symphonia 4.2.0 → 5.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/README.md +31 -1
- data/app/assets/javascripts/symphonia/application.js +3 -3
- data/app/assets/stylesheets/symphonia/_font_awesome.scss +8 -6
- data/app/assets/stylesheets/symphonia/_layout.scss +33 -1
- data/app/assets/stylesheets/symphonia/application.css +1 -1
- data/app/assets/stylesheets/symphonia/basic.scss +3 -99
- data/app/assets/stylesheets/symphonia/filters.scss +3 -5
- data/app/assets/stylesheets/symphonia/symphonia_bootstrap.scss +1 -1
- data/app/controllers/symphonia/accounts_controller.rb +7 -3
- data/app/controllers/symphonia/application_controller.rb +2 -1
- data/app/controllers/symphonia/users_controller.rb +17 -29
- data/app/helpers/symphonia/application_helper.rb +48 -26
- data/app/models/symphonia/preference.rb +5 -5
- data/app/models/symphonia/user.rb +3 -35
- data/app/models/symphonia/user_ability.rb +46 -0
- data/app/views/common/403.html.erb +4 -3
- data/app/views/layouts/symphonia/application.html.erb +4 -4
- data/app/views/symphonia/accounts/_detail.html.erb +21 -18
- data/app/views/symphonia/common/_filters.html.erb +15 -15
- data/app/views/symphonia/common/_share_links.html.erb +2 -3
- data/app/views/symphonia/users/_form.html.erb +1 -6
- data/app/views/symphonia/users/show.html.erb +15 -20
- data/config/locales/cs.yml +3 -2
- data/db/migrate/20130714140500_create_users.rb +0 -2
- data/db/seeds.rb +3 -3
- data/lib/generators/symphonia/entity_controller/entity_controller_generator.rb +2 -2
- data/lib/generators/symphonia/entity_controller/templates/{controller.rb → controller.rb.tt} +0 -0
- data/lib/symphonia/admin_constraint.rb +1 -1
- data/lib/symphonia/base_controller.rb +9 -17
- data/lib/symphonia/controller_extensions.rb +5 -15
- data/lib/symphonia/engine.rb +10 -42
- data/lib/symphonia/form_builder.rb +17 -16
- data/lib/symphonia/menu_manager.rb +15 -11
- data/lib/symphonia/object.rb +9 -9
- data/lib/symphonia/spec_helper.rb +8 -4
- data/lib/symphonia/user_management.rb +1 -1
- data/lib/symphonia/version.rb +1 -1
- data/lib/symphonia.rb +12 -9
- data/spec/factories/factories.rb +0 -4
- data/spec/models/user_spec.rb +39 -2
- data/spec/spec_helper.rb +0 -1
- data/spec/support/stub_users.rb +7 -7
- metadata +54 -111
- data/app/controllers/symphonia/roles_controller.rb +0 -39
- data/app/models/symphonia/role.rb +0 -55
- data/app/views/symphonia/roles/_form.html.erb +0 -26
- data/app/views/symphonia/roles/edit.html.erb +0 -5
- data/app/views/symphonia/roles/index.html.erb +0 -6
- data/app/views/symphonia/roles/new.html.erb +0 -4
- data/app/views/symphonia/roles/show.html.erb +0 -11
- data/db/migrate/20130714140501_create_roles.rb +0 -18
- data/db/migrate/20210509141420_roles_change_permissions_to_json.rb +0 -18
- data/db/migrate/20210509180525_roles_change_permissions_to_native_json.rb +0 -7
- data/lib/symphonia/permissions.rb +0 -93
- data/spec/controllers/roles_controller_spec.rb +0 -12
- data/spec/models/role_spec.rb +0 -13
- data/spec/requests/roles_spec.rb +0 -10
|
@@ -1,39 +0,0 @@
|
|
|
1
|
-
module Symphonia
|
|
2
|
-
class RolesController < ApplicationController
|
|
3
|
-
|
|
4
|
-
include BaseController
|
|
5
|
-
|
|
6
|
-
def model
|
|
7
|
-
Role
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
def safe_attributes
|
|
11
|
-
[:name, :description, permissions: []]
|
|
12
|
-
end
|
|
13
|
-
# helper Symphonia::RendererHelper
|
|
14
|
-
#
|
|
15
|
-
# before_action :authorize
|
|
16
|
-
before_action :load_permissions, only: [:new, :edit, :update, :create]
|
|
17
|
-
|
|
18
|
-
def create
|
|
19
|
-
@entity = @role = Role.new(entity_params)
|
|
20
|
-
@role.permissions = Symphonia::Permissions.find_all(params[:permissions]).map(&:name)
|
|
21
|
-
super
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def update
|
|
25
|
-
@entity = @role = Role.find(params[:id])
|
|
26
|
-
@role.permissions = Symphonia::Permissions.find_all(params[:permissions]).map(&:name)
|
|
27
|
-
super
|
|
28
|
-
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
private
|
|
32
|
-
|
|
33
|
-
def load_permissions
|
|
34
|
-
@permissions = Symphonia::Permissions.all
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
end
|
|
@@ -1,55 +0,0 @@
|
|
|
1
|
-
module Symphonia
|
|
2
|
-
class Role < ApplicationRecord
|
|
3
|
-
self.table_name = 'roles'
|
|
4
|
-
|
|
5
|
-
include ModelAttributes
|
|
6
|
-
|
|
7
|
-
register_query do
|
|
8
|
-
add_attribute :name, :link
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
validates :name, presence: true
|
|
12
|
-
|
|
13
|
-
serialize :permissions, Array
|
|
14
|
-
|
|
15
|
-
scope :active, -> {}
|
|
16
|
-
scope :sorted, -> { order(:name) }
|
|
17
|
-
|
|
18
|
-
# after_save :expire_cache
|
|
19
|
-
|
|
20
|
-
def allowed_to?(permission)
|
|
21
|
-
Rails.cache.fetch([self, permission]) do
|
|
22
|
-
!allowed_permissions.detect { |i| permission.to_sym == i.name }.nil?
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def authorize?(controller, action)
|
|
27
|
-
Rails.cache.fetch([self, controller, action]) do
|
|
28
|
-
!allowed_permissions.detect { |p| p.allowed?(controller, action) }.nil?
|
|
29
|
-
end
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
def allowed_permissions
|
|
33
|
-
return @allowed_permissions if @allowed_permissions
|
|
34
|
-
|
|
35
|
-
@allowed_permissions = permissions.collect do |i|
|
|
36
|
-
i.is_a?(Symphonia::Permissions::Permission) ? i : Symphonia::Permissions.get(i.to_sym)
|
|
37
|
-
end.compact
|
|
38
|
-
|
|
39
|
-
@allowed_permissions
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
def permission_names
|
|
43
|
-
permissions #.map(&:name)
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
# private
|
|
47
|
-
#
|
|
48
|
-
# def expire_cache
|
|
49
|
-
# Rails.cache.delete_matched("role_#{self.id}_*")
|
|
50
|
-
# Rails.cache.delete_matched('user_allowed_to*')
|
|
51
|
-
# end
|
|
52
|
-
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
end
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
<%= symphonia_form_for(@role) do |f| %>
|
|
2
|
-
|
|
3
|
-
<%= f.text_field :name, required: true %>
|
|
4
|
-
<%= f.text_area :description, size: '50x5' %>
|
|
5
|
-
|
|
6
|
-
<fieldset>
|
|
7
|
-
<legend>
|
|
8
|
-
<%= link_to(fa_icon('check lg'), 'javascript:void(0)', onclick: "$(this).closest('fieldset').find('input:checkbox').trigger('click')", class: "pull-right") -%>
|
|
9
|
-
<%= content_tag(:h4, Symphonia::Role.human_attribute_name(:permissions)) %>
|
|
10
|
-
</legend>
|
|
11
|
-
<div class="card-body row">
|
|
12
|
-
<% @permissions.each do |perm| %>
|
|
13
|
-
<div class="col-sm-3">
|
|
14
|
-
<label class="checkbox-inline">
|
|
15
|
-
<%= check_box_tag('permissions[]', perm, @role.permission_names.include?(perm.name), id: perm, class: '') %>
|
|
16
|
-
<%= t(perm.name, :scope => [:permissions], :default => perm.to_s.humanize) %>
|
|
17
|
-
</label>
|
|
18
|
-
</div>
|
|
19
|
-
<% end %>
|
|
20
|
-
</div>
|
|
21
|
-
</fieldset>
|
|
22
|
-
|
|
23
|
-
<p class="buttons">
|
|
24
|
-
<%= f.primary %>
|
|
25
|
-
</p>
|
|
26
|
-
<% end %>
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
<%= title(@role.name, back: true) %>
|
|
2
|
-
|
|
3
|
-
<div class="formatted-text">
|
|
4
|
-
<%= format_text @role.description %>
|
|
5
|
-
</div>
|
|
6
|
-
|
|
7
|
-
<ul class="permissions fa-ul">
|
|
8
|
-
<% @role.permissions.each do |perm| %>
|
|
9
|
-
<li><%= fa_icon "li check", text: t("permissions.#{perm}", default: perm.to_s.humanize) %></li>
|
|
10
|
-
<% end %>
|
|
11
|
-
</ul>
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
class CreateRoles < ActiveRecord::Migration[6.1]
|
|
2
|
-
|
|
3
|
-
def up
|
|
4
|
-
create_table :roles do |t|
|
|
5
|
-
t.string :name, null: false
|
|
6
|
-
t.text :description, null: true
|
|
7
|
-
|
|
8
|
-
t.text :permissions
|
|
9
|
-
|
|
10
|
-
t.timestamps
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def down
|
|
15
|
-
drop_table :roles
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
end
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
class RolesChangePermissionsToJson < ActiveRecord::Migration[6.1]
|
|
2
|
-
|
|
3
|
-
def up
|
|
4
|
-
say_with_time "Convert 'roles.permissions' YAML to JSON" do
|
|
5
|
-
i = 0
|
|
6
|
-
Symphonia::Role.where.not(permissions: nil).each do |role|
|
|
7
|
-
yaml = product.read_attribute_before_type_cast :permissions
|
|
8
|
-
next unless yaml.start_with? "---"
|
|
9
|
-
|
|
10
|
-
role.update_columns permissions: YAML.safe_load(yaml)
|
|
11
|
-
i += 1
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
i
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
end
|
|
@@ -1,93 +0,0 @@
|
|
|
1
|
-
require 'rails'
|
|
2
|
-
module Symphonia
|
|
3
|
-
module Permissions
|
|
4
|
-
@@mapper = []
|
|
5
|
-
@@used_names = []
|
|
6
|
-
mattr_accessor :mapper, :used_names
|
|
7
|
-
class PermissionMissingError < RuntimeError; end
|
|
8
|
-
class << self
|
|
9
|
-
|
|
10
|
-
def map(&block)
|
|
11
|
-
if block_given?
|
|
12
|
-
yield self
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def register(name, options={})
|
|
17
|
-
return if @@used_names.include?(name)
|
|
18
|
-
|
|
19
|
-
p = Permission.new(name, options)
|
|
20
|
-
@@used_names << p.name.to_s
|
|
21
|
-
mapper << p
|
|
22
|
-
|
|
23
|
-
p
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def update(name)
|
|
27
|
-
self.get(name) || raise(PermissionMissingError)
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
# Returns the permission of given name or nil if it wasn't found
|
|
31
|
-
# Argument should be a symbol
|
|
32
|
-
def get(name)
|
|
33
|
-
mapper.detect{|i| i.name == name}
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def all
|
|
37
|
-
mapper
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
def find_all(permission_names=[])
|
|
41
|
-
ps = used_names & Array(permission_names).compact
|
|
42
|
-
ps.collect{|m| get(m.to_sym)}
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
class Permission
|
|
48
|
-
attr_reader :name
|
|
49
|
-
# actions => [:controller_name => [:action, :action, :action]]
|
|
50
|
-
def initialize(name, options={})
|
|
51
|
-
@name = name
|
|
52
|
-
@perms = Hash.new { |hash, key| hash[key] = Array.new }
|
|
53
|
-
end
|
|
54
|
-
alias_method :id, :name
|
|
55
|
-
|
|
56
|
-
def to_s
|
|
57
|
-
@name.to_s
|
|
58
|
-
end
|
|
59
|
-
|
|
60
|
-
def allowed?(controller, action)
|
|
61
|
-
Array(@perms[controller.to_sym]).include?(action.to_sym)
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
def add(controller, actions=[])
|
|
65
|
-
@perms[controller] += actions
|
|
66
|
-
end
|
|
67
|
-
|
|
68
|
-
def remove_actions(controller, actions=[])
|
|
69
|
-
@perms[controller] -= actions
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
def remove_controller(controller)
|
|
73
|
-
@perms.delete(controller)
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
def controllers
|
|
77
|
-
@controllers ||= @perms.keys
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
def allow_action?(controller, action)
|
|
81
|
-
controller = controller.to_sym
|
|
82
|
-
action = action.to_sym
|
|
83
|
-
|
|
84
|
-
if self.controllers.include?(controller)
|
|
85
|
-
return @perms[controller].include?(action)
|
|
86
|
-
else
|
|
87
|
-
return false
|
|
88
|
-
end
|
|
89
|
-
end
|
|
90
|
-
end
|
|
91
|
-
end
|
|
92
|
-
|
|
93
|
-
end
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
# require_relative '../spec_helper.rb'
|
|
2
|
-
|
|
3
|
-
module Symphonia
|
|
4
|
-
describe RolesController, type: 'controller', logged: :admin do
|
|
5
|
-
routes { Symphonia::Engine.routes }
|
|
6
|
-
subject { Symphonia::Role }
|
|
7
|
-
|
|
8
|
-
include_examples 'a controller actions', :role
|
|
9
|
-
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
end
|
data/spec/models/role_spec.rb
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
RSpec.describe Symphonia::Role do
|
|
2
|
-
subject { FactoryBot.create :role, permissions: [:view_users] }
|
|
3
|
-
|
|
4
|
-
describe "#allowed_to?" do
|
|
5
|
-
it "false" do
|
|
6
|
-
expect(subject.allowed_to?( :non_exists)).to eq false
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
it "true" do
|
|
10
|
-
expect(subject.allowed_to?(:view_users)).to eq true
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
end
|