cbac 0.6.2 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. data/Manifest +71 -70
  2. data/README.rdoc +51 -51
  3. data/Rakefile +39 -39
  4. data/cbac.gemspec +30 -30
  5. data/config/cbac/context_roles.rb +21 -21
  6. data/config/cbac/privileges.rb +50 -50
  7. data/context_roles.rb +21 -21
  8. data/init.rb +3 -3
  9. data/lib/cbac.rb +132 -132
  10. data/lib/cbac/cbac_pristine/pristine.rb +138 -138
  11. data/lib/cbac/cbac_pristine/pristine_file.rb +179 -173
  12. data/lib/cbac/cbac_pristine/pristine_permission.rb +205 -205
  13. data/lib/cbac/cbac_pristine/pristine_role.rb +43 -42
  14. data/lib/cbac/config.rb +9 -9
  15. data/lib/cbac/context_role.rb +27 -27
  16. data/lib/cbac/generic_role.rb +7 -6
  17. data/lib/cbac/known_permission.rb +15 -14
  18. data/lib/cbac/membership.rb +3 -3
  19. data/lib/cbac/permission.rb +5 -5
  20. data/lib/cbac/privilege.rb +117 -117
  21. data/lib/cbac/privilege_new_api.rb +56 -56
  22. data/lib/cbac/privilege_set.rb +29 -29
  23. data/lib/cbac/privilege_set_record.rb +6 -6
  24. data/lib/cbac/setup.rb +37 -37
  25. data/lib/generators/cbac/USAGE +33 -33
  26. data/lib/generators/cbac/cbac_generator.rb +75 -75
  27. data/lib/generators/cbac/copy_files/config/cbac.pristine +2 -2
  28. data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -17
  29. data/lib/generators/cbac/copy_files/config/privileges.rb +25 -25
  30. data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +30 -30
  31. data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +22 -22
  32. data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +61 -61
  33. data/lib/generators/cbac/copy_files/controllers/upgrade_controller.rb +23 -23
  34. data/lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml +9 -9
  35. data/lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml +8 -8
  36. data/lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml +8 -8
  37. data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +4 -4
  38. data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +59 -59
  39. data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +40 -40
  40. data/lib/generators/cbac/copy_files/stylesheets/cbac.css +65 -65
  41. data/lib/generators/cbac/copy_files/tasks/cbac.rake +345 -345
  42. data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +58 -58
  43. data/lib/generators/cbac/copy_files/views/layouts/cbac.html.erb +18 -18
  44. data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +11 -11
  45. data/lib/generators/cbac/copy_files/views/memberships/index.html.erb +23 -23
  46. data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +11 -11
  47. data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +11 -11
  48. data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +39 -39
  49. data/lib/generators/cbac/copy_files/views/upgrade/index.html.erb +31 -31
  50. data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +16 -16
  51. data/privileges.rb +50 -50
  52. data/spec/cbac_pristine_file_spec.rb +329 -329
  53. data/spec/cbac_pristine_permission_spec.rb +358 -358
  54. data/spec/cbac_pristine_role_spec.rb +85 -85
  55. data/spec/rcov.opts +1 -1
  56. data/spec/spec.opts +4 -4
  57. data/spec/spec_helper.rb +11 -11
  58. data/tasks/cbac.rake +345 -345
  59. data/test/db/test.sqlite3 +0 -0
  60. data/test/fixtures/cbac_generic_roles.yml +9 -9
  61. data/test/fixtures/cbac_memberships.yml +8 -8
  62. data/test/fixtures/cbac_permissions.yml +14 -14
  63. data/test/fixtures/cbac_privilege_set.yml +18 -18
  64. data/test/test_cbac_actions.rb +71 -71
  65. data/test/test_cbac_authorize_context_roles.rb +39 -39
  66. data/test/test_cbac_authorize_generic_roles.rb +36 -36
  67. data/test/test_cbac_context_role.rb +50 -50
  68. data/test/test_cbac_privilege.rb +151 -151
  69. data/test/test_cbac_privilege_set.rb +50 -50
  70. data/test/test_helper.rb +28 -28
  71. metadata +33 -49
@@ -1,59 +1,59 @@
1
- <div class="cbac">
2
- <h1>Generic roles</h1>
3
- <table>
4
- <tr>
5
- <th class="medium">Name</th>
6
- <th class="large">Remarks</th>
7
- <th class="small">&nbsp;</th>
8
- </tr>
9
-
10
- <% Cbac::GenericRole.find(:all).each do |role| %>
11
- <tr class="row">
12
- <% form_for role do |r| %>
13
- <td class="medium"><%= r.text_field :name %></td>
14
- <td class="large"><%= r.text_field :remarks, :rows => 1 %></td>
15
- <td class="small"><%= r.submit "OK" %></td>
16
- <% end %>
17
- </tr>
18
- <% end%>
19
- </table>
20
-
21
- <div class="linebreak"></div>
22
-
23
- <table>
24
- <% form_for(Cbac::GenericRole.new) do |new_role| %>
25
- <tr class="row">
26
- <th colspan="2">New generic role</th>
27
- </tr>
28
- <tr class="row">
29
- <td class="medium">Name</td>
30
- <td class="medium"><%= new_role.text_field :name %></td>
31
- </tr>
32
- <tr class="row">
33
- <td class="medium">Remarks</td>
34
- <td class="large"><%= new_role.text_field :remarks %></td>
35
- </tr>
36
- <tr class="row">
37
- <td colspan="2" class="submit"><%= new_role.submit "Create" %></td>
38
- </tr>
39
- <% end %>
40
- </table>
41
-
42
- <div class="linebreak"></div>
43
-
44
- <table>
45
- <% form_tag(:controller => "cbac/generic_roles", :action => "delete") do |f| %>
46
- <tr>
47
- <th colspan="2">Delete generic role</th>
48
- </tr>
49
- <tr>
50
- <td class="medium">Select role</td>
51
- <td class="medium"><%= select_tag "id", Cbac::GenericRole.find(:all).collect{|role|"<option value='#{role.id}'>#{role.name}</option>"} %>
52
- </td>
53
- </tr>
54
- <tr>
55
- <td colspan="2" class="submit"><%= submit_tag "Delete" %></td>
56
- </tr>
57
- <% end %>
58
- </table>
1
+ <div class="cbac">
2
+ <h1>Generic roles</h1>
3
+ <table>
4
+ <tr>
5
+ <th class="medium">Name</th>
6
+ <th class="large">Remarks</th>
7
+ <th class="small">&nbsp;</th>
8
+ </tr>
9
+
10
+ <% Cbac::GenericRole.find(:all).each do |role| %>
11
+ <tr class="row">
12
+ <% form_for role do |r| %>
13
+ <td class="medium"><%= r.text_field :name %></td>
14
+ <td class="large"><%= r.text_field :remarks, :rows => 1 %></td>
15
+ <td class="small"><%= r.submit "OK" %></td>
16
+ <% end %>
17
+ </tr>
18
+ <% end%>
19
+ </table>
20
+
21
+ <div class="linebreak"></div>
22
+
23
+ <table>
24
+ <% form_for(Cbac::GenericRole.new) do |new_role| %>
25
+ <tr class="row">
26
+ <th colspan="2">New generic role</th>
27
+ </tr>
28
+ <tr class="row">
29
+ <td class="medium">Name</td>
30
+ <td class="medium"><%= new_role.text_field :name %></td>
31
+ </tr>
32
+ <tr class="row">
33
+ <td class="medium">Remarks</td>
34
+ <td class="large"><%= new_role.text_field :remarks %></td>
35
+ </tr>
36
+ <tr class="row">
37
+ <td colspan="2" class="submit"><%= new_role.submit "Create" %></td>
38
+ </tr>
39
+ <% end %>
40
+ </table>
41
+
42
+ <div class="linebreak"></div>
43
+
44
+ <table>
45
+ <% form_tag(:controller => "cbac/generic_roles", :action => "delete") do |f| %>
46
+ <tr>
47
+ <th colspan="2">Delete generic role</th>
48
+ </tr>
49
+ <tr>
50
+ <td class="medium">Select role</td>
51
+ <td class="medium"><%= select_tag "id", Cbac::GenericRole.find(:all).collect{|role|"<option value='#{role.id}'>#{role.name}</option>"} %>
52
+ </td>
53
+ </tr>
54
+ <tr>
55
+ <td colspan="2" class="submit"><%= submit_tag "Delete" %></td>
56
+ </tr>
57
+ <% end %>
58
+ </table>
59
59
  </div>
@@ -1,18 +1,18 @@
1
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3
-
4
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5
- <head>
6
- <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
7
- <title>Context Based Access Control</title>
8
- <%= javascript_include_tag :defaults %>
9
- <%= stylesheet_link_tag "cbac" %>
10
- </head>
11
- <body>
12
- <%= link_to "Permissions", cbac_permissions_path %>
13
- <%= link_to "Generic roles", cbac_generic_roles_path %>
14
- <%= link_to "Memberships", cbac_memberships_path %>
15
- <%= link_to "Upgrade", cbac_upgrade_path %>
16
- <%= yield %>
17
- </body>
18
- </html>
1
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3
+
4
+ <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5
+ <head>
6
+ <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
7
+ <title>Context Based Access Control</title>
8
+ <%= javascript_include_tag :defaults %>
9
+ <%= stylesheet_link_tag "cbac" %>
10
+ </head>
11
+ <body>
12
+ <%= link_to "Permissions", cbac_permissions_path %>
13
+ <%= link_to "Generic roles", cbac_generic_roles_path %>
14
+ <%= link_to "Memberships", cbac_memberships_path %>
15
+ <%= link_to "Upgrade", cbac_upgrade_path %>
16
+ <%= yield %>
17
+ </body>
18
+ </html>
@@ -1,12 +1,12 @@
1
- <% update_name = generic_role.id.to_s + "__" + user_id.to_s %>
2
- <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
- <% form_for "/cbac/memberships/update", :remote => true, :url => {:controller => "cbac/memberships", :action => "update"},
4
- :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
- :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
- <%= hidden_field_tag "generic_role_id" + update_name, generic_role.id.to_s, :name => "generic_role_id" %>
7
- <%= hidden_field_tag "user_id" + update_name, user_id.to_s, :name => "user_id" %>
8
- <%= check_box_tag "member" + update_name, "1",
9
- (Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", generic_role.id.to_s, user_id.to_s]).length > 0),
10
- {:onclick => "this.form.onsubmit();", :name => "member"}%>
11
- <% end %>
1
+ <% update_name = generic_role.id.to_s + "__" + user_id.to_s %>
2
+ <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
+ <% form_for "/cbac/memberships/update", :remote => true, :url => {:controller => "cbac/memberships", :action => "update"},
4
+ :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
+ :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
+ <%= hidden_field_tag "generic_role_id" + update_name, generic_role.id.to_s, :name => "generic_role_id" %>
7
+ <%= hidden_field_tag "user_id" + update_name, user_id.to_s, :name => "user_id" %>
8
+ <%= check_box_tag "member" + update_name, "1",
9
+ (Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", generic_role.id.to_s, user_id.to_s]).length > 0),
10
+ {:onclick => "this.form.onsubmit();", :name => "member"}%>
11
+ <% end %>
12
12
  <% unless update_partial %></div><% end %>
@@ -1,23 +1,23 @@
1
- <div class="cbac">
2
- <h1>Memberships</h1>
3
- <table>
4
- <tr>
5
- <th class="medium">Users</th>
6
- <% @generic_roles.each do |role| %>
7
- <th><%= role.name %></th>
8
- <% end %>
9
- </tr>
10
- <% (@users.sort do |x,y| x.name.downcase <=> y.name.downcase end).each do |u| %>
11
- <tr>
12
- <%- # TODO: documentation must contain something on users having the 'name' method/ field %>
13
- <td><%= u.name %></td>
14
- <% @generic_roles.each do |generic_role| %>
15
- <td class="checked">
16
- <%= render :partial => "cbac/memberships/update.html", :locals => {:generic_role => generic_role,
17
- :user_id => u.id.to_s,:update_partial => false} %>
18
- </td>
19
- <% end %>
20
- </tr>
21
- <% end %>
22
- </table>
23
- </div>
1
+ <div class="cbac">
2
+ <h1>Memberships</h1>
3
+ <table>
4
+ <tr>
5
+ <th class="medium">Users</th>
6
+ <% @generic_roles.each do |role| %>
7
+ <th><%= role.name %></th>
8
+ <% end %>
9
+ </tr>
10
+ <% (@users.sort do |x,y| x.name.downcase <=> y.name.downcase end).each do |u| %>
11
+ <tr>
12
+ <%- # TODO: documentation must contain something on users having the 'name' method/ field %>
13
+ <td><%= u.name %></td>
14
+ <% @generic_roles.each do |generic_role| %>
15
+ <td class="checked">
16
+ <%= render :partial => "cbac/memberships/update.html", :locals => {:generic_role => generic_role,
17
+ :user_id => u.id.to_s,:update_partial => false} %>
18
+ </td>
19
+ <% end %>
20
+ </tr>
21
+ <% end %>
22
+ </table>
23
+ </div>
@@ -1,12 +1,12 @@
1
- <% update_name = "cr__" + context_role.to_s + "__" + set_id.to_s %>
2
- <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
- <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
- :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
- :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
- <%= hidden_field_tag "context_role" + update_name, context_role.to_s, :name => "context_role" %>
7
- <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
- <%= check_box_tag "permission" + update_name, "1",
9
- (Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", context_role.to_s, set_id.to_s]).length > 0),
10
- {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
- <% end %>
1
+ <% update_name = "cr__" + context_role.to_s + "__" + set_id.to_s %>
2
+ <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
+ <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
+ :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
+ :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
+ <%= hidden_field_tag "context_role" + update_name, context_role.to_s, :name => "context_role" %>
7
+ <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
+ <%= check_box_tag "permission" + update_name, "1",
9
+ (Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", context_role.to_s, set_id.to_s]).length > 0),
10
+ {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
+ <% end %>
12
12
  <% unless update_partial %></div><% end %>
@@ -1,12 +1,12 @@
1
- <% update_name = "gr__" + role.id.to_s + "__" + set_id.to_s %>
2
- <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
- <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
- :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
- :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
- <%= hidden_field_tag "generic_role_id" + update_name, role.id.to_s, :name => "generic_role_id" %>
7
- <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
- <%= check_box_tag "permission" + update_name, "1",
9
- (Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", role.id.to_s, set_id.to_s]).length > 0),
10
- {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
- <% end %>
1
+ <% update_name = "gr__" + role.id.to_s + "__" + set_id.to_s %>
2
+ <% unless update_partial %><div id="<%= update_name %>"><% end %>
3
+ <% form_for "/cbac/permissions/update", :remote => true, :url => cbac_permissions_update_path,
4
+ :update => update_name, :before => "$('#{update_name}').style.visibility = 'hidden';",
5
+ :complete => "$('#{update_name}').style.visibility = 'visible';" do %>
6
+ <%= hidden_field_tag "generic_role_id" + update_name, role.id.to_s, :name => "generic_role_id" %>
7
+ <%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
8
+ <%= check_box_tag "permission" + update_name, "1",
9
+ (Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", role.id.to_s, set_id.to_s]).length > 0),
10
+ {:onclick => "this.form.onsubmit();", :name => "permission"}%>
11
+ <% end %>
12
12
  <% unless update_partial %></div><% end %>
@@ -1,39 +1,39 @@
1
- <div class="cbac">
2
-
3
- <h2>Subset:</h2>
4
- <form action="<%= request.request_uri %>" method="get" name="subset_view_form">
5
- <b>Privilege set</b> starts with: <input type="text" name="priv_substr" value="<%= params[:priv_substr] %>" /><br />
6
- <b>Role</b> starts with: <input type="text" name="role_substr" value="<%= params[:role_substr] %>" /><br/>
7
- <input type="submit" value="Submit" />
8
- </form>
9
-
10
- <h1>Permissions</h1>
11
- <table>
12
- <tr>
13
- <th>Privilegeset</th>
14
- <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |name, comment| %>
15
- <th><%= name %></th>
16
- <% end %>
17
- <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
18
- <th><%= role.name %></th>
19
- <% end %>
20
- </tr>
21
- <% (@sets.sort do |x,y| x[0].to_s <=> y[0].to_s end).each do |token, set| %>
22
- <tr>
23
- <td><span title ="<%= set.comment %>"><%= set.name %></span></td>
24
- <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |context_role, comment| %>
25
- <td class="checked">
26
- <%= render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => context_role.to_s,
27
- :set_id => set.id.to_s, :update_partial => false} %>
28
- </td>
29
- <% end %>
30
- <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
31
- <td class="checked">
32
- <%= render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role => role,
33
- :set_id => set.id.to_s, :update_partial => false} %>
34
- </td>
35
- <% end %>
36
- </tr>
37
- <% end %>
38
- </table>
39
- </div>
1
+ <div class="cbac">
2
+
3
+ <h2>Subset:</h2>
4
+ <form action="<%= request.request_uri %>" method="get" name="subset_view_form">
5
+ <b>Privilege set</b> starts with: <input type="text" name="priv_substr" value="<%= params[:priv_substr] %>" /><br />
6
+ <b>Role</b> starts with: <input type="text" name="role_substr" value="<%= params[:role_substr] %>" /><br/>
7
+ <input type="submit" value="Submit" />
8
+ </form>
9
+
10
+ <h1>Permissions</h1>
11
+ <table>
12
+ <tr>
13
+ <th>Privilegeset</th>
14
+ <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |name, comment| %>
15
+ <th><%= name %></th>
16
+ <% end %>
17
+ <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
18
+ <th><%= role.name %></th>
19
+ <% end %>
20
+ </tr>
21
+ <% (@sets.sort do |x,y| x[0].to_s <=> y[0].to_s end).each do |token, set| %>
22
+ <tr>
23
+ <td><span title ="<%= set.comment %>"><%= set.name %></span></td>
24
+ <% (@context_roles.sort { |x, y| x[0].to_s <=> y[0].to_s }).each do |context_role, comment| %>
25
+ <td class="checked">
26
+ <%= render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => context_role.to_s,
27
+ :set_id => set.id.to_s, :update_partial => false} %>
28
+ </td>
29
+ <% end %>
30
+ <% (@generic_roles.sort { |x, y| x.name <=> y.name }).each do |role| %>
31
+ <td class="checked">
32
+ <%= render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role => role,
33
+ :set_id => set.id.to_s, :update_partial => false} %>
34
+ </td>
35
+ <% end %>
36
+ </tr>
37
+ <% end %>
38
+ </table>
39
+ </div>
@@ -1,32 +1,32 @@
1
- <div class="cbac">
2
- <h1>Permissions: available upgrades</h1>
3
- <span>Choose which of these available permissions you want to accept or reject.
4
- Each upgrade either adds a new permission or revokes an existing permission.
5
- You can also leave the available upgrade for another time.</span><br/><br/>
6
- <% form_tag cbac_upgrade_update_path do %>
7
- <table>
8
- <tr>
9
- <th class="medium">Add /revoke</th>
10
- <th class="large">Privilegeset</th>
11
- <th class="medium">Roletype</th>
12
- <th class="medium">Role</th>
13
- <th class="small">Accept</th>
14
- <th class="small">Reject</th>
15
- <th class="small">Leave</th>
16
- </tr>
17
- <% @permissions.each_with_index do |permission, index| %>
18
- <tr>
19
- <td><span><%=permission.operation_string.capitalize%></span><input type="hidden" name="permissions[<%=index.to_s%>][id]" value="<%=permission.id.to_s%>"/></td>
20
- <td><span title='<%=permission.privilege_set.comment%>'><%=permission.privilege_set_name%></span></td>
21
- <td><span><%=permission.pristine_role.role_type%></span></td>
22
- <td><span><%=permission.pristine_role.name%></span></td>
23
- <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="accept"/></td>
24
- <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="reject"/></td>
25
- <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="leave" checked="checked"/></td>
26
- </tr>
27
- <% end %>
28
- </table>
29
- <input type="button" value="Cancel" onclick="window.location.reload();"/>
30
- <input type="submit" value="OK"/>
31
- <% end %>
1
+ <div class="cbac">
2
+ <h1>Permissions: available upgrades</h1>
3
+ <span>Choose which of these available permissions you want to accept or reject.
4
+ Each upgrade either adds a new permission or revokes an existing permission.
5
+ You can also leave the available upgrade for another time.</span><br/><br/>
6
+ <% form_tag cbac_upgrade_update_path do %>
7
+ <table>
8
+ <tr>
9
+ <th class="medium">Add /revoke</th>
10
+ <th class="large">Privilegeset</th>
11
+ <th class="medium">Roletype</th>
12
+ <th class="medium">Role</th>
13
+ <th class="small">Accept</th>
14
+ <th class="small">Reject</th>
15
+ <th class="small">Leave</th>
16
+ </tr>
17
+ <% @permissions.each_with_index do |permission, index| %>
18
+ <tr>
19
+ <td><span><%=permission.operation_string.capitalize%></span><input type="hidden" name="permissions[<%=index.to_s%>][id]" value="<%=permission.id.to_s%>"/></td>
20
+ <td><span title='<%=permission.privilege_set.comment%>'><%=permission.privilege_set_name%></span></td>
21
+ <td><span><%=permission.pristine_role.role_type%></span></td>
22
+ <td><span><%=permission.pristine_role.name%></span></td>
23
+ <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="accept"/></td>
24
+ <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="reject"/></td>
25
+ <td><input type="radio" name="permissions[<%=index.to_s%>][action]" value="leave" checked="checked"/></td>
26
+ </tr>
27
+ <% end %>
28
+ </table>
29
+ <input type="button" value="Cancel" onclick="window.location.reload();"/>
30
+ <input type="submit" value="OK"/>
31
+ <% end %>
32
32
  </div>
@@ -1,16 +1,16 @@
1
- class AddPristineFilesToCbacUpgradePath < ActiveRecord::Migration
2
- def self.up
3
- create_table :cbac_pristine_files do |t|
4
- t.string :type
5
- t.string :file_name
6
- t.timestamps
7
- end
8
-
9
- add_column :cbac_staged_permissions, :pristine_file_id, :integer
10
- end
11
-
12
- def self.down
13
- drop_table :cbac_pristine_files
14
- remove_column :cbac_staged_permissions, :pristine_file_id
15
- end
16
- end
1
+ class AddPristineFilesToCbacUpgradePath < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :cbac_pristine_files do |t|
4
+ t.string :type
5
+ t.string :file_name
6
+ t.timestamps
7
+ end
8
+
9
+ add_column :cbac_staged_permissions, :pristine_file_id, :integer
10
+ end
11
+
12
+ def self.down
13
+ drop_table :cbac_pristine_files
14
+ remove_column :cbac_staged_permissions, :pristine_file_id
15
+ end
16
+ end