cbac 0.6.2 → 0.6.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (71) hide show
  1. data/Manifest +71 -70
  2. data/README.rdoc +51 -51
  3. data/Rakefile +39 -39
  4. data/cbac.gemspec +30 -30
  5. data/config/cbac/context_roles.rb +21 -21
  6. data/config/cbac/privileges.rb +50 -50
  7. data/context_roles.rb +21 -21
  8. data/init.rb +3 -3
  9. data/lib/cbac.rb +132 -132
  10. data/lib/cbac/cbac_pristine/pristine.rb +138 -138
  11. data/lib/cbac/cbac_pristine/pristine_file.rb +179 -173
  12. data/lib/cbac/cbac_pristine/pristine_permission.rb +205 -205
  13. data/lib/cbac/cbac_pristine/pristine_role.rb +43 -42
  14. data/lib/cbac/config.rb +9 -9
  15. data/lib/cbac/context_role.rb +27 -27
  16. data/lib/cbac/generic_role.rb +7 -6
  17. data/lib/cbac/known_permission.rb +15 -14
  18. data/lib/cbac/membership.rb +3 -3
  19. data/lib/cbac/permission.rb +5 -5
  20. data/lib/cbac/privilege.rb +117 -117
  21. data/lib/cbac/privilege_new_api.rb +56 -56
  22. data/lib/cbac/privilege_set.rb +29 -29
  23. data/lib/cbac/privilege_set_record.rb +6 -6
  24. data/lib/cbac/setup.rb +37 -37
  25. data/lib/generators/cbac/USAGE +33 -33
  26. data/lib/generators/cbac/cbac_generator.rb +75 -75
  27. data/lib/generators/cbac/copy_files/config/cbac.pristine +2 -2
  28. data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -17
  29. data/lib/generators/cbac/copy_files/config/privileges.rb +25 -25
  30. data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +30 -30
  31. data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +22 -22
  32. data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +61 -61
  33. data/lib/generators/cbac/copy_files/controllers/upgrade_controller.rb +23 -23
  34. data/lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml +9 -9
  35. data/lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml +8 -8
  36. data/lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml +8 -8
  37. data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +4 -4
  38. data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +59 -59
  39. data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +40 -40
  40. data/lib/generators/cbac/copy_files/stylesheets/cbac.css +65 -65
  41. data/lib/generators/cbac/copy_files/tasks/cbac.rake +345 -345
  42. data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +58 -58
  43. data/lib/generators/cbac/copy_files/views/layouts/cbac.html.erb +18 -18
  44. data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +11 -11
  45. data/lib/generators/cbac/copy_files/views/memberships/index.html.erb +23 -23
  46. data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +11 -11
  47. data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +11 -11
  48. data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +39 -39
  49. data/lib/generators/cbac/copy_files/views/upgrade/index.html.erb +31 -31
  50. data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +16 -16
  51. data/privileges.rb +50 -50
  52. data/spec/cbac_pristine_file_spec.rb +329 -329
  53. data/spec/cbac_pristine_permission_spec.rb +358 -358
  54. data/spec/cbac_pristine_role_spec.rb +85 -85
  55. data/spec/rcov.opts +1 -1
  56. data/spec/spec.opts +4 -4
  57. data/spec/spec_helper.rb +11 -11
  58. data/tasks/cbac.rake +345 -345
  59. data/test/db/test.sqlite3 +0 -0
  60. data/test/fixtures/cbac_generic_roles.yml +9 -9
  61. data/test/fixtures/cbac_memberships.yml +8 -8
  62. data/test/fixtures/cbac_permissions.yml +14 -14
  63. data/test/fixtures/cbac_privilege_set.yml +18 -18
  64. data/test/test_cbac_actions.rb +71 -71
  65. data/test/test_cbac_authorize_context_roles.rb +39 -39
  66. data/test/test_cbac_authorize_generic_roles.rb +36 -36
  67. data/test/test_cbac_context_role.rb +50 -50
  68. data/test/test_cbac_privilege.rb +151 -151
  69. data/test/test_cbac_privilege_set.rb +50 -50
  70. data/test/test_helper.rb +28 -28
  71. metadata +33 -49
@@ -1,59 +1,59 @@
1
- <div class="cbac">
2
- <h1>Generic roles</h1>
3
- <table>
4
- <tr>
5
- <th class="medium">Name</th>
6
- <th class="large">Remarks</th>
7
- <th class="small">&nbsp;</th>
8
- </tr>
9
-
10
- <% Cbac::GenericRole.find(:all).each do |role| %>
11
- <tr class="row">
12
- <% form_for role do |r| %>
13
- <td class="medium"><%= r.text_field :name %></td>
14
- <td class="large"><%= r.text_field :remarks, :rows => 1 %></td>
15
- <td class="small"><%= r.submit "OK" %></td>
16
- <% end %>
17
- </tr>
18
- <% end%>
19
- </table>
20
-
21
- <div class="linebreak"></div>
22
-
23
- <table>
24
- <% form_for(Cbac::GenericRole.new) do |new_role| %>
25
- <tr class="row">
26
- <th colspan="2">New generic role</th>
27
- </tr>
28
- <tr class="row">
29
- <td class="medium">Name</td>
30
- <td class="medium"><%= new_role.text_field :name %></td>
31
- </tr>
32
- <tr class="row">
33
- <td class="medium">Remarks</td>
34
- <td class="large"><%= new_role.text_field :remarks %></td>
35
- </tr>
36
- <tr class="row">
37
- <td colspan="2" class="submit"><%= new_role.submit "Create" %></td>
38
- </tr>
39
- <% end %>
40
- </table>
41
-
42
- <div class="linebreak"></div>
43
-
44
- <table>
45
- <% form_tag(:controller => "cbac/generic_roles", :action => "delete") do |f| %>
46
- <tr>
47
- <th colspan="2">Delete generic role</th>
48
- </tr>
49
- <tr>
50
- <td class="medium">Select role</td>
51
- <td class="medium"><%= select_tag "id", Cbac::GenericRole.find(:all).collect{|role|"<option value='#{role.id}'>#{role.name}</option>"} %>
52
- </td>
53
- </tr>
54
- <tr>
55
- <td colspan="2" class="submit"><%= submit_tag "Delete" %></td>
56
- </tr>
57
- <% end %>
58
- </table>
1
+ <div class="cbac">
2
+ <h1>Generic roles</h1>
3
+ <table>
4
+ <tr>
5
+ <th class="medium">Name</th>
6
+ <th class="large">Remarks</th>
7
+ <th class="small">&nbsp;</th>
8
+ </tr>
9
+
10
+ <% Cbac::GenericRole.find(:all).each do |role| %>
11
+ <tr class="row">
12
+ <% form_for role do |r| %>
13
+ <td class="medium"><%= r.text_field :name %></td>
14
+ <td class="large"><%= r.text_field :remarks, :rows => 1 %></td>
15
+ <td class="small"><%= r.submit "OK" %></td>
16
+ <% end %>
17
+ </tr>
18
+ <% end%>
19
+ </table>
20
+
21
+ <div class="linebreak"></div>
22
+
23
+ <table>
24
+ <% form_for(Cbac::GenericRole.new) do |new_role| %>
25
+ <tr class="row">
26
+ <th colspan="2">New generic role</th>
27
+ </tr>
28
+ <tr class="row">
29
+ <td class="medium">Name</td>
30
+ <td class="medium"><%= new_role.text_field :name %></td>
31
+ </tr>
32
+ <tr class="row">
33
+ <td class="medium">Remarks</td>
34
+ <td class="large"><%= new_role.text_field :remarks %></td>
35
+ </tr>
36
+ <tr class="row">
37
+ <td colspan="2" class="submit"><%= new_role.submit "Create" %></td>
38
+ </tr>
39
+ <% end %>
40
+ </table>
41
+
42
+ <div class="linebreak"></div>
43
+
44
+ <table>
45
+ <% form_tag(:controller => "cbac/generic_roles", :action => "delete") do |f| %>
46
+ <tr>
47
+ <th colspan="2">Delete generic role</th>
48
+ </tr>
49
+ <tr>
50
+ <td class="medium">Select role</td>
51
+ <td class="medium"><%= select_tag "id", Cbac::GenericRole.find(:all).collect{|role|"<option value='#{role.id}'>#{role.name}</option>"} %>
52
+ </td>
53
+ </tr>
54
+ <tr>
55
+ <td colspan="2" class="submit"><%= submit_tag "Delete" %></td>
56
+ </tr>
57
+ <% end %>
58
+ </table>
59
59
  </div>
@@ -1,18 +1,18 @@
1
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3
-
4
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5
- <head>
6
- <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
7
- <title>Context Based Access Control</title>
8
- <%= javascript_include_tag :defaults %>
9
- <%= stylesheet_link_tag "cbac" %>
10
- </head>
11
- <body>
12
- <%= link_to "Permissions", cbac_permissions_path %>
13
- <%= link_to "Generic roles", cbac_generic_roles_path %>
14
- <%= link_to "Memberships", cbac_memberships_path %>
15
- <%= link_to "Upgrade", cbac_upgrade_path %>
16
- <%= yield %>
17
- </body>
18
- </html>
1
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3
+
4
+ <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5
+ <head>
6
+ <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
7
+ <title>Context Based Access Control</title>
8
+ <%= javascript_include_tag :defaults %>
9
+ <%= stylesheet_link_tag "cbac" %>
10
+ </head>
11
+ <body>
12
+ <%= link_to "Permissions", cbac_permissions_path %>
13
+ <%= link_to "Generic roles", cbac_generic_roles_path %>
14
+ <%= link_to "Memberships", cbac_memberships_path %>
15
+ <%= link_to "Upgrade", cbac_upgrade_path %>
16
+ <%= yield %>
17
+ </body>
18
+ </html>
@@ -1,12 +1,12 @@
1
- <% update_name = generic_role.id.to_s + "__" + user_id.to_s %>
2
- <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
- <% form_for "/cbac/memberships/update", :remote => true, :url => {:controller => "cbac/memberships", :action => "update"},
4
- :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
- :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
- <%= hidden_field_tag "generic_role_id" + update_name, generic_role.id.to_s, :name => "generic_role_id" %>
7
- <%= hidden_field_tag "user_id" + update_name, user_id.to_s, :name => "user_id" %>
8
- <%= check_box_tag "member" + update_name, "1",
9
- (Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", generic_role.id.to_s, user_id.to_s]).length > 0),
10
- {:onclick => "this.form.onsubmit();", :name => "member"}%>
11
- <% end %>
1
+ <% update_name = generic_role.id.to_s + "__" + user_id.to_s %>
2
+ <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
+ <% form_for "/cbac/memberships/update", :remote => true, :url => {:controller => "cbac/memberships", :action => "update"},
4
+ :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
+ :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
+ <%= hidden_field_tag "generic_role_id" + update_name, generic_role.id.to_s, :name => "generic_role_id" %>
7
+ <%= hidden_field_tag "user_id" + update_name, user_id.to_s, :name => "user_id" %>
8
+ <%= check_box_tag "member" + update_name, "1",
9
+ (Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", generic_role.id.to_s, user_id.to_s]).length > 0),
10
+ {:onclick => "this.form.onsubmit();", :name => "member"}%>
11
+ <% end %>
12
12
  <% unless update_partial %></div><% end %>
@@ -1,23 +1,23 @@
1
- <div class="cbac">
2
- <h1>Memberships</h1>
3
- <table>
4
- <tr>
5
- <th class="medium">Users</th>
6
- <% @generic_roles.each do |role| %>
7
- <th><%= role.name %></th>
8
- <% end %>
9
- </tr>
10
- <% (@users.sort do |x,y| x.name.downcase <=> y.name.downcase end).each do |u| %>
11
- <tr>
12
- <%- # TODO: documentation must contain something on users having the 'name' method/ field %>
13
- <td><%= u.name %></td>
14
- <% @generic_roles.each do |generic_role| %>
15
- <td class="checked">
16
- <%= render :partial => "cbac/memberships/update.html", :locals => {:generic_role => generic_role,
17
- :user_id => u.id.to_s,:update_partial => false} %>
18
- </td>
19
- <% end %>
20
- </tr>
21
- <% end %>
22
- </table>
23
- </div>
1
+ <div class="cbac">
2
+ <h1>Memberships</h1>
3
+ <table>
4
+ <tr>
5
+ <th class="medium">Users</th>
6
+ <% @generic_roles.each do |role| %>
7
+ <th><%= role.name %></th>
8
+ <% end %>
9
+ </tr>
10
+ <% (@users.sort do |x,y| x.name.downcase <=> y.name.downcase end).each do |u| %>
11
+ <tr>
12
+ <%- # TODO: documentation must contain something on users having the 'name' method/ field %>
13
+ <td><%= u.name %></td>
14
+ <% @generic_roles.each do |generic_role| %>
15
+ <td class="checked">
16
+ <%= render :partial => "cbac/memberships/update.html", :locals => {:generic_role => generic_role,
17
+ :user_id => u.id.to_s,:update_partial => false} %>
18
+ </td>
19
+ <% end %>
20
+ </tr>
21
+ <% end %>
22
+ </table>
23
+ </div>
@@ -1,12 +1,12 @@
1
- <% update_name = "cr__" + context_role.to_s + "__" + set_id.to_s %>
2
- <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
- <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
- :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
- :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
- <%= hidden_field_tag "context_role" + update_name, context_role.to_s, :name => "context_role" %>
7
- <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
- <%= check_box_tag "permission" + update_name, "1",
9
- (Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", context_role.to_s, set_id.to_s]).length > 0),
10
- {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
- <% end %>
1
+ <% update_name = "cr__" + context_role.to_s + "__" + set_id.to_s %>
2
+ <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
+ <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
+ :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
+ :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
+ <%= hidden_field_tag "context_role" + update_name, context_role.to_s, :name => "context_role" %>
7
+ <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
+ <%= check_box_tag "permission" + update_name, "1",
9
+ (Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", context_role.to_s, set_id.to_s]).length > 0),
10
+ {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
+ <% end %>
12
12
  <% unless update_partial %></div><% end %>
@@ -1,12 +1,12 @@
1
- <% update_name = "gr__" + role.id.to_s + "__" + set_id.to_s %>
2
- <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
- <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
- :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
- :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
- <%= hidden_field_tag "generic_role_id" + update_name, role.id.to_s, :name => "generic_role_id" %>
7
- <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
- <%= check_box_tag "permission" + update_name, "1",
9
- (Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", role.id.to_s, set_id.to_s]).length > 0),
10
- {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
- <% end %>
1
+ <% update_name = "gr__" + role.id.to_s + "__" + set_id.to_s %>
2
+ <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
+ <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
+ :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
+ :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
+ <%= hidden_field_tag "generic_role_id" + update_name, role.id.to_s, :name => "generic_role_id" %>
7
+ <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
+ <%= check_box_tag "permission" + update_name, "1",
9
+ (Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", role.id.to_s, set_id.to_s]).length > 0),
10
+ {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
+ <% end %>
12
12
  <% unless update_partial %></div><% end %>
@@ -1,39 +1,39 @@
1
- <div class="cbac">
2
-
3
- <h2>Subset:</h2>
4
- <form action="<%= request.request_uri %>" method="get" name="subset_view_form">
5
- <b>Privilege set</b> starts with: <input type="text" name="priv_substr" value="<%= params[:priv_substr] %>" /><br />
6
- <b>Role</b> starts with: <input type="text" name="role_substr" value="<%= params[:role_substr] %>" /><br/>
7
- <input type="submit" value="Submit" />
8
- </form>
9
-
10
- <h1>Permissions</h1>
11
- <table>
12
- <tr>
13
- <th>Privilegeset</th>
14
- <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |name, comment| %>
15
- <th><%= name %></th>
16
- <% end %>
17
- <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
18
- <th><%= role.name %></th>
19
- <% end %>
20
- </tr>
21
- <% (@sets.sort do |x,y| x[0].to_s <=> y[0].to_s end).each do |token, set| %>
22
- <tr>
23
- <td><span title ="<%= set.comment %>"><%= set.name %></span></td>
24
- <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |context_role, comment| %>
25
- <td class="checked">
26
- <%= render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => context_role.to_s,
27
- :set_id => set.id.to_s, :update_partial => false} %>
28
- </td>
29
- <% end %>
30
- <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
31
- <td class="checked">
32
- <%= render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role => role,
33
- :set_id => set.id.to_s, :update_partial => false} %>
34
- </td>
35
- <% end %>
36
- </tr>
37
- <% end %>
38
- </table>
39
- </div>
1
+ <div class="cbac">
2
+
3
+ <h2>Subset:</h2>
4
+ <form action="<%= request.request_uri %>" method="get" name="subset_view_form">
5
+ <b>Privilege set</b> starts with: <input type="text" name="priv_substr" value="<%= params[:priv_substr] %>" /><br />
6
+ <b>Role</b> starts with: <input type="text" name="role_substr" value="<%= params[:role_substr] %>" /><br/>
7
+ <input type="submit" value="Submit" />
8
+ </form>
9
+
10
+ <h1>Permissions</h1>
11
+ <table>
12
+ <tr>
13
+ <th>Privilegeset</th>
14
+ <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |name, comment| %>
15
+ <th><%= name %></th>
16
+ <% end %>
17
+ <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
18
+ <th><%= role.name %></th>
19
+ <% end %>
20
+ </tr>
21
+ <% (@sets.sort do |x,y| x[0].to_s <=> y[0].to_s end).each do |token, set| %>
22
+ <tr>
23
+ <td><span title ="<%= set.comment %>"><%= set.name %></span></td>
24
+ <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |context_role, comment| %>
25
+ <td class="checked">
26
+ <%= render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => context_role.to_s,
27
+ :set_id => set.id.to_s, :update_partial => false} %>
28
+ </td>
29
+ <% end %>
30
+ <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
31
+ <td class="checked">
32
+ <%= render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role => role,
33
+ :set_id => set.id.to_s, :update_partial => false} %>
34
+ </td>
35
+ <% end %>
36
+ </tr>
37
+ <% end %>
38
+ </table>
39
+ </div>
@@ -1,32 +1,32 @@
1
- <div class="cbac">
2
- <h1>Permissions: available upgrades</h1>
3
- <span>Choose which of these available permissions you want to accept or reject.
4
- Each upgrade either adds a new permission or revokes an existing permission.
5
- You can also leave the available upgrade for another time.</span><br/><br/>
6
- <% form_tag cbac_upgrade_update_path do %>
7
- <table>
8
- <tr>
9
- <th class="medium">Add /revoke</th>
10
- <th class="large">Privilegeset</th>
11
- <th class="medium">Roletype</th>
12
- <th class="medium">Role</th>
13
- <th class="small">Accept</th>
14
- <th class="small">Reject</th>
15
- <th class="small">Leave</th>
16
- </tr>
17
- <% @permissions.each_with_index do |permission, index| %>
18
- <tr>
19
- <td><span><%=permission.operation_string.capitalize%></span><input type="hidden" name="permissions[<%=index.to_s%>][id]" value="<%=permission.id.to_s%>"/></td>
20
- <td><span title='<%=permission.privilege_set.comment%>'><%=permission.privilege_set_name%></span></td>
21
- <td><span><%=permission.pristine_role.role_type%></span></td>
22
- <td><span><%=permission.pristine_role.name%></span></td>
23
- <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="accept"/></td>
24
- <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="reject"/></td>
25
- <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="leave" checked="checked"/></td>
26
- </tr>
27
- <% end %>
28
- </table>
29
- <input type="button" value="Cancel" onclick="window.location.reload();"/>
30
- <input type="submit" value="OK"/>
31
- <% end %>
1
+ <div class="cbac">
2
+ <h1>Permissions: available upgrades</h1>
3
+ <span>Choose which of these available permissions you want to accept or reject.
4
+ Each upgrade either adds a new permission or revokes an existing permission.
5
+ You can also leave the available upgrade for another time.</span><br/><br/>
6
+ <% form_tag cbac_upgrade_update_path do %>
7
+ <table>
8
+ <tr>
9
+ <th class="medium">Add /revoke</th>
10
+ <th class="large">Privilegeset</th>
11
+ <th class="medium">Roletype</th>
12
+ <th class="medium">Role</th>
13
+ <th class="small">Accept</th>
14
+ <th class="small">Reject</th>
15
+ <th class="small">Leave</th>
16
+ </tr>
17
+ <% @permissions.each_with_index do |permission, index| %>
18
+ <tr>
19
+ <td><span><%=permission.operation_string.capitalize%></span><input type="hidden" name="permissions[<%=index.to_s%>][id]" value="<%=permission.id.to_s%>"/></td>
20
+ <td><span title='<%=permission.privilege_set.comment%>'><%=permission.privilege_set_name%></span></td>
21
+ <td><span><%=permission.pristine_role.role_type%></span></td>
22
+ <td><span><%=permission.pristine_role.name%></span></td>
23
+ <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="accept"/></td>
24
+ <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="reject"/></td>
25
+ <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="leave" checked="checked"/></td>
26
+ </tr>
27
+ <% end %>
28
+ </table>
29
+ <input type="button" value="Cancel" onclick="window.location.reload();"/>
30
+ <input type="submit" value="OK"/>
31
+ <% end %>
32
32
  </div>
@@ -1,16 +1,16 @@
1
- class AddPristineFilesToCbacUpgradePath < ActiveRecord::Migration
2
- def self.up
3
- create_table :cbac_pristine_files do |t|
4
- t.string :type
5
- t.string :file_name
6
- t.timestamps
7
- end
8
-
9
- add_column :cbac_staged_permissions, :pristine_file_id, :integer
10
- end
11
-
12
- def self.down
13
- drop_table :cbac_pristine_files
14
- remove_column :cbac_staged_permissions, :pristine_file_id
15
- end
16
- end
1
+ class AddPristineFilesToCbacUpgradePath < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :cbac_pristine_files do |t|
4
+ t.string :type
5
+ t.string :file_name
6
+ t.timestamps
7
+ end
8
+
9
+ add_column :cbac_staged_permissions, :pristine_file_id, :integer
10
+ end
11
+
12
+ def self.down
13
+ drop_table :cbac_pristine_files
14
+ remove_column :cbac_staged_permissions, :pristine_file_id
15
+ end
16
+ end