cm-admin 2.1.4 → 2.1.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ea557439972b4bf69c93412b81415aed76726933fde6e45599ee6f08bdc9e5be
4
- data.tar.gz: f1b704b48795f36a0b8efe342dc4f4de49351112c47a2e6fd6dfbec982fa5bc1
3
+ metadata.gz: 60f28f773c4032f2bed61d3b0524ab635b13face45767f444fbc841e490bc597
4
+ data.tar.gz: 42433de9bf7714a37d0fe14bb99a6944bced6886d06cef2083c540e9acf33e93
5
5
  SHA512:
6
- metadata.gz: ce7a4d687dcbcd2db7eafaaf77fa45f0d0048b3ba3bfef259c5eb9c7510a569d7c2d9e4876342973d343aca20d295959df33455dbd150e684bea4deb17418f7b
7
- data.tar.gz: 4c823776edeb548873d43caf016c402cf102eac48d41b5c9d94e6a7bfd8fbd31ab61dea523215d3d55192312387c0f56465bd5591fb6461f69a771240a81d411
6
+ metadata.gz: d224d531688d916b36f07bce3d1e3b0a58939dbf5d847158d1bd051fd4c36750cfeae50986244c3be6e92690e427881b3fa5571b52cd1fe42b6e6edd029f8ac2
7
+ data.tar.gz: be325872f019d39cc6b86cd06a0bc933631548e6da7f292b40a9f1bf2fc5b6149644b43305db3f803a4788239b1a8e25e5e53f848ba013afcc2d0cce6ef842b6
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cm-admin (2.1.4)
4
+ cm-admin (2.1.5)
5
5
  caxlsx_rails
6
6
  cocoon (~> 1.2.15)
7
7
  csv-importer (~> 0.8.2)
@@ -9,7 +9,7 @@ module CmAdmin
9
9
  @current_action = CmAdmin::Models::Action.find_by(@model, name: 'index')
10
10
  # Based on the params the filter and pagination object to be set
11
11
  authorize @ar_object, policy_class: "CmAdmin::#{controller_name.classify}Policy".constantize if defined? "CmAdmin::#{controller_name.classify}Policy".constantize
12
- records = "CmAdmin::#{@model.name}Policy::Scope".constantize.new(Current.user, @model.name.constantize).resolve
12
+ records = "CmAdmin::#{@model.name}Policy::IndexScope".constantize.new(Current.user, @model.name.constantize).resolve
13
13
  records = apply_scopes(records)
14
14
  if (['table', 'card'].include?(params[:view_type]) || [:table, :card].include?(@current_action.view_type))
15
15
  @ar_object = filter_by(params, records, filter_params: @model.filter_params(params))
@@ -31,7 +31,7 @@ module CmAdmin
31
31
 
32
32
  def cm_show(params)
33
33
  @current_action = CmAdmin::Models::Action.find_by(@model, name: 'show')
34
- scoped_model = "CmAdmin::#{@model.name}Policy::Scope".constantize.new(Current.user, @model.name.constantize).resolve
34
+ scoped_model = "CmAdmin::#{@model.name}Policy::ShowScope".constantize.new(Current.user, @model.name.constantize).resolve
35
35
  @ar_object = fetch_ar_object(scoped_model, params[:id])
36
36
  @alerts = @model.alerts
37
37
  resource_identifier
@@ -133,7 +133,7 @@ module CmAdmin
133
133
  end
134
134
 
135
135
  def cm_custom_method(params)
136
- records = "CmAdmin::#{@model.name}Policy::Scope".constantize.new(Current.user, @model.name.constantize).resolve
136
+ records = "CmAdmin::#{@model.name}Policy::#{@action.name.classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve
137
137
  @current_action = @action
138
138
  if @action.parent == 'index'
139
139
  records = apply_scopes(records)
@@ -175,7 +175,7 @@ module CmAdmin
175
175
  end
176
176
 
177
177
  def cm_custom_action_modal(params)
178
- scoped_model = "CmAdmin::#{@model.name}Policy::Scope".constantize.new(Current.user, @model.name.constantize).resolve
178
+ scoped_model = "CmAdmin::#{@model.name}Policy::#{params[:action_name].classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve
179
179
  @ar_object = fetch_ar_object(scoped_model, params[:id])
180
180
  if params[:action_name] == 'destroy'
181
181
  render partial: '/layouts/destroy_action_modal', locals: { ar_object: @ar_object }
@@ -240,7 +240,8 @@ module CmAdmin
240
240
  @current_action = CmAdmin::Models::Action.find_by(@model, name: action_name.to_s)
241
241
  return unless @current_action
242
242
 
243
- @ar_object = fetch_ar_object(@model.ar_model.name.classify.constantize, params[:id])
243
+ scoped_model = "CmAdmin::#{@model.name}Policy::#{action_name.classify}Scope".constantize.new(Current.user, @model.ar_model.name.classify.constantize).resolve
244
+ @ar_object = fetch_ar_object(scoped_model, params[:id])
244
245
  return @ar_object unless @current_action.child_records
245
246
 
246
247
  child_records = @ar_object.send(@current_action.child_records)
@@ -277,7 +278,7 @@ module CmAdmin
277
278
  else
278
279
  sort_column = 'created_at'
279
280
  end
280
- records = "CmAdmin::#{@model.name}Policy::Scope".constantize.new(Current.user, @model.name.constantize).resolve if records.nil?
281
+ records = "CmAdmin::#{@model.name}Policy::#{@current_action.name.classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve if records.nil?
281
282
  records = records.order("#{sort_column} #{@current_action.sort_direction}")
282
283
  final_data = CmAdmin::Models::Filter.filtered_data(filter_params, records, cm_model.filters)
283
284
  pagy, records = pagy(final_data)
@@ -3,9 +3,10 @@ module CmAdmin::CmRole
3
3
  included do
4
4
  cm_admin do
5
5
  actions only: []
6
- set_icon "fa fa-database"
6
+ set_icon 'fa fa-database'
7
7
  cm_index do
8
- page_title 'Role'
8
+ page_title 'Roles & Permissions'
9
+ set_display_name 'Role'
9
10
 
10
11
  filter [:name], :search, placeholder: 'Search'
11
12
 
@@ -20,10 +21,13 @@ module CmAdmin::CmRole
20
21
  # allowed_params = params.permit(role_permission: []).to_h
21
22
  @role = CmRole.find(params[:id])
22
23
  params[:role_permission].except(:submit).each do |model_name, action_arr|
23
- @role.cm_permissions.where(ar_model_name: model_name).where.not(action_name: action_arr.select{ |k,v| k if v.has_key?('is_checked')}.keys).destroy_all
24
+ action_names = action_arr.select { |k, v| k if v.key?('is_checked') }.keys
25
+ action_names << 'create' if action_names.include?('new')
26
+ action_names << 'update' if action_names.include?('edit')
27
+ @role.cm_permissions.where(ar_model_name: model_name).where.not(action_name: action_names).destroy_all
24
28
  action_arr.each do |action_name, selected_option|
25
29
  if selected_option.has_key?('is_checked')
26
- permission = @role.cm_permissions.where(action_name: action_name, ar_model_name: model_name).first_or_create
30
+ permission = @role.cm_permissions.where(action_name:, ar_model_name: model_name).first_or_create
27
31
  permission.update(scope_name: selected_option['scope_name'])
28
32
  end
29
33
  end
@@ -34,7 +38,7 @@ module CmAdmin::CmRole
34
38
  cm_show_section 'Role details' do
35
39
  field :name
36
40
  field :created_at, field_type: :date, format: '%d %b, %Y'
37
- field :updated_at, field_type: :date, format: '%d %b, %Y'
41
+ field :updated_at, field_type: :date, format: '%d %b, %Y'
38
42
  end
39
43
  end
40
44
  tab :permissions, 'permissions', layout_type: 'cm_association_show', partial: '/cm_admin/roles/permissions'
@@ -53,4 +57,4 @@ module CmAdmin::CmRole
53
57
  end
54
58
  end
55
59
  end
56
- end
60
+ end
@@ -2,7 +2,8 @@
2
2
  .form-page__body
3
3
  .form-container
4
4
  = form_for CmPermission.new, url: cm_admin.send('cm_role_create_role_permission_path', @ar_object), method: :post do |f|
5
- - CmAdmin.config.cm_admin_models.each do |model|
5
+ - cm_models = CmAdmin.config.cm_admin_models.sort_by{|k, v| k.display_name}
6
+ - cm_models.each do |model|
6
7
  - next if model.override_policy == true
7
8
  .row
8
9
  .col.form-container
@@ -62,6 +62,21 @@ end
62
62
  4. Include `CmRole` in the `config.included_models` section of `config/initializers/zcm_admin.rb`.
63
63
  5. Assign `cm_role_id` to `1` for any user in the `User` Model, and use that user to log in.
64
64
 
65
+ ## Setting up scopes
66
+
67
+ By default, `Full Access` scopes is added to each permission item. To add additional scopes, use the following syntax:
68
+
69
+ ```ruby
70
+ ...
71
+ cm_admin do
72
+ actions only: []
73
+ set_icon "fa fa-user"
74
+ set_policy_scopes [{scope_name: 'test_supplier_filter', display_name: 'By Test Supplier'}]
75
+ cm_index do
76
+ page_title 'User'
77
+ end
78
+ end
79
+
65
80
  ## Overriding Policies
66
81
 
67
82
  By default, roles and policies are enabled for all models in the application. To override a policy, use the following syntax:
@@ -90,3 +105,24 @@ end
90
105
  ```
91
106
 
92
107
  This structure helps ensure that your application's role and permission management is both flexible and secure.
108
+
109
+
110
+ ## Permission based fields
111
+
112
+ We can apply permission logic to display a field on the interface. You can do this with the following syntax.
113
+
114
+ ```ruby
115
+ ...
116
+ tab :details, '' do
117
+ row do
118
+ cm_show_section 'Details' do
119
+ field :status, field_type: :tag, tag_class: Item::STATUS_TAG_COLOR, display_if: -> (record) {
120
+ scoped_model = CmAdmin::ItemPolicy::ArchiveScope.new(Current.user, ::Item).resolve
121
+ return scoped_model.find_by(id: record.id).present?
122
+ }
123
+ end
124
+ end
125
+ end
126
+
127
+ ```
128
+
@@ -36,6 +36,7 @@ module CmAdmin
36
36
 
37
37
  def initialize(entity, &block)
38
38
  @name = entity.name
39
+ @display_name = entity.name
39
40
  @ar_model = entity
40
41
  @is_visible_on_sidebar = true
41
42
  @icon_name = 'fa fa-th-large'
@@ -196,28 +197,32 @@ module CmAdmin
196
197
  end if $available_actions.present?
197
198
  policy = CmAdmin.const_set "#{ar_model.name}Policy", klass
198
199
 
199
- klass = Class.new(policy) do
200
- def initialize(user, scope)
201
- @user = user
202
- @scope = scope
203
- end
204
-
205
- define_method :resolve do
206
- action_name = Current.request_params.dig("action")
207
- permission = Current.user.cm_role.cm_permissions.find_by(action_name: action_name, ar_model_name: ar_model.name)
208
- if permission.present? && permission.scope_name.present?
209
- scope.send(permission.scope_name)
210
- else
211
- scope.all
200
+ $available_actions.each do |action|
201
+ next if ['custom_action_modal', 'custom_action', 'create', 'update'].include?(action.name)
202
+
203
+ klass = Class.new(policy) do
204
+ def initialize(user, scope)
205
+ @user = user
206
+ @scope = scope
207
+ end
208
+
209
+ define_method :resolve do
210
+ # action_name = Current.request_params.dig("action")
211
+ permission = Current.user.cm_role.cm_permissions.find_by(action_name: action.name, ar_model_name: ar_model.name)
212
+ if permission.present? && permission.scope_name.present?
213
+ scope.send(permission.scope_name)
214
+ else
215
+ scope.all
216
+ end
212
217
  end
218
+
219
+ private
220
+
221
+ attr_reader :user, :scope
213
222
  end
214
-
215
- private
216
-
217
- attr_reader :user, :scope
218
- end
219
223
 
220
- policy.const_set 'Scope', klass
224
+ policy.const_set "#{action.name.classify}Scope", klass
225
+ end
221
226
  end
222
227
  end
223
228
  end
@@ -1,3 +1,3 @@
1
1
  module CmAdmin
2
- VERSION = '2.1.4'
2
+ VERSION = '2.1.5'
3
3
  end
@@ -39,7 +39,8 @@ module CmAdmin
39
39
 
40
40
  def custom_action_items(custom_action, current_action_name)
41
41
  if custom_action.name.present? && policy([:cm_admin, @model.name.classify.constantize]).send(:"#{custom_action.name}?")
42
- if custom_action.display_if.call(@ar_object)
42
+ scoped_model = "CmAdmin::#{@model.name}Policy::#{custom_action.name.classify}Scope".constantize.new(Current.user, @model.name.constantize).resolve
43
+ if custom_action.display_if.call(@ar_object) && scoped_model.find_by(id: params[:id])
43
44
  case custom_action.display_type
44
45
  when :icon_only
45
46
  custom_action_icon(custom_action, current_action_name)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cm-admin
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.4
4
+ version: 2.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael