RubyGems - erp_app - Versions diffs - 3.0.13 → 3.0.14 - Mend

erp_app 3.0.13 → 3.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (100) hide show

data/app/controllers/erp_app/desktop/audit_log_viewer/base_controller.rb CHANGED

@@ -10,7 +10,7 @@ module ErpApp
           sort_hash = params[:sort].blank? ? {} : Hash.symbolize_keys(JSON.parse(params[:sort]).first)
           sort = sort_hash[:property] || 'id'
-          dir  = sort_hash[:direction] || 'ASC'
+          dir  = sort_hash[:direction] || 'DESC'
           limit = params[:limit] || 15
           start = params[:start] || 0

data/app/controllers/erp_app/desktop/file_manager/base_controller.rb CHANGED

@@ -53,12 +53,13 @@ module ErpApp
             nodes_to_move.each do |node|
               path            = node
               new_parent_path = (params[:parent_node] == ROOT_NODE) ? base_path : params[:parent_node]
+              new_parent_path = new_parent_path.gsub(base_path,'') # target path must be relative
               result, message = @file_support.save_move(path, new_parent_path)
               messages << message
             end
-            render :json => {:success => true, :error => messages.join(',')}
+            render :json => {:success => true, :msg => messages.join(',')}
           rescue Exception => e
-            render :json => {:success => false, :message => ex.message}
+            render :json => {:success => false, :error => ex.message}
           end
         end
@@ -80,15 +81,14 @@ module ErpApp
               result, message = @file_support.delete_file(path)
               messages << message
             end
-            render :json => {:success => true, :error => messages.join(',')}
+            render :json => {:success => true, :msg => messages.join(',')}
           rescue Exception => e
-            render :json => {:success => false, :message => ex.message}
+            render :json => {:success => false, :error => ex.message}
           end
         end
         def expand_directory
           path = (params[:node] == ROOT_NODE) ? base_path : params[:node]
           render :json => @file_support.build_tree(path)
         end

data/app/controllers/erp_app/desktop/scaffold/role_controller.rb CHANGED

@@ -2,7 +2,7 @@ module ErpApp
 	module Desktop
 		module Scaffold
 			class RoleController < ErpApp::Desktop::Scaffold::BaseController
-			  active_ext Role do |options|
+			  active_ext SecurityRole do |options|
 				options[:inline_edit] = true
 				options[:use_ext_forms] = false
 				options[:ignore_associations] = true

data/app/controllers/erp_app/desktop/security_management/base_controller.rb ADDED

@@ -0,0 +1,47 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class BaseController < ::ErpApp::Desktop::BaseController
+        # used for related_searchbox
+        def search
+          if params[:model].blank? or (params[:displayField].blank? and params[:search_fields].blank?)
+            render :inline => '[]'
+          else
+            related_model = params[:model].camelize.constantize
+            query = related_model
+            unless params[:search_fields].blank?
+              #related_searchbox
+              search_fields = params[:search_fields].split(',')
+              unless params[:query].blank?
+                sql = ''
+                search_fields.each_with_index do |f,i|
+                  sql += " OR " if i > 0
+                  sql += "UPPER(#{f}) LIKE UPPER('%#{params[:query]}%')"
+                end
+                query = query.where(sql)
+              end
+              query = query.paginate(:page => page, :per_page => per_page)
+            end
+            total = query.count
+            data = query.all
+            render :inline => { :data => data, :total => total}.to_json
+          end
+        end
+        protected
+        def page
+          offset = params[:start].to_f
+          offset > 0 ? (offset / params[:limit].to_f).to_i + 1 : 1
+        end
+        def per_page
+          params[:limit].nil? ? 10 : params[:limit].to_i
+        end
+      end
+    end#SecurityManagement
+  end#Desktop
+end#ErpApp

data/app/controllers/erp_app/desktop/security_management/capabilities_controller.rb ADDED

@@ -0,0 +1,129 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class CapabilitiesController < ErpApp::Desktop::SecurityManagement::BaseController
+        def available_setup
+          begin
+            columns = []
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Description", :name => 'description', :xtype => 'textfield', :width => 395 })
+            definition = []
+            definition << DynamicFormField.textfield({ :fieldLabel => "Description", :name => 'description' })
+            definition << DynamicFormField.hidden({ :fieldLabel => "ID", :name => 'id' })
+            render :inline => "{
+              \"success\": true,
+              \"columns\": [#{columns.join(',')}],
+              \"fields\": #{definition.to_json}
+            }"
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def selected_setup
+          available_setup
+        end
+        def available
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          scope_type_ids = [ScopeType.find_by_internal_identifier('class').id, ScopeType.find_by_internal_identifier('query').id]
+          ar = assign_to_id.blank? ? Capability.joins(:capability_type) : assign_to.constantize.find(assign_to_id).capabilities_not.where("scope_type_id IN (#{scope_type_ids.join(',')})")
+          ar = (params[:query_filter].blank? ? ar : ar.where("(UPPER(capabilities.description) LIKE UPPER('%#{query_filter}%'))"))
+          available = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => available.map{|x| {:description => x.description, :id => x.id}}}
+        end
+        def selected
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          scope_type_ids = [ScopeType.find_by_internal_identifier('class').id, ScopeType.find_by_internal_identifier('query').id]
+          ar = assign_to_id.blank? ? Capability.joins(:capability_type) : assign_to.constantize.find(assign_to_id).capabilities.where("scope_type_id IN (#{scope_type_ids.join(',')})")
+          ar = (params[:query_filter].blank? ? ar : ar.where("(UPPER(capabilities.description) LIKE UPPER('%#{query_filter}%'))"))
+          selected = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => selected.map{|x| {:total => ar.count, :description => x.description, :id => x.id}}}
+        end
+        def add
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |c|
+              capability = Capability.find(c)
+              case assign_to
+              when 'User'
+                a.add_capability(capability)
+              when 'SecurityRole'
+                a.add_capability(capability)
+              when 'Group'
+                a.add_capability(capability)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Added'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def remove
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |c|
+              capability = Capability.find(c)
+              case assign_to
+              when 'User'
+                a.remove_capability(capability)
+              when 'SecurityRole'
+                a.remove_capability(capability)
+              when 'Group'
+                a.remove_capability(capability)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Removed'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/erp_app/desktop/security_management/groups_controller.rb ADDED

@@ -0,0 +1,201 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class GroupsController < ErpApp::Desktop::SecurityManagement::BaseController
+        def available_setup
+          begin
+            columns = []
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Group Name", :name => 'description', :xtype => 'textfield', :width => 395 })
+            definition = []
+            definition << DynamicFormField.textfield({ :fieldLabel => "Group Name", :name => 'description' })
+            definition << DynamicFormField.hidden({ :fieldLabel => "ID", :name => 'id' })
+            render :inline => "{
+              \"success\": true,
+              \"columns\": [#{columns.join(',')}],
+              \"fields\": #{definition.to_json}
+            }"
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def selected_setup
+          available_setup
+        end
+        def available
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? Group : assign_to.constantize.find(assign_to_id).groups_not
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(groups.description) LIKE UPPER('%#{query_filter}%')"))
+          available = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => available.map{|x| {:description => x.description, :id => x.id}}}
+        end
+        def selected
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? Group : assign_to.constantize.find(assign_to_id).groups
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(groups.description) LIKE UPPER('%#{query_filter}%')"))
+          selected = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => selected.map{|x| {:description => x.description, :id => x.id}}}
+        end
+        def create
+          begin
+            description = params[:description].strip
+            unless description.blank?
+              Group.create(:description => params[:description])
+              render :json => {:success => true, :message => 'Group created'}
+            else
+              raise "Group name blank"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def update
+          begin
+            description = params[:description].strip
+            unless description.blank? or params[:id].blank?
+              g = Group.find(params[:id])
+              g.description = description
+              g.save
+              render :json => {:success => true, :message => 'Group updated'}
+            else
+              raise "Group name blank or no group ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def delete
+          begin
+            unless params[:id].blank?
+              Group.destroy(params[:id])
+              render :json => {:success => true, :message => 'Group deleted'}
+            else
+              raise "No Group ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def add
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |g|
+              group = Group.find(g)
+              case assign_to
+              when 'User'
+                group.add_user(a)
+              when 'SecurityRole'
+                group.add_role(a)
+              when 'Capability'
+                group.add_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Group(s) Added'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def remove
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |g|
+              group = Group.find(g)
+              case assign_to
+              when 'User'
+                group.remove_user(a)
+              when 'SecurityRole'
+                group.remove_role(a)
+              when 'Capability'
+                group.remove_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Group(s) Removed'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def effective_security
+          begin
+            assign_to_id = params[:id]
+            u = Group.find(assign_to_id)
+            render :json => {:success => true, :capabilities => u.class_capabilities_to_hash }
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/erp_app/desktop/security_management/roles_controller.rb ADDED

@@ -0,0 +1,188 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class RolesController < ErpApp::Desktop::SecurityManagement::BaseController
+        def available_setup
+          begin
+            columns = []
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Security Role Name", :name => 'description', :xtype => 'textfield', :width => 200 })
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Internal ID", :name => 'internal_identifier', :xtype => 'textfield', :width => 195 })
+            definition = []
+            definition << DynamicFormField.textfield({ :fieldLabel => "Security Role Name", :name => 'description' })
+            definition << DynamicFormField.textfield({ :fieldLabel => "Internal ID", :name => 'internal_identifier' })
+            definition << DynamicFormField.hidden({ :fieldLabel => "ID", :name => 'id' })
+            render :inline => "{
+              \"success\": true,
+              \"columns\": [#{columns.join(',')}],
+              \"fields\": #{definition.to_json}
+            }"
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def selected_setup
+          available_setup
+        end
+        def available
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? SecurityRole : assign_to.constantize.find(assign_to_id).roles_not
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(security_roles.description) LIKE UPPER('%#{query_filter}%')"))
+          available = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => available.map{|x| {:description => x.description, :internal_identifier => x.internal_identifier, :id => x.id}}}
+        end
+        def selected
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? SecurityRole : assign_to.constantize.find(assign_to_id).roles
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(security_roles.description) LIKE UPPER('%#{query_filter}%')"))
+          selected = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => selected.map{|x| {:description => x.description, :internal_identifier => x.internal_identifier, :id => x.id}}}
+        end
+        def create
+          begin
+            description = params[:description].strip
+            iid = params[:internal_identifier].strip
+            unless description.blank?
+              SecurityRole.create(:description => description, :internal_identifier => iid)
+              render :json => {:success => true, :message => 'Security Role created'}
+            else
+              raise "Role name blank"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def update
+          begin
+            description = params[:description].strip
+            unless description.blank? or params[:id].blank?
+              r = SecurityRole.find(params[:id])
+              r.description = description
+              r.save
+              render :json => {:success => true, :message => 'Security Role updated'}
+            else
+              raise "Role name blank or no role ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def delete
+          begin
+            unless params[:id].blank?
+              SecurityRole.destroy(params[:id])
+              render :json => {:success => true, :message => 'Security Role deleted'}
+            else
+              raise "No Role ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def add
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |r|
+              role = SecurityRole.find(r)
+              case assign_to
+              when 'User'
+                a.add_role(role)
+              when 'Group'
+                a.add_role(role)
+              when 'Capability'
+                role.add_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Added'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def remove
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |r|
+              role = SecurityRole.find(r)
+              case assign_to
+              when 'User'
+                a.remove_role(role)
+              when 'Group'
+                a.remove_role(role)
+              when 'Capability'
+                role.remove_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Removed'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+      end
+    end
+  end
+end