devisable 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. data/Devisable.gemspec +117 -0
  2. data/Gemfile +13 -0
  3. data/LICENSE.txt +20 -0
  4. data/README.rdoc +111 -0
  5. data/Rakefile +56 -0
  6. data/VERSION +1 -0
  7. data/lib/generators/devisable/USAGE +57 -0
  8. data/lib/generators/devisable/devisable_generator.rb +484 -0
  9. data/lib/generators/devisable/templates/app/controllers/registrations_controller.erb +19 -0
  10. data/lib/generators/devisable/templates/app/controllers/users_controller.erb +152 -0
  11. data/lib/generators/devisable/templates/app/controllers/welcome_controller.erb +11 -0
  12. data/lib/generators/devisable/templates/app/helpers/roles_helper.erb +63 -0
  13. data/lib/generators/devisable/templates/app/models/permission.erb +12 -0
  14. data/lib/generators/devisable/templates/app/models/role.erb +5 -0
  15. data/lib/generators/devisable/templates/app/views/roles/_form.erb +29 -0
  16. data/lib/generators/devisable/templates/app/views/roles/edit.erb +6 -0
  17. data/lib/generators/devisable/templates/app/views/roles/index.erb +28 -0
  18. data/lib/generators/devisable/templates/app/views/roles/new.erb +5 -0
  19. data/lib/generators/devisable/templates/app/views/roles/show.erb +10 -0
  20. data/lib/generators/devisable/templates/app/views/shared/_admin_nav.erb +7 -0
  21. data/lib/generators/devisable/templates/app/views/users/_form.erb +23 -0
  22. data/lib/generators/devisable/templates/app/views/users/edit.erb +6 -0
  23. data/lib/generators/devisable/templates/app/views/users/index.erb +27 -0
  24. data/lib/generators/devisable/templates/app/views/users/new.erb +5 -0
  25. data/lib/generators/devisable/templates/app/views/users/show.erb +55 -0
  26. data/lib/generators/devisable/templates/app/views/welcome/welcome_index.erb +3 -0
  27. data/lib/generators/devisable/templates/config/initializers/devise_initializer.erb +239 -0
  28. data/lib/generators/devisable/templates/cucumber/_rake_partial.rb +19 -0
  29. data/lib/generators/devisable/templates/cucumber/devise.feature +78 -0
  30. data/lib/generators/devisable/templates/cucumber/role.feature +79 -0
  31. data/lib/generators/devisable/templates/cucumber/step_definitions/authentication_steps.rb +33 -0
  32. data/lib/generators/devisable/templates/cucumber/step_definitions/generic_steps.rb +23 -0
  33. data/lib/generators/devisable/templates/cucumber/step_definitions/role_steps.rb +32 -0
  34. data/lib/generators/devisable/templates/cucumber/step_definitions/user_steps.rb +30 -0
  35. data/lib/generators/devisable/templates/cucumber/support/_env_partial.rb +57 -0
  36. data/lib/generators/devisable/templates/cucumber/support/_paths_partial.rb +20 -0
  37. data/lib/generators/devisable/templates/cucumber/user.feature +45 -0
  38. data/lib/generators/devisable/templates/partials/_ability_class.rb +53 -0
  39. data/lib/generators/devisable/templates/partials/_access_denied_flash.rb +4 -0
  40. data/lib/generators/devisable/templates/partials/_accessible_permissions_controller.rb +8 -0
  41. data/lib/generators/devisable/templates/partials/_accessible_permissions_model.rb +43 -0
  42. data/lib/generators/devisable/templates/partials/_application_controller_methods.erb +3 -0
  43. data/lib/generators/devisable/templates/partials/_application_controller_methods2.erb +11 -0
  44. data/lib/generators/devisable/templates/partials/_application_current_tab.rb +8 -0
  45. data/lib/generators/devisable/templates/partials/_application_flash.html.erb +4 -0
  46. data/lib/generators/devisable/templates/partials/_environments_development.erb +10 -0
  47. data/lib/generators/devisable/templates/partials/_login_links.erb +18 -0
  48. data/lib/generators/devisable/templates/partials/_migration_down.rb +2 -0
  49. data/lib/generators/devisable/templates/partials/_migration_up.rb +7 -0
  50. data/lib/generators/devisable/templates/partials/_oauth_user_table_fields.erb +1 -0
  51. data/lib/generators/devisable/templates/partials/_permission_equals.rb +8 -0
  52. data/lib/generators/devisable/templates/partials/_permission_manage.js +18 -0
  53. data/lib/generators/devisable/templates/partials/_role_permission.rb +72 -0
  54. data/lib/generators/devisable/templates/partials/_roles_index_delete.erb +7 -0
  55. data/lib/generators/devisable/templates/partials/_user_model_methods.erb +21 -0
  56. data/lib/generators/devisable/templates/partials/_user_role.rb +7 -0
  57. data/lib/generators/devisable/templates/spec/helpers/roles_helper_spec.erb +50 -0
  58. data/lib/generators/devisable/templates/spec/models/ability_spec.erb +69 -0
  59. data/lib/generators/devisable/templates/spec/models/permission_spec.erb +22 -0
  60. data/lib/generators/devisable/templates/spec/models/role_spec.erb +45 -0
  61. data/lib/generators/devisable/templates/spec/models/user_spec.erb +65 -0
  62. data/pkg/devisable-0.1.0.gem +0 -0
  63. data/pkg/devise_generator-0.1.0.gem +0 -0
  64. data/test/helper.rb +18 -0
  65. data/test/test_devise_generator.rb +7 -0
  66. metadata +169 -0
@@ -0,0 +1,23 @@
1
+ When(/^I sleep for ([^"]*) second[s]?$/) do |time|
2
+ sleep(time.to_i)
3
+ end
4
+
5
+ When(/^I output the page source$/) do
6
+ puts source
7
+ end
8
+
9
+ When(/^I fill in the following checkboxes with categories:$/) do |permissions_table|
10
+ permissions_table.hashes.each do |perm|
11
+ And %{I check "permission_#{perm['category']}_#{perm['permission']}"}
12
+ end
13
+ end
14
+
15
+ When(/^I debug$/) do
16
+ # only works if you include the ruby-debug gem
17
+ debugger
18
+ end
19
+
20
+ Then /^I should see a span with the title "([^"]*)"$/ do |title|
21
+ page.should have_xpath("//span[@title='#{title}']")
22
+ end
23
+
@@ -0,0 +1,32 @@
1
+ Given /^there are no roles in the system$/ do
2
+ @roles = Role.all
3
+ @roles.each { |role| role.delete }
4
+ end
5
+
6
+ Given /^there is only the "([^"]*)" role in the system$/ do |role_name|
7
+ @roles = Role.all
8
+ @roles.each { |role| role.delete unless role.name == role_name }
9
+ end
10
+
11
+
12
+ Given /^the "([^"]*)" role has been added to the system$/ do |arg1|
13
+ r = Role.create(:name => arg1)
14
+ r.save
15
+ end
16
+
17
+ Given /^I have the default roles$/ do
18
+ Given "the \"SuperAdmin\" role has been added to the system"
19
+ Given "the \"Admin\" role has been added to the system"
20
+ Given "the \"GeneralUser\" role has been added to the system"
21
+ end
22
+
23
+
24
+
25
+ # step specificlly for deleting a unique feature
26
+ # could theoretically also be used for any role and any controller action
27
+ # but the code will get messy
28
+ # the user steps has a similar function
29
+ When /^I follow "Destroy" for "([^"]*)"$/ do |name|
30
+ id = Role.first(:conditions => {:name => name}).id
31
+ find(:xpath, "//table/tr/td/a[@href = '/roles/#{id}' and @data-method='delete']").click
32
+ end
@@ -0,0 +1,30 @@
1
+ Given /^there are no users in the system$/ do
2
+ @users = User.all
3
+ @users.each { |user| user.delete! }
4
+ end
5
+
6
+ When /^I delete the other user$/ do
7
+ id = User.last.id
8
+ find(:xpath, "//table/tr/td/a[@href='/users/#{id}' and @data-method='delete']").click
9
+ #find("table tr td a[@href = '/users/#{id}']").click
10
+ end
11
+
12
+ Given /^there are users in the system$/ do
13
+ @generated_user = User.create!(
14
+ :email => 'generated_user@cloudspace.com',
15
+ :password => 'password',
16
+ :password_confirmation => 'password'
17
+ )
18
+ @generated_user.save
19
+ end
20
+
21
+
22
+ Then /^I should have the role "([^"]*)"$/ do |role|
23
+ unless @current_user
24
+ @current_user = User.last
25
+ end
26
+ @current_user.role?(role)
27
+ end
28
+
29
+
30
+
@@ -0,0 +1,57 @@
1
+ # IMPORTANT: This file is generated by cucumber-rails - edit at your own peril.
2
+ # It is recommended to regenerate this file in the future when you upgrade to a
3
+ # newer version of cucumber-rails. Consider adding your own code to a new file
4
+ # instead of editing this one. Cucumber will automatically load all features/**/*.rb
5
+ # files.
6
+
7
+ ENV["RAILS_ENV"] ||= "test"
8
+ require File.expand_path(File.dirname(__FILE__) + '/../../config/environment')
9
+
10
+ require 'cucumber/formatter/unicode' # Remove this line if you don't want Cucumber Unicode support
11
+ require 'cucumber/rails/world'
12
+ require 'cucumber/rails/active_record'
13
+ require 'cucumber/web/tableish'
14
+
15
+ require 'capybara/rails'
16
+ require 'capybara/cucumber'
17
+ require 'capybara/session'
18
+ #require 'cucumber/rails/capybara_javascript_emulation' # Lets you click links with onclick javascript handlers without using @culerity or @javascript
19
+ # Capybara defaults to XPath selectors rather than Webrat's default of CSS3. In
20
+ # order to ease the transition to Capybara we set the default here. If you'd
21
+ # prefer to use XPath just remove this line and adjust any selectors in your
22
+ # steps to use the XPath syntax.
23
+ Capybara.default_selector = :css
24
+
25
+ # If you set this to false, any error raised from within your app will bubble
26
+ # up to your step definition and out to cucumber unless you catch it somewhere
27
+ # on the way. You can make Rails rescue errors and render error pages on a
28
+ # per-scenario basis by tagging a scenario or feature with the @allow-rescue tag.
29
+ #
30
+ # If you set this to true, Rails will rescue all errors and render error
31
+ # pages, more or less in the same way your application would behave in the
32
+ # default production environment. It's not recommended to do this for all
33
+ # of your scenarios, as this makes it hard to discover errors in your application.
34
+ ActionController::Base.allow_rescue = false
35
+
36
+ # If you set this to true, each scenario will run in a database transaction.
37
+ # You can still turn off transactions on a per-scenario basis, simply tagging
38
+ # a feature or scenario with the @no-txn tag. If you are using Capybara,
39
+ # tagging with @culerity or @javascript will also turn transactions off.
40
+ #
41
+ # If you set this to false, transactions will be off for all scenarios,
42
+ # regardless of whether you use @no-txn or not.
43
+ #
44
+ # Beware that turning transactions off will leave data in your database
45
+ # after each scenario, which can lead to hard-to-debug failures in
46
+ # subsequent scenarios. If you do this, we recommend you create a Before
47
+ # block that will explicitly put your database in a known state.
48
+ Cucumber::Rails::World.use_transactional_fixtures = true
49
+ # How to clean your database when transactions are turned off. See
50
+ # http://github.com/bmabey/database_cleaner for more info.
51
+ if defined?(ActiveRecord::Base)
52
+ begin
53
+ require 'database_cleaner'
54
+ DatabaseCleaner.strategy = :truncation
55
+ rescue LoadError => ignore_if_database_cleaner_not_present
56
+ end
57
+ end
@@ -0,0 +1,20 @@
1
+ when /the sign up page/
2
+ new_user_registration_path
3
+ when /the sign in page/
4
+ new_user_session_path
5
+ when /the sign out page/
6
+ #should be destory_user_session_path
7
+ '/users/sign_out'
8
+ when /the forgot password page/
9
+ '/users/password/new'
10
+ when /the forgot password submitted page/
11
+ '/users/password'
12
+ when /the users page/
13
+ users_path
14
+ when /the other user's edit page/
15
+ edit_user_path(User.last)
16
+ when /that role's view page/
17
+ role_path(Role.last)
18
+ when /that user's view page/
19
+ user_path(User.last)
20
+
@@ -0,0 +1,45 @@
1
+ Feature: Manage users
2
+
3
+ Scenario: Managing Users as a SuperAdmin
4
+ Given I am signed in as "user@cloudspace.com"
5
+ And I only have the role "SuperAdmin"
6
+ When I go to the users page
7
+ Then I should see "user@cloudspace.com"
8
+ And I should see "SuperAdmin"
9
+ And I should see "Edit"
10
+ And I should see "Delete"
11
+
12
+ Scenario: Managing Users as a GenericUser
13
+ Given I am signed in as "user@cloudspace.com"
14
+ And I only have the role "GeneralUser"
15
+ When I go to the users page
16
+ When I should be on the home page
17
+ And I should see "You are not authorized to access this page."
18
+
19
+ Scenario: Editing a User
20
+ Given I am signed in as "user@cloudspace.com"
21
+ And I have the role "SuperAdmin"
22
+ And there are users in the system
23
+ When I go to the other user's edit page
24
+ And I check "GeneralUser"
25
+ And I fill in "password" for "Password"
26
+ And I fill in "password" for "Password confirmation"
27
+ And I press "Submit"
28
+ Then I should be on that user's view page
29
+ And I should see "The account has been updated"
30
+
31
+ Scenario: Deleting a User
32
+ Given I am signed in as "user@cloudspace.com"
33
+ And I have the role "SuperAdmin"
34
+ And there are users in the system
35
+ And I am on the users page
36
+ When I delete the other user
37
+ Then I should be on the users page
38
+ And I should see "The account has been deleted"
39
+
40
+ Scenario: Deleting Self
41
+ Given I am signed in as "user@cloudspace.com"
42
+ And there is only the "SuperAdmin" role in the system
43
+ And I have the role "SuperAdmin"
44
+ And I am on the users page
45
+ Then I should see a span with the title "Can NOT delete the last SuperAdmin user"
@@ -0,0 +1,53 @@
1
+ # Model for storing cancan permissions
2
+ class Ability
3
+ include CanCan::Ability
4
+
5
+ # When a user is created, setup permissions based on the role and permission models
6
+ # If the user has the super admin role, give access to all actions on all controllers
7
+ #
8
+ # @param user Optionally pass the user. A new user is created if no user is supplied
9
+ def initialize(user)
10
+ user ||= User.new # guest user
11
+ user.roles.each do |role|
12
+ role.permissions.each do |permission|
13
+ can permission.ability.downcase.to_sym, Object::const_get(permission.model)
14
+ if permission.ability.to_s == 'manage'
15
+ ['view','edit','delete','add'].each do |action|
16
+ can action.to_sym, Object::const_get(permission.model)
17
+ end
18
+ end
19
+ end
20
+ end
21
+
22
+ if user.role? :super_admin
23
+ can :manage, :all
24
+ end
25
+ #examples of some ways to have certain roles manage certain controllers
26
+ #please see the user views on how to check for the permissions
27
+ #if user.role? :super_admin
28
+ # can :manage, :all
29
+ #elsif user.role? :product_admin
30
+ # can [:read, :update, :create, :destroy], [Product, Asset, Issue]
31
+ #elsif user.role? :product_team
32
+ # can :read, [Product, Asset]
33
+ # # manage products, assets he owns
34
+ # can :manage, Product do |product|
35
+ # can :read, Product, :active => true, :user_id => user.id
36
+ # can :read, Project, :category => { :visible => true }
37
+ # can :read, Project, :priority => 1..3
38
+ #end
39
+ #can :manage, Asset do |asset|
40
+ # asset.assetable.try(:owner) == user
41
+ #end
42
+ #end
43
+ ##If you want to add a permissions scaffold to replace the roles_users
44
+ #def initialize(user)
45
+ # can do |action, subject_class, subject|
46
+ # user.permissions.find_all_by_action(action).any do |permission|
47
+ # permission.subject_class == subject_class.to_s &&
48
+ # (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
49
+ # end
50
+ # end
51
+ #end
52
+ end
53
+ end
@@ -0,0 +1,4 @@
1
+ rescue_from CanCan::AccessDenied do |exception|
2
+ flash[:error] = exception.message
3
+ redirect_to root_url
4
+ end
@@ -0,0 +1,8 @@
1
+ # Get roles accessible by the current user #----------------------------------------------------
2
+ # Role.reflect_on_all_associations(:has_and_belongs_to_many).first.class_name
3
+ # => "User"
4
+ #ruby-1.8.7-p302 > Role.reflect_on_all_associations(:has_many).first.class_name
5
+ def accessible_permissions
6
+ @accessible_permissions = Role.accessible_permissions
7
+ end
8
+ end
@@ -0,0 +1,43 @@
1
+ # Get roles accessible by the current user
2
+ # Usage:
3
+ # Role.reflect_on_all_associations(:has_and_belongs_to_many).first.class_name => "User"
4
+ # Role.reflect_on_all_associations(:has_many).first.class_name
5
+ # @return [Array] Array of permissions for the current user
6
+ def self.accessible_permissions
7
+ @accessible_permissions = []
8
+ controllers = Dir.new("#{RAILS_ROOT}/app/controllers").entries
9
+ controllers = controllers.map { |controller| controller.downcase.gsub("_controller.rb","").singularize if controller =~ /_controller/ }.compact
10
+ models = Dir.new("#{RAILS_ROOT}/app/models").entries
11
+ models.each do |model|
12
+ mod = model.downcase.gsub(".rb","")
13
+ if controllers.include?(mod)
14
+ @accessible_permissions << mod.camelize.pluralize
15
+ end
16
+ end
17
+ @accessible_permissions
18
+ end
19
+
20
+ # Save permissions all permissions for a single role
21
+ # First deletes all permissions for the role, then loops through the input and saves new permissions
22
+ #
23
+ # @param role Role To reset permisisons on
24
+ # @param role_ids A list of permissions to apply to the role
25
+ def save_permissions(role_ids)
26
+ permissions.map{|perm| perm.delete } unless permissions.nil?
27
+ unless role_ids.nil?
28
+ role_ids.each do |permission|
29
+ p = Permission.new(JSON.parse(permission))
30
+ (p.class.reflect_on_all_associations(:has_many) & p.class.reflect_on_all_associations(:has_and_belongs_to_many)).each { |association|
31
+ permissions << Permission.new(
32
+ :role_id => id,
33
+ :controller => association.class_name.singularize,
34
+ :ability => p.ability
35
+ )
36
+ }
37
+ permissions << p
38
+ end
39
+ end
40
+ end
41
+
42
+ end
43
+
@@ -0,0 +1,3 @@
1
+ def mailer_set_url_options
2
+ ActionMailer::Base.default_url_options[:host] = request.host_with_port
3
+ end
@@ -0,0 +1,11 @@
1
+ # Redirect user to root unless the return to attribute is set
2
+ # @param resource takes the model through which the sign in is occuring
3
+ def after_sign_in_path_for(resource)
4
+ (session[:"user.return_to"].nil?) ? "/" : session[:"user.return_to"].to_s
5
+ end
6
+
7
+ # When a user doesn't have permission to the page, redirect to root and display error message
8
+ rescue_from CanCan::AccessDenied do |exception|
9
+ flash[:notice] = exception.message
10
+ redirect_to root_url
11
+ end
@@ -0,0 +1,8 @@
1
+ # Determines whether the given controller is the current controller
2
+ #
3
+ # @param Name of the controller to check against
4
+ # @return [Boolean] True if the controller_name parameter matches the current controller nam
5
+ def current_tab?(controller_name)
6
+ controller.controller_name == controller_name
7
+ end
8
+
@@ -0,0 +1,4 @@
1
+ <%% flash.each do |index, message| %>
2
+ <div id='flash_message' class='<%%= index.to_s %>'><%%= message %></div>
3
+ <%% end %>
4
+
@@ -0,0 +1,10 @@
1
+ TWITTER_CONSUMER_KEY = '<%= @twitter_key %>'
2
+ TWITTER_CONSUMER_SECRET = '<%= @twitter_secret %>'
3
+
4
+
5
+ FACEBOOK_CONSUMER_KEY = '<%= @facebook_key %>'
6
+ FACEBOOK_CONSUMER_SECRET = '<%= @facebook_secret %>'
7
+ FACEBOOK_CLIENT_ID = '<%= @facebook_client_id %>'
8
+
9
+
10
+ BASE_URL = '<%= @url %>'
@@ -0,0 +1,18 @@
1
+ <ul id='generated_login_links'>
2
+ <%% if !current_user %>
3
+ <% if @has_facebook_oauth %>
4
+ <li><%%= link_to('Login With Facebook', users_path(:warden_oauth2_provider => 'facebook')) %></li>
5
+ <% end %>
6
+ <% if @has_twitter_oauth %>
7
+ <li><%%= link_to('Login With Twitter', users_path(:warden_oauth_provider => 'twitter')) %></li>
8
+ <% end %>
9
+ <% if @has_standard_authentication %>
10
+ <li><%%= link_to('Login', user_session_path()) %></li>
11
+ <li><%%= link_to('Register', new_user_registration_path()) %></li>
12
+ <% end %>
13
+ <%% else %>
14
+ <li>Welcome <%%= current_user.display_name %></li>
15
+ <li><%%= link_to('Logout', destroy_user_session_path()) %></li>
16
+ <%% end %>
17
+ </ul>
18
+ <%%= render 'shared/admin_nav' %>
@@ -0,0 +1,2 @@
1
+ drop_table :roles_users
2
+ execute "delete from roles"
@@ -0,0 +1,7 @@
1
+ create_table :roles_users, :id => false do |t|
2
+ t.references :role, :user
3
+ end
4
+ execute "insert into roles (name) values ('SuperAdmin')"
5
+ execute "insert into roles (name) values ('Admin')"
6
+ execute "insert into roles (name) values ('GeneralUser')"
7
+ execute "insert into roles_users values ('1','1')"
@@ -0,0 +1,8 @@
1
+ # Equality check based on the role id, controller, and ability
2
+ #
3
+ # @param another_permission The permission to compare against
4
+ # @return [Boolean] True if the permissions match role id, controller and ability
5
+ def ==(another_permission)
6
+ self.role_id == another_permission.role_id && self.model == another_permission.model && self.ability == another_permission.ability ? true : false
7
+ end
8
+
@@ -0,0 +1,18 @@
1
+ document.observe("dom:loaded", function() {
2
+ $$('.permission_manage').each(function(pm) {
3
+ pm.observe('click', function(event) {
4
+ use_permission_clicked(event.element())
5
+ });
6
+ use_permission_clicked(pm)
7
+ });
8
+
9
+ function use_permission_clicked(obj) {
10
+ var controller = obj.id.split('_')[1]
11
+ var disabled_val = obj.checked ? 'disabled' : false;
12
+ $('permission_' + controller + '_read').disabled = disabled_val;
13
+ $('permission_' + controller + '_create').disabled = disabled_val;
14
+ $('permission_' + controller + '_update').disabled = disabled_val;
15
+ $('permission_' + controller + '_destroy').disabled = disabled_val;
16
+ }
17
+ });
18
+
@@ -0,0 +1,72 @@
1
+ # Creates checkboxes for a has and belongs to many relationship between ?
2
+ #
3
+ # @param obj An instance of a model with the specified field
4
+ # @param column The attribute of the obj parameter used to determine if the assignment_object is assigned to the obj parameter
5
+ # @param assignment_objects A list of objects with a habtm relationship with the obj parameter
6
+ # @param assignment_object_display_column The field on the assignment_objects used to create the label for the checkboxes
7
+ # @return [String] An html string of checkboxes for the relationship between the obj and assignment_objects
8
+ def habtm_checkboxes(obj, column, assignment_objects, assignment_object_display_column)
9
+ obj_to_s = obj.class.to_s.split("::").last.underscore
10
+ field_name = "#{obj_to_s}[#{column}][]"
11
+
12
+ html = hidden_field_tag(field_name, "")
13
+ assignment_objects.each do |assignment_obj|
14
+ cbx_id = "#{obj_to_s}_#{column}_#{assignment_obj.id}"
15
+ html += check_box_tag field_name, assignment_obj.id, obj.send(column).include?(assignment_obj.id), :id => cbx_id
16
+ html += label_tag cbx_id, h(assignment_obj.send(assignment_object_display_column))
17
+ html += content_tag(:br)
18
+ end
19
+ html
20
+ end
21
+
22
+ # Creates permission checkboxes for each type of permission and permission category.
23
+ # Permission types include manage, read, create, update, and destroy. They are hardcoded in this method.
24
+ #
25
+ # @param obj An instance of the Role model or any model with a habtm relationship with Permission
26
+ # @param column Not used
27
+ # @param controllers A list of controllers that can have permissions applied to them
28
+ # @param role_id Id that corresponds to an instance of the role model. Should refer to the same object as the obj parameter.
29
+ # @return [String] Html safe string of permissions checkboxes for each controller and action
30
+ def permissions_checkboxes(obj, column, controllers, role_id)
31
+ perms = obj.permissions
32
+ html = ""
33
+ abilities = ['manage','read','create','update','destroy']
34
+ html += content_tag(:table) do
35
+ html_table = ""
36
+ controllers.each do |controller|
37
+ controller.strip!
38
+ html_table += content_tag(:tr) do
39
+ html_tr = ""
40
+ html_tr += content_tag(:th, controller)
41
+ html_tr += content_tag(:th, "Use")
42
+ html_tr += content_tag(:th, "View")
43
+ html_tr += content_tag(:th, "Add")
44
+ html_tr += content_tag(:th, "Edit")
45
+ html_tr += content_tag(:th, "Delete")
46
+ html_tr.html_safe
47
+ end
48
+ html_table += content_tag(:tr) do
49
+ html_tr = ""
50
+ html_tr += content_tag(:td," ")
51
+ abilities.each do |ability|
52
+ p = {
53
+ :role_id => role_id,
54
+ :model => controller.singularize,
55
+ :ability => ability
56
+ }
57
+
58
+ perm = Permission.new(p)
59
+ checked = perms.include?(perm)
60
+ #checked = false
61
+ html_tr += content_tag(:td) do
62
+ check_box_tag 'role_ids[]',p.to_json,checked, {:id => "permission_#{controller}_#{ability}", :class => "permission_#{ability}"}
63
+ end
64
+ end
65
+ html_tr.html_safe
66
+ end
67
+ end
68
+ html_table.html_safe
69
+ end
70
+ html.html_safe
71
+ end
72
+