cm-admin 2.1.4 → 2.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/app/controllers/cm_admin/resource_controller.rb +7 -6
- data/app/models/concerns/cm_admin/cm_role.rb +10 -6
- data/app/views/cm_admin/roles/permissions.html.slim +2 -1
- data/docs/RoleManagement.md +36 -0
- data/lib/cm_admin/model.rb +24 -19
- data/lib/cm_admin/version.rb +1 -1
- data/lib/cm_admin/view_helpers/page_info_helper.rb +2 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 60f28f773c4032f2bed61d3b0524ab635b13face45767f444fbc841e490bc597
|
|
4
|
+
data.tar.gz: 42433de9bf7714a37d0fe14bb99a6944bced6886d06cef2083c540e9acf33e93
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d224d531688d916b36f07bce3d1e3b0a58939dbf5d847158d1bd051fd4c36750cfeae50986244c3be6e92690e427881b3fa5571b52cd1fe42b6e6edd029f8ac2
|
|
7
|
+
data.tar.gz: be325872f019d39cc6b86cd06a0bc933631548e6da7f292b40a9f1bf2fc5b6149644b43305db3f803a4788239b1a8e25e5e53f848ba013afcc2d0cce6ef842b6
|
data/Gemfile.lock
CHANGED
|
@@ -9,7 +9,7 @@ module CmAdmin
|
|
|
9
9
|
@current_action = CmAdmin::Models::Action.find_by(@model, name: 'index')
|
|
10
10
|
# Based on the params the filter and pagination object to be set
|
|
11
11
|
authorize @ar_object, policy_class: "CmAdmin::#{controller_name.classify}Policy".constantize if defined? "CmAdmin::#{controller_name.classify}Policy".constantize
|
|
12
|
-
records = "CmAdmin::#{@model.name}Policy::
|
|
12
|
+
records = "CmAdmin::#{@model.name}Policy::IndexScope".constantize.new(Current.user, @model.name.constantize).resolve
|
|
13
13
|
records = apply_scopes(records)
|
|
14
14
|
if (['table', 'card'].include?(params[:view_type]) || [:table, :card].include?(@current_action.view_type))
|
|
15
15
|
@ar_object = filter_by(params, records, filter_params: @model.filter_params(params))
|
|
@@ -31,7 +31,7 @@ module CmAdmin
|
|
|
31
31
|
|
|
32
32
|
def cm_show(params)
|
|
33
33
|
@current_action = CmAdmin::Models::Action.find_by(@model, name: 'show')
|
|
34
|
-
scoped_model = "CmAdmin::#{@model.name}Policy::
|
|
34
|
+
scoped_model = "CmAdmin::#{@model.name}Policy::ShowScope".constantize.new(Current.user, @model.name.constantize).resolve
|
|
35
35
|
@ar_object = fetch_ar_object(scoped_model, params[:id])
|
|
36
36
|
@alerts = @model.alerts
|
|
37
37
|
resource_identifier
|
|
@@ -133,7 +133,7 @@ module CmAdmin
|
|
|
133
133
|
end
|
|
134
134
|
|
|
135
135
|
def cm_custom_method(params)
|
|
136
|
-
records = "CmAdmin::#{@model.name}Policy
|
|
136
|
+
records = "CmAdmin::#{@model.name}Policy::#{@action.name.classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve
|
|
137
137
|
@current_action = @action
|
|
138
138
|
if @action.parent == 'index'
|
|
139
139
|
records = apply_scopes(records)
|
|
@@ -175,7 +175,7 @@ module CmAdmin
|
|
|
175
175
|
end
|
|
176
176
|
|
|
177
177
|
def cm_custom_action_modal(params)
|
|
178
|
-
scoped_model = "CmAdmin::#{@model.name}Policy
|
|
178
|
+
scoped_model = "CmAdmin::#{@model.name}Policy::#{params[:action_name].classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve
|
|
179
179
|
@ar_object = fetch_ar_object(scoped_model, params[:id])
|
|
180
180
|
if params[:action_name] == 'destroy'
|
|
181
181
|
render partial: '/layouts/destroy_action_modal', locals: { ar_object: @ar_object }
|
|
@@ -240,7 +240,8 @@ module CmAdmin
|
|
|
240
240
|
@current_action = CmAdmin::Models::Action.find_by(@model, name: action_name.to_s)
|
|
241
241
|
return unless @current_action
|
|
242
242
|
|
|
243
|
-
|
|
243
|
+
scoped_model = "CmAdmin::#{@model.name}Policy::#{action_name.classify}Scope".constantize.new(Current.user, @model.ar_model.name.classify.constantize).resolve
|
|
244
|
+
@ar_object = fetch_ar_object(scoped_model, params[:id])
|
|
244
245
|
return @ar_object unless @current_action.child_records
|
|
245
246
|
|
|
246
247
|
child_records = @ar_object.send(@current_action.child_records)
|
|
@@ -277,7 +278,7 @@ module CmAdmin
|
|
|
277
278
|
else
|
|
278
279
|
sort_column = 'created_at'
|
|
279
280
|
end
|
|
280
|
-
records = "CmAdmin::#{@model.name}Policy
|
|
281
|
+
records = "CmAdmin::#{@model.name}Policy::#{@current_action.name.classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve if records.nil?
|
|
281
282
|
records = records.order("#{sort_column} #{@current_action.sort_direction}")
|
|
282
283
|
final_data = CmAdmin::Models::Filter.filtered_data(filter_params, records, cm_model.filters)
|
|
283
284
|
pagy, records = pagy(final_data)
|
|
@@ -3,9 +3,10 @@ module CmAdmin::CmRole
|
|
|
3
3
|
included do
|
|
4
4
|
cm_admin do
|
|
5
5
|
actions only: []
|
|
6
|
-
set_icon
|
|
6
|
+
set_icon 'fa fa-database'
|
|
7
7
|
cm_index do
|
|
8
|
-
page_title '
|
|
8
|
+
page_title 'Roles & Permissions'
|
|
9
|
+
set_display_name 'Role'
|
|
9
10
|
|
|
10
11
|
filter [:name], :search, placeholder: 'Search'
|
|
11
12
|
|
|
@@ -20,10 +21,13 @@ module CmAdmin::CmRole
|
|
|
20
21
|
# allowed_params = params.permit(role_permission: []).to_h
|
|
21
22
|
@role = CmRole.find(params[:id])
|
|
22
23
|
params[:role_permission].except(:submit).each do |model_name, action_arr|
|
|
23
|
-
|
|
24
|
+
action_names = action_arr.select { |k, v| k if v.key?('is_checked') }.keys
|
|
25
|
+
action_names << 'create' if action_names.include?('new')
|
|
26
|
+
action_names << 'update' if action_names.include?('edit')
|
|
27
|
+
@role.cm_permissions.where(ar_model_name: model_name).where.not(action_name: action_names).destroy_all
|
|
24
28
|
action_arr.each do |action_name, selected_option|
|
|
25
29
|
if selected_option.has_key?('is_checked')
|
|
26
|
-
permission = @role.cm_permissions.where(action_name
|
|
30
|
+
permission = @role.cm_permissions.where(action_name:, ar_model_name: model_name).first_or_create
|
|
27
31
|
permission.update(scope_name: selected_option['scope_name'])
|
|
28
32
|
end
|
|
29
33
|
end
|
|
@@ -34,7 +38,7 @@ module CmAdmin::CmRole
|
|
|
34
38
|
cm_show_section 'Role details' do
|
|
35
39
|
field :name
|
|
36
40
|
field :created_at, field_type: :date, format: '%d %b, %Y'
|
|
37
|
-
field :updated_at, field_type: :date, format: '%d %b, %Y'
|
|
41
|
+
field :updated_at, field_type: :date, format: '%d %b, %Y'
|
|
38
42
|
end
|
|
39
43
|
end
|
|
40
44
|
tab :permissions, 'permissions', layout_type: 'cm_association_show', partial: '/cm_admin/roles/permissions'
|
|
@@ -53,4 +57,4 @@ module CmAdmin::CmRole
|
|
|
53
57
|
end
|
|
54
58
|
end
|
|
55
59
|
end
|
|
56
|
-
end
|
|
60
|
+
end
|
|
@@ -2,7 +2,8 @@
|
|
|
2
2
|
.form-page__body
|
|
3
3
|
.form-container
|
|
4
4
|
= form_for CmPermission.new, url: cm_admin.send('cm_role_create_role_permission_path', @ar_object), method: :post do |f|
|
|
5
|
-
- CmAdmin.config.cm_admin_models.
|
|
5
|
+
- cm_models = CmAdmin.config.cm_admin_models.sort_by{|k, v| k.display_name}
|
|
6
|
+
- cm_models.each do |model|
|
|
6
7
|
- next if model.override_policy == true
|
|
7
8
|
.row
|
|
8
9
|
.col.form-container
|
data/docs/RoleManagement.md
CHANGED
|
@@ -62,6 +62,21 @@ end
|
|
|
62
62
|
4. Include `CmRole` in the `config.included_models` section of `config/initializers/zcm_admin.rb`.
|
|
63
63
|
5. Assign `cm_role_id` to `1` for any user in the `User` Model, and use that user to log in.
|
|
64
64
|
|
|
65
|
+
## Setting up scopes
|
|
66
|
+
|
|
67
|
+
By default, `Full Access` scopes is added to each permission item. To add additional scopes, use the following syntax:
|
|
68
|
+
|
|
69
|
+
```ruby
|
|
70
|
+
...
|
|
71
|
+
cm_admin do
|
|
72
|
+
actions only: []
|
|
73
|
+
set_icon "fa fa-user"
|
|
74
|
+
set_policy_scopes [{scope_name: 'test_supplier_filter', display_name: 'By Test Supplier'}]
|
|
75
|
+
cm_index do
|
|
76
|
+
page_title 'User'
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
|
|
65
80
|
## Overriding Policies
|
|
66
81
|
|
|
67
82
|
By default, roles and policies are enabled for all models in the application. To override a policy, use the following syntax:
|
|
@@ -90,3 +105,24 @@ end
|
|
|
90
105
|
```
|
|
91
106
|
|
|
92
107
|
This structure helps ensure that your application's role and permission management is both flexible and secure.
|
|
108
|
+
|
|
109
|
+
|
|
110
|
+
## Permission based fields
|
|
111
|
+
|
|
112
|
+
We can apply permission logic to display a field on the interface. You can do this with the following syntax.
|
|
113
|
+
|
|
114
|
+
```ruby
|
|
115
|
+
...
|
|
116
|
+
tab :details, '' do
|
|
117
|
+
row do
|
|
118
|
+
cm_show_section 'Details' do
|
|
119
|
+
field :status, field_type: :tag, tag_class: Item::STATUS_TAG_COLOR, display_if: -> (record) {
|
|
120
|
+
scoped_model = CmAdmin::ItemPolicy::ArchiveScope.new(Current.user, ::Item).resolve
|
|
121
|
+
return scoped_model.find_by(id: record.id).present?
|
|
122
|
+
}
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
```
|
|
128
|
+
|
data/lib/cm_admin/model.rb
CHANGED
|
@@ -36,6 +36,7 @@ module CmAdmin
|
|
|
36
36
|
|
|
37
37
|
def initialize(entity, &block)
|
|
38
38
|
@name = entity.name
|
|
39
|
+
@display_name = entity.name
|
|
39
40
|
@ar_model = entity
|
|
40
41
|
@is_visible_on_sidebar = true
|
|
41
42
|
@icon_name = 'fa fa-th-large'
|
|
@@ -196,28 +197,32 @@ module CmAdmin
|
|
|
196
197
|
end if $available_actions.present?
|
|
197
198
|
policy = CmAdmin.const_set "#{ar_model.name}Policy", klass
|
|
198
199
|
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
200
|
+
$available_actions.each do |action|
|
|
201
|
+
next if ['custom_action_modal', 'custom_action', 'create', 'update'].include?(action.name)
|
|
202
|
+
|
|
203
|
+
klass = Class.new(policy) do
|
|
204
|
+
def initialize(user, scope)
|
|
205
|
+
@user = user
|
|
206
|
+
@scope = scope
|
|
207
|
+
end
|
|
208
|
+
|
|
209
|
+
define_method :resolve do
|
|
210
|
+
# action_name = Current.request_params.dig("action")
|
|
211
|
+
permission = Current.user.cm_role.cm_permissions.find_by(action_name: action.name, ar_model_name: ar_model.name)
|
|
212
|
+
if permission.present? && permission.scope_name.present?
|
|
213
|
+
scope.send(permission.scope_name)
|
|
214
|
+
else
|
|
215
|
+
scope.all
|
|
216
|
+
end
|
|
212
217
|
end
|
|
218
|
+
|
|
219
|
+
private
|
|
220
|
+
|
|
221
|
+
attr_reader :user, :scope
|
|
213
222
|
end
|
|
214
|
-
|
|
215
|
-
private
|
|
216
|
-
|
|
217
|
-
attr_reader :user, :scope
|
|
218
|
-
end
|
|
219
223
|
|
|
220
|
-
|
|
224
|
+
policy.const_set "#{action.name.classify}Scope", klass
|
|
225
|
+
end
|
|
221
226
|
end
|
|
222
227
|
end
|
|
223
228
|
end
|
data/lib/cm_admin/version.rb
CHANGED
|
@@ -39,7 +39,8 @@ module CmAdmin
|
|
|
39
39
|
|
|
40
40
|
def custom_action_items(custom_action, current_action_name)
|
|
41
41
|
if custom_action.name.present? && policy([:cm_admin, @model.name.classify.constantize]).send(:"#{custom_action.name}?")
|
|
42
|
-
|
|
42
|
+
scoped_model = "CmAdmin::#{@model.name}Policy::#{custom_action.name.classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve
|
|
43
|
+
if custom_action.display_if.call(@ar_object) && scoped_model.find_by(id: params[:id])
|
|
43
44
|
case custom_action.display_type
|
|
44
45
|
when :icon_only
|
|
45
46
|
custom_action_icon(custom_action, current_action_name)
|