RubyGems - erp_app - Versions diffs - 3.0.13 → 3.0.14 - Mend

erp_app 3.0.13 → 3.0.14

Files changed (100) hide show

data/app/controllers/erp_app/desktop/audit_log_viewer/base_controller.rb CHANGED

@@ -10,7 +10,7 @@ module ErpApp
           sort_hash = params[:sort].blank? ? {} : Hash.symbolize_keys(JSON.parse(params[:sort]).first)
           sort = sort_hash[:property] || 'id'
-          dir  = sort_hash[:direction] || 'ASC'
+          dir  = sort_hash[:direction] || 'DESC'
           limit = params[:limit] || 15
           start = params[:start] || 0

data/app/controllers/erp_app/desktop/file_manager/base_controller.rb CHANGED

@@ -53,12 +53,13 @@ module ErpApp
             nodes_to_move.each do |node|
               path            = node
               new_parent_path = (params[:parent_node] == ROOT_NODE) ? base_path : params[:parent_node]
+              new_parent_path = new_parent_path.gsub(base_path,'') # target path must be relative
               result, message = @file_support.save_move(path, new_parent_path)
               messages << message
             end
-            render :json => {:success => true, :error => messages.join(',')}
+            render :json => {:success => true, :msg => messages.join(',')}
           rescue Exception => e
-            render :json => {:success => false, :message => ex.message}
+            render :json => {:success => false, :error => ex.message}
           end
         end
@@ -80,15 +81,14 @@ module ErpApp
               result, message = @file_support.delete_file(path)
               messages << message
             end
-            render :json => {:success => true, :error => messages.join(',')}
+            render :json => {:success => true, :msg => messages.join(',')}
           rescue Exception => e
-            render :json => {:success => false, :message => ex.message}
+            render :json => {:success => false, :error => ex.message}
           end
         end
         def expand_directory
           path = (params[:node] == ROOT_NODE) ? base_path : params[:node]
           render :json => @file_support.build_tree(path)
         end

data/app/controllers/erp_app/desktop/scaffold/role_controller.rb CHANGED

@@ -2,7 +2,7 @@ module ErpApp
 	module Desktop
 		module Scaffold
 			class RoleController < ErpApp::Desktop::Scaffold::BaseController
-			  active_ext Role do |options|
+			  active_ext SecurityRole do |options|
 				options[:inline_edit] = true
 				options[:use_ext_forms] = false
 				options[:ignore_associations] = true

data/app/controllers/erp_app/desktop/security_management/base_controller.rb ADDED

@@ -0,0 +1,47 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class BaseController < ::ErpApp::Desktop::BaseController
+        # used for related_searchbox
+        def search
+          if params[:model].blank? or (params[:displayField].blank? and params[:search_fields].blank?)
+            render :inline => '[]'
+          else
+            related_model = params[:model].camelize.constantize
+            query = related_model
+            unless params[:search_fields].blank?
+              #related_searchbox
+              search_fields = params[:search_fields].split(',')
+              unless params[:query].blank?
+                sql = ''
+                search_fields.each_with_index do |f,i|
+                  sql += " OR " if i > 0
+                  sql += "UPPER(#{f}) LIKE UPPER('%#{params[:query]}%')"
+                end
+                query = query.where(sql)
+              end
+              query = query.paginate(:page => page, :per_page => per_page)
+            end
+            total = query.count
+            data = query.all
+            render :inline => { :data => data, :total => total}.to_json
+          end
+        end
+        protected
+        def page
+          offset = params[:start].to_f
+          offset > 0 ? (offset / params[:limit].to_f).to_i + 1 : 1
+        end
+        def per_page
+          params[:limit].nil? ? 10 : params[:limit].to_i
+        end
+      end
+    end#SecurityManagement
+  end#Desktop
+end#ErpApp

data/app/controllers/erp_app/desktop/security_management/capabilities_controller.rb ADDED

@@ -0,0 +1,129 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class CapabilitiesController < ErpApp::Desktop::SecurityManagement::BaseController
+        def available_setup
+          begin
+            columns = []
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Description", :name => 'description', :xtype => 'textfield', :width => 395 })
+            definition = []
+            definition << DynamicFormField.textfield({ :fieldLabel => "Description", :name => 'description' })
+            definition << DynamicFormField.hidden({ :fieldLabel => "ID", :name => 'id' })
+            render :inline => "{
+              \"success\": true,
+              \"columns\": [#{columns.join(',')}],
+              \"fields\": #{definition.to_json}
+            }"
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def selected_setup
+          available_setup
+        end
+        def available
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          scope_type_ids = [ScopeType.find_by_internal_identifier('class').id, ScopeType.find_by_internal_identifier('query').id]
+          ar = assign_to_id.blank? ? Capability.joins(:capability_type) : assign_to.constantize.find(assign_to_id).capabilities_not.where("scope_type_id IN (#{scope_type_ids.join(',')})")
+          ar = (params[:query_filter].blank? ? ar : ar.where("(UPPER(capabilities.description) LIKE UPPER('%#{query_filter}%'))"))
+          available = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => available.map{|x| {:description => x.description, :id => x.id}}}
+        end
+        def selected
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          scope_type_ids = [ScopeType.find_by_internal_identifier('class').id, ScopeType.find_by_internal_identifier('query').id]
+          ar = assign_to_id.blank? ? Capability.joins(:capability_type) : assign_to.constantize.find(assign_to_id).capabilities.where("scope_type_id IN (#{scope_type_ids.join(',')})")
+          ar = (params[:query_filter].blank? ? ar : ar.where("(UPPER(capabilities.description) LIKE UPPER('%#{query_filter}%'))"))
+          selected = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => selected.map{|x| {:total => ar.count, :description => x.description, :id => x.id}}}
+        end
+        def add
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |c|
+              capability = Capability.find(c)
+              case assign_to
+              when 'User'
+                a.add_capability(capability)
+              when 'SecurityRole'
+                a.add_capability(capability)
+              when 'Group'
+                a.add_capability(capability)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Added'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def remove
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |c|
+              capability = Capability.find(c)
+              case assign_to
+              when 'User'
+                a.remove_capability(capability)
+              when 'SecurityRole'
+                a.remove_capability(capability)
+              when 'Group'
+                a.remove_capability(capability)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Removed'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/erp_app/desktop/security_management/groups_controller.rb ADDED

@@ -0,0 +1,201 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class GroupsController < ErpApp::Desktop::SecurityManagement::BaseController
+        def available_setup
+          begin
+            columns = []
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Group Name", :name => 'description', :xtype => 'textfield', :width => 395 })
+            definition = []
+            definition << DynamicFormField.textfield({ :fieldLabel => "Group Name", :name => 'description' })
+            definition << DynamicFormField.hidden({ :fieldLabel => "ID", :name => 'id' })
+            render :inline => "{
+              \"success\": true,
+              \"columns\": [#{columns.join(',')}],
+              \"fields\": #{definition.to_json}
+            }"
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def selected_setup
+          available_setup
+        end
+        def available
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? Group : assign_to.constantize.find(assign_to_id).groups_not
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(groups.description) LIKE UPPER('%#{query_filter}%')"))
+          available = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => available.map{|x| {:description => x.description, :id => x.id}}}
+        end
+        def selected
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? Group : assign_to.constantize.find(assign_to_id).groups
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(groups.description) LIKE UPPER('%#{query_filter}%')"))
+          selected = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => selected.map{|x| {:description => x.description, :id => x.id}}}
+        end
+        def create
+          begin
+            description = params[:description].strip
+            unless description.blank?
+              Group.create(:description => params[:description])
+              render :json => {:success => true, :message => 'Group created'}
+            else
+              raise "Group name blank"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def update
+          begin
+            description = params[:description].strip
+            unless description.blank? or params[:id].blank?
+              g = Group.find(params[:id])
+              g.description = description
+              g.save
+              render :json => {:success => true, :message => 'Group updated'}
+            else
+              raise "Group name blank or no group ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def delete
+          begin
+            unless params[:id].blank?
+              Group.destroy(params[:id])
+              render :json => {:success => true, :message => 'Group deleted'}
+            else
+              raise "No Group ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def add
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |g|
+              group = Group.find(g)
+              case assign_to
+              when 'User'
+                group.add_user(a)
+              when 'SecurityRole'
+                group.add_role(a)
+              when 'Capability'
+                group.add_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Group(s) Added'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def remove
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |g|
+              group = Group.find(g)
+              case assign_to
+              when 'User'
+                group.remove_user(a)
+              when 'SecurityRole'
+                group.remove_role(a)
+              when 'Capability'
+                group.remove_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Group(s) Removed'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def effective_security
+          begin
+            assign_to_id = params[:id]
+            u = Group.find(assign_to_id)
+            render :json => {:success => true, :capabilities => u.class_capabilities_to_hash }
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/erp_app/desktop/security_management/roles_controller.rb ADDED

@@ -0,0 +1,188 @@
+module ErpApp
+  module Desktop
+    module SecurityManagement
+      class RolesController < ErpApp::Desktop::SecurityManagement::BaseController
+        def available_setup
+          begin
+            columns = []
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Security Role Name", :name => 'description', :xtype => 'textfield', :width => 200 })
+            columns << DynamicGridColumn.build_column({ :fieldLabel => "Internal ID", :name => 'internal_identifier', :xtype => 'textfield', :width => 195 })
+            definition = []
+            definition << DynamicFormField.textfield({ :fieldLabel => "Security Role Name", :name => 'description' })
+            definition << DynamicFormField.textfield({ :fieldLabel => "Internal ID", :name => 'internal_identifier' })
+            definition << DynamicFormField.hidden({ :fieldLabel => "ID", :name => 'id' })
+            render :inline => "{
+              \"success\": true,
+              \"columns\": [#{columns.join(',')}],
+              \"fields\": #{definition.to_json}
+            }"
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def selected_setup
+          available_setup
+        end
+        def available
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? SecurityRole : assign_to.constantize.find(assign_to_id).roles_not
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(security_roles.description) LIKE UPPER('%#{query_filter}%')"))
+          available = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => available.map{|x| {:description => x.description, :internal_identifier => x.internal_identifier, :id => x.id}}}
+        end
+        def selected
+          assign_to = params[:assign_to]
+          assign_to_id = params[:id]
+          sort  = (params[:sort] || 'description').downcase
+          dir   = (params[:dir] || 'asc').downcase
+          query_filter = params[:query_filter].strip rescue nil
+          ar = assign_to_id.blank? ? SecurityRole : assign_to.constantize.find(assign_to_id).roles
+          ar = (params[:query_filter].blank? ? ar : ar.where("UPPER(security_roles.description) LIKE UPPER('%#{query_filter}%')"))
+          selected = ar.paginate(:page => page, :per_page => per_page, :order => "#{sort} #{dir}")
+          render :json => {:total => ar.count, :data => selected.map{|x| {:description => x.description, :internal_identifier => x.internal_identifier, :id => x.id}}}
+        end
+        def create
+          begin
+            description = params[:description].strip
+            iid = params[:internal_identifier].strip
+            unless description.blank?
+              SecurityRole.create(:description => description, :internal_identifier => iid)
+              render :json => {:success => true, :message => 'Security Role created'}
+            else
+              raise "Role name blank"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def update
+          begin
+            description = params[:description].strip
+            unless description.blank? or params[:id].blank?
+              r = SecurityRole.find(params[:id])
+              r.description = description
+              r.save
+              render :json => {:success => true, :message => 'Security Role updated'}
+            else
+              raise "Role name blank or no role ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def delete
+          begin
+            unless params[:id].blank?
+              SecurityRole.destroy(params[:id])
+              render :json => {:success => true, :message => 'Security Role deleted'}
+            else
+              raise "No Role ID"
+            end
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def add
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |r|
+              role = SecurityRole.find(r)
+              case assign_to
+              when 'User'
+                a.add_role(role)
+              when 'Group'
+                a.add_role(role)
+              when 'Capability'
+                role.add_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Added'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+        def remove
+          begin
+            assign_to = params[:assign_to]
+            assign_to_id = params[:id]
+            selected = JSON.parse(params[:selection])
+            a = assign_to.constantize.find(assign_to_id)
+            selected.each do |r|
+              role = SecurityRole.find(r)
+              case assign_to
+              when 'User'
+                a.remove_role(role)
+              when 'Group'
+                a.remove_role(role)
+              when 'Capability'
+                role.remove_capability(a)
+              end
+            end
+            render :json => {:success => true, :message => 'Security Roles(s) Removed'}
+          rescue Exception => e
+            Rails.logger.error e.message
+            Rails.logger.error e.backtrace.join("\n")
+            render :inline => {
+              :success => false,
+              :message => e.message
+            }.to_json
+          end
+        end
+      end
+    end
+  end
+end