12 @@ module Biovision
         # @param [String] role_name
         def role?(role_name)
           return false if user.nil?
-          return true if user.super_user? || administrator?
+          return true if user.super_user?
 
           role = Role[role_name]
           return false if role.nil?
 
-          Array(user.data['role_cache']).include?(role.id)
+          user.role_ids.include?(role.id)
         end
 
         # @param [Class|Object] context
@@ -47,18 +41,33 @@ module Biovision
           context.is_a?(Class) ? context : context.class
         end
 
-        def create_roles
-          slugs = %w[view edit]
-          model_roles = %w[list view create edit destroy]
-          model_roles.each { |role| slugs << "simple_images.#{role}" }
-          self.class.dependent_models.each do |model|
-            model_roles.each { |role| slugs << "#{model.table_name}.#{role}" }
+        def crud_table_names
+          tables = self.class.dependent_models.map(&:table_name)
+          tables << 'simple_images' if use_images?
+          tables
+        end
+
+        def role_tree
+          tree = { nil => %w[default view] }
+          tree['settings'] = %w[view edit] if use_settings?
+          crud_table_names.each do |table_name|
+            tree[table_name] = %w[view edit]
           end
+          tree
+        end
 
-          slugs.each do |slug|
-            Role.create(biovision_component: component, slug: slug)
+        def create_roles
+          role_tree.each do |prefix, postfixes|
+            postfixes.each do |postfix|
+              slug = prefix.blank? ? postfix : "#{prefix}.#{postfix}"
+              Role.create(biovision_component: component, slug: slug)
+            end
           end
         end
+
+        def administrative_parts
+          self.class.dependent_models.map(&:table_name)
+        end
       end
     end
   end

data/app/lib/biovision/components/base/component_settings.rb

@@ -17,6 +17,14 @@ module Biovision
           []
         end
 
+        def default_settings
+          {}
+        end
+
+        def reset_settings
+          BiovisionComponent[slug]&.update(settings: default_settings)
+        end
+
         # @param [Hash] data
         def normalize_settings(data)
           result = {}

data/app/lib/biovision/components/base_component.rb

@@ -64,16 +64,8 @@ module Biovision
         []
       end
 
-      # @param [User] user
-      def self.privileged?(user)
-        return false if user.nil? || user.banned?
-        return true if user.super_user?
-
-        BiovisionComponentUser.owned_by(user).each do |link|
-          return true if link.administrator? || !link.data['privileges'].blank?
-        end
-
-        false
+      def self.create
+        BiovisionComponent.create(slug: slug, settings: default_settings)
       end
 
       # @param [ApplicationRecord] entity
@@ -93,9 +85,12 @@ module Biovision
       def user=(user)
         @user = user
 
-        criteria = { biovision_component: @component, user: user }
-
-        @user_link = BiovisionComponentUser.find_by(criteria)
+        if @user.nil?
+          @user_link = nil
+        else
+          criteria = { biovision_component: @component, user: user }
+          @user_link = BiovisionComponentUser.find_by(criteria)
+        end
       end
 
       def user_link!(force_create = false)
@@ -112,12 +107,6 @@ module Biovision
         use_parameters? || @component.settings.any?
       end
 
-      def administrator?
-        return false if user.nil?
-
-        user.super_user? || @user_link&.administrator?
-      end
-
       # @param [Hash] data
       def settings=(data)
         @component.settings.merge!(self.class.normalize_settings(data))
@@ -144,10 +133,6 @@ module Biovision
         metric << quantity
       end
 
-      def privilege_handler
-        @privilege_handler ||= Base::PrivilegeHandler.new(self)
-      end
-
       # @param [User] user
       # @param [String] code_type
       # @param [Integer] quantity
@@ -169,6 +154,18 @@ module Biovision
         data[key.to_s] = new_value
         user.new_component_data(data)
       end
+
+      # @param [ApplicationRecord] entity
+      # @param [Hash] new_attributes
+      def update_entity(entity, new_attributes)
+        entity.update(new_attributes)
+      end
+
+      # @param [Class] model_class
+      # @param [Hash] parameters
+      def new_entity(model_class, parameters)
+        model_class.new(parameters)
+      end
     end
   end
 end