devisable 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Devisable.gemspec +117 -0
- data/Gemfile +13 -0
- data/LICENSE.txt +20 -0
- data/README.rdoc +111 -0
- data/Rakefile +56 -0
- data/VERSION +1 -0
- data/lib/generators/devisable/USAGE +57 -0
- data/lib/generators/devisable/devisable_generator.rb +484 -0
- data/lib/generators/devisable/templates/app/controllers/registrations_controller.erb +19 -0
- data/lib/generators/devisable/templates/app/controllers/users_controller.erb +152 -0
- data/lib/generators/devisable/templates/app/controllers/welcome_controller.erb +11 -0
- data/lib/generators/devisable/templates/app/helpers/roles_helper.erb +63 -0
- data/lib/generators/devisable/templates/app/models/permission.erb +12 -0
- data/lib/generators/devisable/templates/app/models/role.erb +5 -0
- data/lib/generators/devisable/templates/app/views/roles/_form.erb +29 -0
- data/lib/generators/devisable/templates/app/views/roles/edit.erb +6 -0
- data/lib/generators/devisable/templates/app/views/roles/index.erb +28 -0
- data/lib/generators/devisable/templates/app/views/roles/new.erb +5 -0
- data/lib/generators/devisable/templates/app/views/roles/show.erb +10 -0
- data/lib/generators/devisable/templates/app/views/shared/_admin_nav.erb +7 -0
- data/lib/generators/devisable/templates/app/views/users/_form.erb +23 -0
- data/lib/generators/devisable/templates/app/views/users/edit.erb +6 -0
- data/lib/generators/devisable/templates/app/views/users/index.erb +27 -0
- data/lib/generators/devisable/templates/app/views/users/new.erb +5 -0
- data/lib/generators/devisable/templates/app/views/users/show.erb +55 -0
- data/lib/generators/devisable/templates/app/views/welcome/welcome_index.erb +3 -0
- data/lib/generators/devisable/templates/config/initializers/devise_initializer.erb +239 -0
- data/lib/generators/devisable/templates/cucumber/_rake_partial.rb +19 -0
- data/lib/generators/devisable/templates/cucumber/devise.feature +78 -0
- data/lib/generators/devisable/templates/cucumber/role.feature +79 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/authentication_steps.rb +33 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/generic_steps.rb +23 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/role_steps.rb +32 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/user_steps.rb +30 -0
- data/lib/generators/devisable/templates/cucumber/support/_env_partial.rb +57 -0
- data/lib/generators/devisable/templates/cucumber/support/_paths_partial.rb +20 -0
- data/lib/generators/devisable/templates/cucumber/user.feature +45 -0
- data/lib/generators/devisable/templates/partials/_ability_class.rb +53 -0
- data/lib/generators/devisable/templates/partials/_access_denied_flash.rb +4 -0
- data/lib/generators/devisable/templates/partials/_accessible_permissions_controller.rb +8 -0
- data/lib/generators/devisable/templates/partials/_accessible_permissions_model.rb +43 -0
- data/lib/generators/devisable/templates/partials/_application_controller_methods.erb +3 -0
- data/lib/generators/devisable/templates/partials/_application_controller_methods2.erb +11 -0
- data/lib/generators/devisable/templates/partials/_application_current_tab.rb +8 -0
- data/lib/generators/devisable/templates/partials/_application_flash.html.erb +4 -0
- data/lib/generators/devisable/templates/partials/_environments_development.erb +10 -0
- data/lib/generators/devisable/templates/partials/_login_links.erb +18 -0
- data/lib/generators/devisable/templates/partials/_migration_down.rb +2 -0
- data/lib/generators/devisable/templates/partials/_migration_up.rb +7 -0
- data/lib/generators/devisable/templates/partials/_oauth_user_table_fields.erb +1 -0
- data/lib/generators/devisable/templates/partials/_permission_equals.rb +8 -0
- data/lib/generators/devisable/templates/partials/_permission_manage.js +18 -0
- data/lib/generators/devisable/templates/partials/_role_permission.rb +72 -0
- data/lib/generators/devisable/templates/partials/_roles_index_delete.erb +7 -0
- data/lib/generators/devisable/templates/partials/_user_model_methods.erb +21 -0
- data/lib/generators/devisable/templates/partials/_user_role.rb +7 -0
- data/lib/generators/devisable/templates/spec/helpers/roles_helper_spec.erb +50 -0
- data/lib/generators/devisable/templates/spec/models/ability_spec.erb +69 -0
- data/lib/generators/devisable/templates/spec/models/permission_spec.erb +22 -0
- data/lib/generators/devisable/templates/spec/models/role_spec.erb +45 -0
- data/lib/generators/devisable/templates/spec/models/user_spec.erb +65 -0
- data/pkg/devisable-0.1.0.gem +0 -0
- data/pkg/devise_generator-0.1.0.gem +0 -0
- data/test/helper.rb +18 -0
- data/test/test_devise_generator.rb +7 -0
- metadata +169 -0
@@ -0,0 +1,23 @@
|
|
1
|
+
When(/^I sleep for ([^"]*) second[s]?$/) do |time|
|
2
|
+
sleep(time.to_i)
|
3
|
+
end
|
4
|
+
|
5
|
+
When(/^I output the page source$/) do
|
6
|
+
puts source
|
7
|
+
end
|
8
|
+
|
9
|
+
When(/^I fill in the following checkboxes with categories:$/) do |permissions_table|
|
10
|
+
permissions_table.hashes.each do |perm|
|
11
|
+
And %{I check "permission_#{perm['category']}_#{perm['permission']}"}
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
When(/^I debug$/) do
|
16
|
+
# only works if you include the ruby-debug gem
|
17
|
+
debugger
|
18
|
+
end
|
19
|
+
|
20
|
+
Then /^I should see a span with the title "([^"]*)"$/ do |title|
|
21
|
+
page.should have_xpath("//span[@title='#{title}']")
|
22
|
+
end
|
23
|
+
|
@@ -0,0 +1,32 @@
|
|
1
|
+
Given /^there are no roles in the system$/ do
|
2
|
+
@roles = Role.all
|
3
|
+
@roles.each { |role| role.delete }
|
4
|
+
end
|
5
|
+
|
6
|
+
Given /^there is only the "([^"]*)" role in the system$/ do |role_name|
|
7
|
+
@roles = Role.all
|
8
|
+
@roles.each { |role| role.delete unless role.name == role_name }
|
9
|
+
end
|
10
|
+
|
11
|
+
|
12
|
+
Given /^the "([^"]*)" role has been added to the system$/ do |arg1|
|
13
|
+
r = Role.create(:name => arg1)
|
14
|
+
r.save
|
15
|
+
end
|
16
|
+
|
17
|
+
Given /^I have the default roles$/ do
|
18
|
+
Given "the \"SuperAdmin\" role has been added to the system"
|
19
|
+
Given "the \"Admin\" role has been added to the system"
|
20
|
+
Given "the \"GeneralUser\" role has been added to the system"
|
21
|
+
end
|
22
|
+
|
23
|
+
|
24
|
+
|
25
|
+
# step specificlly for deleting a unique feature
|
26
|
+
# could theoretically also be used for any role and any controller action
|
27
|
+
# but the code will get messy
|
28
|
+
# the user steps has a similar function
|
29
|
+
When /^I follow "Destroy" for "([^"]*)"$/ do |name|
|
30
|
+
id = Role.first(:conditions => {:name => name}).id
|
31
|
+
find(:xpath, "//table/tr/td/a[@href = '/roles/#{id}' and @data-method='delete']").click
|
32
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
Given /^there are no users in the system$/ do
|
2
|
+
@users = User.all
|
3
|
+
@users.each { |user| user.delete! }
|
4
|
+
end
|
5
|
+
|
6
|
+
When /^I delete the other user$/ do
|
7
|
+
id = User.last.id
|
8
|
+
find(:xpath, "//table/tr/td/a[@href='/users/#{id}' and @data-method='delete']").click
|
9
|
+
#find("table tr td a[@href = '/users/#{id}']").click
|
10
|
+
end
|
11
|
+
|
12
|
+
Given /^there are users in the system$/ do
|
13
|
+
@generated_user = User.create!(
|
14
|
+
:email => 'generated_user@cloudspace.com',
|
15
|
+
:password => 'password',
|
16
|
+
:password_confirmation => 'password'
|
17
|
+
)
|
18
|
+
@generated_user.save
|
19
|
+
end
|
20
|
+
|
21
|
+
|
22
|
+
Then /^I should have the role "([^"]*)"$/ do |role|
|
23
|
+
unless @current_user
|
24
|
+
@current_user = User.last
|
25
|
+
end
|
26
|
+
@current_user.role?(role)
|
27
|
+
end
|
28
|
+
|
29
|
+
|
30
|
+
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# IMPORTANT: This file is generated by cucumber-rails - edit at your own peril.
|
2
|
+
# It is recommended to regenerate this file in the future when you upgrade to a
|
3
|
+
# newer version of cucumber-rails. Consider adding your own code to a new file
|
4
|
+
# instead of editing this one. Cucumber will automatically load all features/**/*.rb
|
5
|
+
# files.
|
6
|
+
|
7
|
+
ENV["RAILS_ENV"] ||= "test"
|
8
|
+
require File.expand_path(File.dirname(__FILE__) + '/../../config/environment')
|
9
|
+
|
10
|
+
require 'cucumber/formatter/unicode' # Remove this line if you don't want Cucumber Unicode support
|
11
|
+
require 'cucumber/rails/world'
|
12
|
+
require 'cucumber/rails/active_record'
|
13
|
+
require 'cucumber/web/tableish'
|
14
|
+
|
15
|
+
require 'capybara/rails'
|
16
|
+
require 'capybara/cucumber'
|
17
|
+
require 'capybara/session'
|
18
|
+
#require 'cucumber/rails/capybara_javascript_emulation' # Lets you click links with onclick javascript handlers without using @culerity or @javascript
|
19
|
+
# Capybara defaults to XPath selectors rather than Webrat's default of CSS3. In
|
20
|
+
# order to ease the transition to Capybara we set the default here. If you'd
|
21
|
+
# prefer to use XPath just remove this line and adjust any selectors in your
|
22
|
+
# steps to use the XPath syntax.
|
23
|
+
Capybara.default_selector = :css
|
24
|
+
|
25
|
+
# If you set this to false, any error raised from within your app will bubble
|
26
|
+
# up to your step definition and out to cucumber unless you catch it somewhere
|
27
|
+
# on the way. You can make Rails rescue errors and render error pages on a
|
28
|
+
# per-scenario basis by tagging a scenario or feature with the @allow-rescue tag.
|
29
|
+
#
|
30
|
+
# If you set this to true, Rails will rescue all errors and render error
|
31
|
+
# pages, more or less in the same way your application would behave in the
|
32
|
+
# default production environment. It's not recommended to do this for all
|
33
|
+
# of your scenarios, as this makes it hard to discover errors in your application.
|
34
|
+
ActionController::Base.allow_rescue = false
|
35
|
+
|
36
|
+
# If you set this to true, each scenario will run in a database transaction.
|
37
|
+
# You can still turn off transactions on a per-scenario basis, simply tagging
|
38
|
+
# a feature or scenario with the @no-txn tag. If you are using Capybara,
|
39
|
+
# tagging with @culerity or @javascript will also turn transactions off.
|
40
|
+
#
|
41
|
+
# If you set this to false, transactions will be off for all scenarios,
|
42
|
+
# regardless of whether you use @no-txn or not.
|
43
|
+
#
|
44
|
+
# Beware that turning transactions off will leave data in your database
|
45
|
+
# after each scenario, which can lead to hard-to-debug failures in
|
46
|
+
# subsequent scenarios. If you do this, we recommend you create a Before
|
47
|
+
# block that will explicitly put your database in a known state.
|
48
|
+
Cucumber::Rails::World.use_transactional_fixtures = true
|
49
|
+
# How to clean your database when transactions are turned off. See
|
50
|
+
# http://github.com/bmabey/database_cleaner for more info.
|
51
|
+
if defined?(ActiveRecord::Base)
|
52
|
+
begin
|
53
|
+
require 'database_cleaner'
|
54
|
+
DatabaseCleaner.strategy = :truncation
|
55
|
+
rescue LoadError => ignore_if_database_cleaner_not_present
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
when /the sign up page/
|
2
|
+
new_user_registration_path
|
3
|
+
when /the sign in page/
|
4
|
+
new_user_session_path
|
5
|
+
when /the sign out page/
|
6
|
+
#should be destory_user_session_path
|
7
|
+
'/users/sign_out'
|
8
|
+
when /the forgot password page/
|
9
|
+
'/users/password/new'
|
10
|
+
when /the forgot password submitted page/
|
11
|
+
'/users/password'
|
12
|
+
when /the users page/
|
13
|
+
users_path
|
14
|
+
when /the other user's edit page/
|
15
|
+
edit_user_path(User.last)
|
16
|
+
when /that role's view page/
|
17
|
+
role_path(Role.last)
|
18
|
+
when /that user's view page/
|
19
|
+
user_path(User.last)
|
20
|
+
|
@@ -0,0 +1,45 @@
|
|
1
|
+
Feature: Manage users
|
2
|
+
|
3
|
+
Scenario: Managing Users as a SuperAdmin
|
4
|
+
Given I am signed in as "user@cloudspace.com"
|
5
|
+
And I only have the role "SuperAdmin"
|
6
|
+
When I go to the users page
|
7
|
+
Then I should see "user@cloudspace.com"
|
8
|
+
And I should see "SuperAdmin"
|
9
|
+
And I should see "Edit"
|
10
|
+
And I should see "Delete"
|
11
|
+
|
12
|
+
Scenario: Managing Users as a GenericUser
|
13
|
+
Given I am signed in as "user@cloudspace.com"
|
14
|
+
And I only have the role "GeneralUser"
|
15
|
+
When I go to the users page
|
16
|
+
When I should be on the home page
|
17
|
+
And I should see "You are not authorized to access this page."
|
18
|
+
|
19
|
+
Scenario: Editing a User
|
20
|
+
Given I am signed in as "user@cloudspace.com"
|
21
|
+
And I have the role "SuperAdmin"
|
22
|
+
And there are users in the system
|
23
|
+
When I go to the other user's edit page
|
24
|
+
And I check "GeneralUser"
|
25
|
+
And I fill in "password" for "Password"
|
26
|
+
And I fill in "password" for "Password confirmation"
|
27
|
+
And I press "Submit"
|
28
|
+
Then I should be on that user's view page
|
29
|
+
And I should see "The account has been updated"
|
30
|
+
|
31
|
+
Scenario: Deleting a User
|
32
|
+
Given I am signed in as "user@cloudspace.com"
|
33
|
+
And I have the role "SuperAdmin"
|
34
|
+
And there are users in the system
|
35
|
+
And I am on the users page
|
36
|
+
When I delete the other user
|
37
|
+
Then I should be on the users page
|
38
|
+
And I should see "The account has been deleted"
|
39
|
+
|
40
|
+
Scenario: Deleting Self
|
41
|
+
Given I am signed in as "user@cloudspace.com"
|
42
|
+
And there is only the "SuperAdmin" role in the system
|
43
|
+
And I have the role "SuperAdmin"
|
44
|
+
And I am on the users page
|
45
|
+
Then I should see a span with the title "Can NOT delete the last SuperAdmin user"
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# Model for storing cancan permissions
|
2
|
+
class Ability
|
3
|
+
include CanCan::Ability
|
4
|
+
|
5
|
+
# When a user is created, setup permissions based on the role and permission models
|
6
|
+
# If the user has the super admin role, give access to all actions on all controllers
|
7
|
+
#
|
8
|
+
# @param user Optionally pass the user. A new user is created if no user is supplied
|
9
|
+
def initialize(user)
|
10
|
+
user ||= User.new # guest user
|
11
|
+
user.roles.each do |role|
|
12
|
+
role.permissions.each do |permission|
|
13
|
+
can permission.ability.downcase.to_sym, Object::const_get(permission.model)
|
14
|
+
if permission.ability.to_s == 'manage'
|
15
|
+
['view','edit','delete','add'].each do |action|
|
16
|
+
can action.to_sym, Object::const_get(permission.model)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
if user.role? :super_admin
|
23
|
+
can :manage, :all
|
24
|
+
end
|
25
|
+
#examples of some ways to have certain roles manage certain controllers
|
26
|
+
#please see the user views on how to check for the permissions
|
27
|
+
#if user.role? :super_admin
|
28
|
+
# can :manage, :all
|
29
|
+
#elsif user.role? :product_admin
|
30
|
+
# can [:read, :update, :create, :destroy], [Product, Asset, Issue]
|
31
|
+
#elsif user.role? :product_team
|
32
|
+
# can :read, [Product, Asset]
|
33
|
+
# # manage products, assets he owns
|
34
|
+
# can :manage, Product do |product|
|
35
|
+
# can :read, Product, :active => true, :user_id => user.id
|
36
|
+
# can :read, Project, :category => { :visible => true }
|
37
|
+
# can :read, Project, :priority => 1..3
|
38
|
+
#end
|
39
|
+
#can :manage, Asset do |asset|
|
40
|
+
# asset.assetable.try(:owner) == user
|
41
|
+
#end
|
42
|
+
#end
|
43
|
+
##If you want to add a permissions scaffold to replace the roles_users
|
44
|
+
#def initialize(user)
|
45
|
+
# can do |action, subject_class, subject|
|
46
|
+
# user.permissions.find_all_by_action(action).any do |permission|
|
47
|
+
# permission.subject_class == subject_class.to_s &&
|
48
|
+
# (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
|
49
|
+
# end
|
50
|
+
# end
|
51
|
+
#end
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Get roles accessible by the current user #----------------------------------------------------
|
2
|
+
# Role.reflect_on_all_associations(:has_and_belongs_to_many).first.class_name
|
3
|
+
# => "User"
|
4
|
+
#ruby-1.8.7-p302 > Role.reflect_on_all_associations(:has_many).first.class_name
|
5
|
+
def accessible_permissions
|
6
|
+
@accessible_permissions = Role.accessible_permissions
|
7
|
+
end
|
8
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
# Get roles accessible by the current user
|
2
|
+
# Usage:
|
3
|
+
# Role.reflect_on_all_associations(:has_and_belongs_to_many).first.class_name => "User"
|
4
|
+
# Role.reflect_on_all_associations(:has_many).first.class_name
|
5
|
+
# @return [Array] Array of permissions for the current user
|
6
|
+
def self.accessible_permissions
|
7
|
+
@accessible_permissions = []
|
8
|
+
controllers = Dir.new("#{RAILS_ROOT}/app/controllers").entries
|
9
|
+
controllers = controllers.map { |controller| controller.downcase.gsub("_controller.rb","").singularize if controller =~ /_controller/ }.compact
|
10
|
+
models = Dir.new("#{RAILS_ROOT}/app/models").entries
|
11
|
+
models.each do |model|
|
12
|
+
mod = model.downcase.gsub(".rb","")
|
13
|
+
if controllers.include?(mod)
|
14
|
+
@accessible_permissions << mod.camelize.pluralize
|
15
|
+
end
|
16
|
+
end
|
17
|
+
@accessible_permissions
|
18
|
+
end
|
19
|
+
|
20
|
+
# Save permissions all permissions for a single role
|
21
|
+
# First deletes all permissions for the role, then loops through the input and saves new permissions
|
22
|
+
#
|
23
|
+
# @param role Role To reset permisisons on
|
24
|
+
# @param role_ids A list of permissions to apply to the role
|
25
|
+
def save_permissions(role_ids)
|
26
|
+
permissions.map{|perm| perm.delete } unless permissions.nil?
|
27
|
+
unless role_ids.nil?
|
28
|
+
role_ids.each do |permission|
|
29
|
+
p = Permission.new(JSON.parse(permission))
|
30
|
+
(p.class.reflect_on_all_associations(:has_many) & p.class.reflect_on_all_associations(:has_and_belongs_to_many)).each { |association|
|
31
|
+
permissions << Permission.new(
|
32
|
+
:role_id => id,
|
33
|
+
:controller => association.class_name.singularize,
|
34
|
+
:ability => p.ability
|
35
|
+
)
|
36
|
+
}
|
37
|
+
permissions << p
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
end
|
43
|
+
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# Redirect user to root unless the return to attribute is set
|
2
|
+
# @param resource takes the model through which the sign in is occuring
|
3
|
+
def after_sign_in_path_for(resource)
|
4
|
+
(session[:"user.return_to"].nil?) ? "/" : session[:"user.return_to"].to_s
|
5
|
+
end
|
6
|
+
|
7
|
+
# When a user doesn't have permission to the page, redirect to root and display error message
|
8
|
+
rescue_from CanCan::AccessDenied do |exception|
|
9
|
+
flash[:notice] = exception.message
|
10
|
+
redirect_to root_url
|
11
|
+
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Determines whether the given controller is the current controller
|
2
|
+
#
|
3
|
+
# @param Name of the controller to check against
|
4
|
+
# @return [Boolean] True if the controller_name parameter matches the current controller nam
|
5
|
+
def current_tab?(controller_name)
|
6
|
+
controller.controller_name == controller_name
|
7
|
+
end
|
8
|
+
|
@@ -0,0 +1,10 @@
|
|
1
|
+
TWITTER_CONSUMER_KEY = '<%= @twitter_key %>'
|
2
|
+
TWITTER_CONSUMER_SECRET = '<%= @twitter_secret %>'
|
3
|
+
|
4
|
+
|
5
|
+
FACEBOOK_CONSUMER_KEY = '<%= @facebook_key %>'
|
6
|
+
FACEBOOK_CONSUMER_SECRET = '<%= @facebook_secret %>'
|
7
|
+
FACEBOOK_CLIENT_ID = '<%= @facebook_client_id %>'
|
8
|
+
|
9
|
+
|
10
|
+
BASE_URL = '<%= @url %>'
|
@@ -0,0 +1,18 @@
|
|
1
|
+
<ul id='generated_login_links'>
|
2
|
+
<%% if !current_user %>
|
3
|
+
<% if @has_facebook_oauth %>
|
4
|
+
<li><%%= link_to('Login With Facebook', users_path(:warden_oauth2_provider => 'facebook')) %></li>
|
5
|
+
<% end %>
|
6
|
+
<% if @has_twitter_oauth %>
|
7
|
+
<li><%%= link_to('Login With Twitter', users_path(:warden_oauth_provider => 'twitter')) %></li>
|
8
|
+
<% end %>
|
9
|
+
<% if @has_standard_authentication %>
|
10
|
+
<li><%%= link_to('Login', user_session_path()) %></li>
|
11
|
+
<li><%%= link_to('Register', new_user_registration_path()) %></li>
|
12
|
+
<% end %>
|
13
|
+
<%% else %>
|
14
|
+
<li>Welcome <%%= current_user.display_name %></li>
|
15
|
+
<li><%%= link_to('Logout', destroy_user_session_path()) %></li>
|
16
|
+
<%% end %>
|
17
|
+
</ul>
|
18
|
+
<%%= render 'shared/admin_nav' %>
|
@@ -0,0 +1,7 @@
|
|
1
|
+
create_table :roles_users, :id => false do |t|
|
2
|
+
t.references :role, :user
|
3
|
+
end
|
4
|
+
execute "insert into roles (name) values ('SuperAdmin')"
|
5
|
+
execute "insert into roles (name) values ('Admin')"
|
6
|
+
execute "insert into roles (name) values ('GeneralUser')"
|
7
|
+
execute "insert into roles_users values ('1','1')"
|
@@ -0,0 +1 @@
|
|
1
|
+
t.string "default_provider"
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Equality check based on the role id, controller, and ability
|
2
|
+
#
|
3
|
+
# @param another_permission The permission to compare against
|
4
|
+
# @return [Boolean] True if the permissions match role id, controller and ability
|
5
|
+
def ==(another_permission)
|
6
|
+
self.role_id == another_permission.role_id && self.model == another_permission.model && self.ability == another_permission.ability ? true : false
|
7
|
+
end
|
8
|
+
|
@@ -0,0 +1,18 @@
|
|
1
|
+
document.observe("dom:loaded", function() {
|
2
|
+
$$('.permission_manage').each(function(pm) {
|
3
|
+
pm.observe('click', function(event) {
|
4
|
+
use_permission_clicked(event.element())
|
5
|
+
});
|
6
|
+
use_permission_clicked(pm)
|
7
|
+
});
|
8
|
+
|
9
|
+
function use_permission_clicked(obj) {
|
10
|
+
var controller = obj.id.split('_')[1]
|
11
|
+
var disabled_val = obj.checked ? 'disabled' : false;
|
12
|
+
$('permission_' + controller + '_read').disabled = disabled_val;
|
13
|
+
$('permission_' + controller + '_create').disabled = disabled_val;
|
14
|
+
$('permission_' + controller + '_update').disabled = disabled_val;
|
15
|
+
$('permission_' + controller + '_destroy').disabled = disabled_val;
|
16
|
+
}
|
17
|
+
});
|
18
|
+
|
@@ -0,0 +1,72 @@
|
|
1
|
+
# Creates checkboxes for a has and belongs to many relationship between ?
|
2
|
+
#
|
3
|
+
# @param obj An instance of a model with the specified field
|
4
|
+
# @param column The attribute of the obj parameter used to determine if the assignment_object is assigned to the obj parameter
|
5
|
+
# @param assignment_objects A list of objects with a habtm relationship with the obj parameter
|
6
|
+
# @param assignment_object_display_column The field on the assignment_objects used to create the label for the checkboxes
|
7
|
+
# @return [String] An html string of checkboxes for the relationship between the obj and assignment_objects
|
8
|
+
def habtm_checkboxes(obj, column, assignment_objects, assignment_object_display_column)
|
9
|
+
obj_to_s = obj.class.to_s.split("::").last.underscore
|
10
|
+
field_name = "#{obj_to_s}[#{column}][]"
|
11
|
+
|
12
|
+
html = hidden_field_tag(field_name, "")
|
13
|
+
assignment_objects.each do |assignment_obj|
|
14
|
+
cbx_id = "#{obj_to_s}_#{column}_#{assignment_obj.id}"
|
15
|
+
html += check_box_tag field_name, assignment_obj.id, obj.send(column).include?(assignment_obj.id), :id => cbx_id
|
16
|
+
html += label_tag cbx_id, h(assignment_obj.send(assignment_object_display_column))
|
17
|
+
html += content_tag(:br)
|
18
|
+
end
|
19
|
+
html
|
20
|
+
end
|
21
|
+
|
22
|
+
# Creates permission checkboxes for each type of permission and permission category.
|
23
|
+
# Permission types include manage, read, create, update, and destroy. They are hardcoded in this method.
|
24
|
+
#
|
25
|
+
# @param obj An instance of the Role model or any model with a habtm relationship with Permission
|
26
|
+
# @param column Not used
|
27
|
+
# @param controllers A list of controllers that can have permissions applied to them
|
28
|
+
# @param role_id Id that corresponds to an instance of the role model. Should refer to the same object as the obj parameter.
|
29
|
+
# @return [String] Html safe string of permissions checkboxes for each controller and action
|
30
|
+
def permissions_checkboxes(obj, column, controllers, role_id)
|
31
|
+
perms = obj.permissions
|
32
|
+
html = ""
|
33
|
+
abilities = ['manage','read','create','update','destroy']
|
34
|
+
html += content_tag(:table) do
|
35
|
+
html_table = ""
|
36
|
+
controllers.each do |controller|
|
37
|
+
controller.strip!
|
38
|
+
html_table += content_tag(:tr) do
|
39
|
+
html_tr = ""
|
40
|
+
html_tr += content_tag(:th, controller)
|
41
|
+
html_tr += content_tag(:th, "Use")
|
42
|
+
html_tr += content_tag(:th, "View")
|
43
|
+
html_tr += content_tag(:th, "Add")
|
44
|
+
html_tr += content_tag(:th, "Edit")
|
45
|
+
html_tr += content_tag(:th, "Delete")
|
46
|
+
html_tr.html_safe
|
47
|
+
end
|
48
|
+
html_table += content_tag(:tr) do
|
49
|
+
html_tr = ""
|
50
|
+
html_tr += content_tag(:td," ")
|
51
|
+
abilities.each do |ability|
|
52
|
+
p = {
|
53
|
+
:role_id => role_id,
|
54
|
+
:model => controller.singularize,
|
55
|
+
:ability => ability
|
56
|
+
}
|
57
|
+
|
58
|
+
perm = Permission.new(p)
|
59
|
+
checked = perms.include?(perm)
|
60
|
+
#checked = false
|
61
|
+
html_tr += content_tag(:td) do
|
62
|
+
check_box_tag 'role_ids[]',p.to_json,checked, {:id => "permission_#{controller}_#{ability}", :class => "permission_#{ability}"}
|
63
|
+
end
|
64
|
+
end
|
65
|
+
html_tr.html_safe
|
66
|
+
end
|
67
|
+
end
|
68
|
+
html_table.html_safe
|
69
|
+
end
|
70
|
+
html.html_safe
|
71
|
+
end
|
72
|
+
|