usman 0.3.9 → 0.3.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/app/controllers/usman/admin_controller.rb +1 -18
- data/app/controllers/usman/api/v1/docs_controller.rb +53 -12
- data/app/controllers/usman/application_controller.rb +2 -0
- data/app/controllers/usman/features_controller.rb +4 -2
- data/app/controllers/usman/permissions_controller.rb +34 -3
- data/app/controllers/usman/resource_controller.rb +6 -1
- data/app/controllers/usman/user_roles_controller.rb +1 -0
- data/app/helpers/usman/authentication_helper.rb +102 -34
- data/app/models/feature.rb +2 -2
- data/app/models/permission.rb +11 -0
- data/app/models/user.rb +65 -0
- data/app/services/usman/sms_service.rb +91 -0
- data/app/views/layouts/kuppayam/_sidebar.html.erb +125 -72
- data/app/views/usman/dashboard/_index.html.erb +40 -0
- data/app/views/usman/dashboard/_super_admin_index.html.erb +22 -0
- data/app/views/usman/dashboard/index.html.erb +6 -128
- data/app/views/usman/features/_form.html.erb +1 -1
- data/app/views/usman/features/_index.html.erb +18 -8
- data/app/views/usman/features/_row.html.erb +14 -8
- data/app/views/usman/features/_show.html.erb +13 -10
- data/app/views/usman/features/index.html.erb +2 -2
- data/app/views/usman/permissions/_form.html.erb +2 -2
- data/app/views/usman/permissions/_index.html.erb +6 -5
- data/app/views/usman/permissions/_row.html.erb +6 -5
- data/app/views/usman/permissions/_show.html.erb +5 -5
- data/app/views/usman/permissions/index.html.erb +15 -17
- data/app/views/usman/registration_devices/_index.html.erb +11 -7
- data/app/views/usman/registration_devices/_row.html.erb +18 -18
- data/app/views/usman/registrations/_index.html.erb +17 -13
- data/app/views/usman/registrations/_row.html.erb +14 -10
- data/app/views/usman/roles/_index.html.erb +8 -4
- data/app/views/usman/roles/_row.html.erb +7 -5
- data/app/views/usman/roles/_show.html.erb +9 -5
- data/app/views/usman/roles/index.html.erb +3 -3
- data/app/views/usman/sessions/_permission_denied.js.erb +3 -0
- data/app/views/usman/user_roles/_index.html.erb +6 -0
- data/app/views/usman/user_roles/_row.html.erb +4 -0
- data/app/views/usman/users/_index.html.erb +19 -15
- data/app/views/usman/users/_row.html.erb +17 -15
- data/app/views/usman/users/_show.html.erb +5 -3
- data/app/views/usman/users/index.html.erb +3 -3
- data/config/locales/usman/authentication.ar.yml +5 -2
- data/config/locales/usman/authentication.en.yml +2 -2
- data/config/locales/usman/sms.en.yml +17 -0
- data/config/routes.rb +11 -12
- data/db/data/dummy/permissions.csv +1 -76
- data/db/data/dummy/users.csv +3 -6
- data/db/data/users.csv +3 -1
- data/db/master_data/features.csv +9 -0
- data/db/master_data/roles.csv +1 -0
- data/lib/tasks/usman/data.rake +15 -9
- data/lib/tasks/usman/master_data.rake +7 -3
- data/lib/usman/action_view/permissions_helper.rb +24 -0
- data/lib/usman/engine.rb +6 -0
- data/lib/usman/version.rb +1 -1
- data/lib/usman.rb +1 -0
- metadata +27 -12
- data/app/controllers/usman/api/v1/docs_base_controller.rb +0 -25
- data/app/views/kuppayam/api/docs/_navigation.html.erb +0 -67
- data/db/data/dummy/features.csv +0 -17
- data/db/data/dummy/roles.csv +0 -5
- data/db/data/features.csv +0 -17
- data/db/data/roles.csv +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 247fe28d994f29a5dae5161aab173588e3eabe02
|
4
|
+
data.tar.gz: 4eda2b63f0f9557cddd4a4eb4348a2f78949c8ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 13734dfb988c4ee34a328eab1ea00595d658ac7138adeecb6992fd0b186779e523d6899702d4a34f5c4fdf7e04ae88f572436ce4dbe9127aad224a326e8d9266
|
7
|
+
data.tar.gz: 2c6a701c84c9d4f2d805a78982ff94b0c3619e5097bdd091434adc6c513dc94b7d20c91ddd121aba3277c04351c6e23764bc979006a8d563f971fe3ac6206a93
|
data/README.md
CHANGED
@@ -49,12 +49,12 @@ open browser and go to /sign_in url
|
|
49
49
|
|
50
50
|
Specify the railties order if required in main application.rb
|
51
51
|
|
52
|
-
|
52
|
+
```bash
|
53
53
|
config.autoload_paths << "app/services"
|
54
54
|
config.railties_order = [:main_app, Usman::Engine, Kuppayam::Engine, :all]
|
55
55
|
```
|
56
56
|
|
57
|
-
# Seeding Data
|
57
|
+
# Seeding / Importing Data
|
58
58
|
|
59
59
|
run rake task for loading dummy data for users and features to start with.
|
60
60
|
|
@@ -73,7 +73,7 @@ $ bundle exec rake usman:import:dummy:permissions verbose=false
|
|
73
73
|
$ bundle exec rake usman:import:dummy:roles verbose=false
|
74
74
|
```
|
75
75
|
|
76
|
-
|
76
|
+
## Cusotmized Importing
|
77
77
|
|
78
78
|
You could override the seed files with your data.
|
79
79
|
just create db/import_data in your project folder and create the following files filled with your data in the required format (checkout the dummy csvs in usman db/import_data/dummy/features.csv) for the columns required
|
@@ -1,26 +1,9 @@
|
|
1
1
|
module Usman
|
2
|
-
class AdminController <
|
2
|
+
class AdminController < Usman::ApplicationController
|
3
3
|
|
4
|
-
include Usman::AuthenticationHelper
|
5
|
-
|
6
|
-
layout 'kuppayam/admin'
|
7
|
-
|
8
|
-
before_action :current_user
|
9
|
-
before_action :require_user
|
10
4
|
before_action :require_site_admin
|
11
5
|
|
12
6
|
private
|
13
7
|
|
14
|
-
def set_default_title
|
15
|
-
set_title("Usman Admin | User Management Module")
|
16
|
-
end
|
17
|
-
|
18
|
-
def configure_filter_param_mapping
|
19
|
-
@filter_param_mapping = default_filter_param_mapping
|
20
|
-
@filter_param_mapping[:super_admin] = :sa
|
21
|
-
@filter_param_mapping[:user] = :us
|
22
|
-
@filter_param_mapping[:feature] = :ft
|
23
|
-
end
|
24
|
-
|
25
8
|
end
|
26
9
|
end
|
@@ -1,7 +1,12 @@
|
|
1
1
|
module Usman
|
2
2
|
module Api
|
3
3
|
module V1
|
4
|
-
class DocsController <
|
4
|
+
class DocsController < Usman::AdminController
|
5
|
+
|
6
|
+
layout 'kuppayam/docs'
|
7
|
+
|
8
|
+
before_action :set_nav_items, :set_tab_items
|
9
|
+
helper_method :breadcrumb_home_path
|
5
10
|
|
6
11
|
def register
|
7
12
|
set_title("Register API")
|
@@ -33,7 +38,7 @@ module Usman
|
|
33
38
|
@example_path = "usman/api/v1/docs/"
|
34
39
|
@examples = ["pos_case_1", "pos_case_2", "pos_case_3", "neg_case_1", "neg_case_2", "neg_case_3"]
|
35
40
|
|
36
|
-
set_nav("docs/register")
|
41
|
+
set_nav("docs/usman/register")
|
37
42
|
|
38
43
|
render 'kuppayam/api/docs/show'
|
39
44
|
end
|
@@ -61,7 +66,7 @@ module Usman
|
|
61
66
|
@example_path = "usman/api/v1/docs/"
|
62
67
|
@examples = ["pos_case_1", "neg_case_1", "neg_case_2", "neg_case_3", "neg_case_4"]
|
63
68
|
|
64
|
-
set_nav("docs/resend_otp")
|
69
|
+
set_nav("docs/usman/resend_otp")
|
65
70
|
|
66
71
|
render 'kuppayam/api/docs/show'
|
67
72
|
end
|
@@ -90,7 +95,7 @@ module Usman
|
|
90
95
|
@example_path = "usman/api/v1/docs/"
|
91
96
|
@examples = ["pos_case_1", "pos_case_2", "neg_case_1", "neg_case_2", "neg_case_3", "neg_case_4"]
|
92
97
|
|
93
|
-
set_nav("docs/verify_otp")
|
98
|
+
set_nav("docs/usman/verify_otp")
|
94
99
|
|
95
100
|
render 'kuppayam/api/docs/show'
|
96
101
|
end
|
@@ -119,7 +124,7 @@ module Usman
|
|
119
124
|
@example_path = "usman/api/v1/docs/"#
|
120
125
|
@examples = ["pos_case_1", "neg_case_1", "neg_case_2", "neg_case_3"]
|
121
126
|
|
122
|
-
set_nav("docs/accept_tac")
|
127
|
+
set_nav("docs/usman/accept_tac")
|
123
128
|
|
124
129
|
render 'kuppayam/api/docs/show'
|
125
130
|
end
|
@@ -146,7 +151,7 @@ module Usman
|
|
146
151
|
@example_path = "usman/api/v1/docs/"#
|
147
152
|
@examples = ["pos_case_1", "pos_case_2", "pos_case_3", "neg_case_1", "neg_case_2", "neg_case_3"]
|
148
153
|
|
149
|
-
set_nav("docs/create_profile")
|
154
|
+
set_nav("docs/usman/create_profile")
|
150
155
|
|
151
156
|
render 'kuppayam/api/docs/show'
|
152
157
|
end
|
@@ -174,7 +179,7 @@ module Usman
|
|
174
179
|
@example_path = "usman/api/v1/docs/"#
|
175
180
|
@examples = ["pos_case_1", "pos_case_2", "pos_case_3", "neg_case_1", "neg_case_2", "neg_case_3"]
|
176
181
|
|
177
|
-
set_nav("docs/update_profile")
|
182
|
+
set_nav("docs/usman/update_profile")
|
178
183
|
|
179
184
|
render 'kuppayam/api/docs/show'
|
180
185
|
end
|
@@ -197,7 +202,7 @@ module Usman
|
|
197
202
|
@example_path = "usman/api/v1/docs/"
|
198
203
|
@examples = ["pos_case_1", "neg_case_1", "neg_case_2"]
|
199
204
|
|
200
|
-
set_nav("docs/get_profile_info")
|
205
|
+
set_nav("docs/usman/get_profile_info")
|
201
206
|
|
202
207
|
render 'kuppayam/api/docs/show'
|
203
208
|
end
|
@@ -223,7 +228,7 @@ module Usman
|
|
223
228
|
@example_path = "usman/api/v1/docs/"
|
224
229
|
@examples = ["pos_case_1", "neg_case_1", "neg_case_2"]
|
225
230
|
|
226
|
-
set_nav("docs/upload_profile_picture_base64")
|
231
|
+
set_nav("docs/usman/upload_profile_picture_base64")
|
227
232
|
|
228
233
|
render 'kuppayam/api/docs/show'
|
229
234
|
end
|
@@ -238,16 +243,17 @@ module Usman
|
|
238
243
|
eos
|
239
244
|
|
240
245
|
@input_headers = {
|
241
|
-
"Content-Type" => { value: "application/json", description: "The MIME media type for JSON text is application/json. This is to make sure that a valid json is returned. The default encoding is UTF-8. " },
|
242
246
|
"Authorization" => { value: "Token token=\"87b01adbba90824b57add8cc06ad8738\"", description: "Put the API Token here. You shall get the API token after registering your device" }
|
243
247
|
}
|
244
248
|
|
249
|
+
@warning = "Do not set Content Type Json as this is a multipart file upload request"
|
250
|
+
|
245
251
|
@input_params = {}
|
246
252
|
|
247
253
|
@example_path = "usman/api/v1/docs/"
|
248
254
|
@examples = ["pos_case_1", "neg_case_1", "neg_case_2", "neg_case_3"]
|
249
255
|
|
250
|
-
set_nav("docs/upload_profile_picture")
|
256
|
+
set_nav("docs/usman/upload_profile_picture")
|
251
257
|
|
252
258
|
render 'kuppayam/api/docs/show'
|
253
259
|
end
|
@@ -270,11 +276,46 @@ module Usman
|
|
270
276
|
@example_path = "usman/api/v1/docs/"
|
271
277
|
@examples = ["pos_case_1", "neg_case_1", "neg_case_2"]
|
272
278
|
|
273
|
-
set_nav("docs/delete_profile_picture")
|
279
|
+
set_nav("docs/usman/delete_profile_picture")
|
274
280
|
|
275
281
|
render 'kuppayam/api/docs/show'
|
276
282
|
end
|
277
283
|
|
284
|
+
private
|
285
|
+
|
286
|
+
def set_nav_items
|
287
|
+
@nav_items = {
|
288
|
+
register: { nav_class: "docs/usman/register", icon_class: "fa-group", url: usman.docs_api_v1_register_path, text: "Registraions API"},
|
289
|
+
resend_otp: { nav_class: "docs/usman/resend_otp", icon_class: "fa-send", url: usman.docs_api_v1_resend_otp_path, text: "Resend OTP API"},
|
290
|
+
verify_otp: { nav_class: "docs/usman/verify_otp", icon_class: "fa-thumbs-up", url: usman.docs_api_v1_verify_otp_path, text: "Verify OTP API"},
|
291
|
+
accept_tac: { nav_class: "docs/usman/accept_tac", icon_class: "fa-check-square-o", url: usman.docs_api_v1_accept_tac_path, text: "Accept T&C API"},
|
292
|
+
create_profile: { nav_class: "docs/usman/create_profile", icon_class: "fa-user", url: usman.docs_api_v1_create_profile_path, text: "Create Profile API"},
|
293
|
+
update_profile: { nav_class: "docs/usman/update_profile", icon_class: "fa-user", url: usman.docs_api_v1_update_profile_path, text: "Update Profile API"},
|
294
|
+
get_profile_info: { nav_class: "docs/usman/get_profile_info", icon_class: "fa-user", url: usman.docs_api_v1_get_profile_info_path, text: "Get Profile Info API"},
|
295
|
+
upload_profile_picture_base64: { nav_class: "docs/usman/upload_profile_picture_base64", icon_class: "fa-photo", url: usman.docs_api_v1_upload_profile_picture_base64_path, text: "Upload Profile Picture (Base64)"},
|
296
|
+
upload_profile_picture: { nav_class: "docs/usman/upload_profile_picture", icon_class: "fa-photo", url: usman.docs_api_v1_upload_profile_picture_path, text: "Upload Profile Picture"},
|
297
|
+
delete_profile_picture: { nav_class: "docs/usman/delete_profile_picture", icon_class: "fa-photo", url: usman.docs_api_v1_delete_profile_picture_path, text: "Remove Profile Picture"}
|
298
|
+
}
|
299
|
+
end
|
300
|
+
|
301
|
+
def set_tab_items
|
302
|
+
@tab_items = {
|
303
|
+
usman: { nav_class: "docs/usman", icon_class: "fa-group", url: usman.docs_api_v1_register_path, text: "User APIs"}
|
304
|
+
}
|
305
|
+
end
|
306
|
+
|
307
|
+
def breadcrumb_home_path
|
308
|
+
usman.dashboard_path
|
309
|
+
end
|
310
|
+
|
311
|
+
def breadcrumbs_configuration
|
312
|
+
{
|
313
|
+
heading: "Usman - API Documentation",
|
314
|
+
description: "A brief documentation of all APIs implemented in the gem Usman with input and output details and examples",
|
315
|
+
links: []
|
316
|
+
}
|
317
|
+
end
|
318
|
+
|
278
319
|
end
|
279
320
|
end
|
280
321
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
module Usman
|
2
2
|
class FeaturesController < ResourceController
|
3
3
|
|
4
|
-
before_action :
|
4
|
+
before_action :require_super_admin
|
5
5
|
|
6
6
|
private
|
7
7
|
|
@@ -57,7 +57,9 @@ module Usman
|
|
57
57
|
{
|
58
58
|
page_title: "Features",
|
59
59
|
js_view_path: "/kuppayam/workflows/parrot",
|
60
|
-
view_path: "/usman/features"
|
60
|
+
view_path: "/usman/features",
|
61
|
+
show_modal_after_create: false,
|
62
|
+
show_modal_after_update: false
|
61
63
|
}
|
62
64
|
end
|
63
65
|
|
@@ -26,6 +26,8 @@ module Usman
|
|
26
26
|
@relation = Permission.where("")
|
27
27
|
|
28
28
|
parse_filters
|
29
|
+
|
30
|
+
# @user = User.normal_users.first if @user.blank? && @feature.blank?
|
29
31
|
apply_filters
|
30
32
|
|
31
33
|
@permissions = @r_objects = @relation.includes(:user, :feature).page(@current_page).per(@per_page)
|
@@ -35,7 +37,9 @@ module Usman
|
|
35
37
|
|
36
38
|
def apply_filters
|
37
39
|
@relation = @relation.search(@query) if @query
|
38
|
-
@
|
40
|
+
@relation = @relation.where("user_id = ?", @user.id) if @user
|
41
|
+
@relation = @relation.where("feature_id = ?", @feature.id) if @feature
|
42
|
+
@order_by = "created_at DESC" unless @order_by
|
39
43
|
@relation = @relation.order(@order_by)
|
40
44
|
end
|
41
45
|
|
@@ -52,14 +56,41 @@ module Usman
|
|
52
56
|
end
|
53
57
|
|
54
58
|
def configure_filter_ui_settings
|
55
|
-
@filter_ui_settings = {
|
59
|
+
@filter_ui_settings = {
|
60
|
+
user: {
|
61
|
+
object_filter: true,
|
62
|
+
select_label: 'Select User',
|
63
|
+
current_value: @user,
|
64
|
+
values: User.normal_users.order(:name).all,
|
65
|
+
current_filters: @filters,
|
66
|
+
url_method_name: 'permissions_url',
|
67
|
+
filters_to_remove: [:user],
|
68
|
+
filters_to_add: { feature: @feature.try(:id) },
|
69
|
+
show_null_filter_on_top: false,
|
70
|
+
show_all_filter_on_top: true
|
71
|
+
},
|
72
|
+
feature: {
|
73
|
+
object_filter: true,
|
74
|
+
select_label: 'Select Feature',
|
75
|
+
current_value: @feature,
|
76
|
+
values: Feature.order(:name).all,
|
77
|
+
current_filters: @filters,
|
78
|
+
url_method_name: 'permissions_url',
|
79
|
+
filters_to_remove: [:feature],
|
80
|
+
filters_to_add: { user: @user.try(:id) },
|
81
|
+
show_null_filter_on_top: false,
|
82
|
+
show_all_filter_on_top: true
|
83
|
+
}
|
84
|
+
}
|
56
85
|
end
|
57
86
|
|
58
87
|
def resource_controller_configuration
|
59
88
|
{
|
60
89
|
page_title: "Permissions",
|
61
90
|
js_view_path: "/kuppayam/workflows/parrot",
|
62
|
-
view_path: "/usman/permissions"
|
91
|
+
view_path: "/usman/permissions",
|
92
|
+
show_modal_after_create: false,
|
93
|
+
show_modal_after_update: false
|
63
94
|
}
|
64
95
|
end
|
65
96
|
|
@@ -2,8 +2,13 @@ module Usman
|
|
2
2
|
class ResourceController < ApplicationController
|
3
3
|
|
4
4
|
include ResourceHelper
|
5
|
-
before_action :configure_resource_controller
|
6
5
|
|
6
|
+
before_action :configure_resource_controller
|
7
|
+
before_action :require_read_permission, only: [:index, :show]
|
8
|
+
before_action :require_create_permission, only: [:new, :create]
|
9
|
+
before_action :require_update_permission, only: [:edit, :update, :update_status, :mark_as_featured, :remove_from_featured]
|
10
|
+
before_action :require_delete_permission, only: [:destroy]
|
11
|
+
|
7
12
|
private
|
8
13
|
|
9
14
|
def set_default_title
|
@@ -2,12 +2,22 @@ module Usman
|
|
2
2
|
module AuthenticationHelper
|
3
3
|
|
4
4
|
private
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
5
|
+
|
6
|
+
# --------------
|
7
|
+
# Common Methods
|
8
|
+
# --------------
|
9
|
+
|
10
|
+
def set_params_hsh
|
11
|
+
@params_hsh = {}
|
12
|
+
@params_hsh[:client_app] = params[:client_app] if params[:client_app]
|
13
|
+
@params_hsh[:redirect_back_url] = params[:redirect_back_url] if params[:redirect_back_url]
|
14
|
+
@params_hsh[:requested_url] = request.original_url if request.get?
|
9
15
|
end
|
10
16
|
|
17
|
+
def permission_denied
|
18
|
+
render :file => "layouts/kuppayam/401", layout: 'layouts/kuppayam/blank_with_nav', :status => :unauthorized
|
19
|
+
end
|
20
|
+
|
11
21
|
# Returns the default URL to which the system should redirect the user after successful authentication
|
12
22
|
def default_redirect_url_after_sign_in
|
13
23
|
main_app.user_landing_url
|
@@ -18,15 +28,21 @@ module Usman
|
|
18
28
|
usman.sign_in_url
|
19
29
|
end
|
20
30
|
|
31
|
+
# -----------------
|
32
|
+
# Redirect Methods
|
33
|
+
# -----------------
|
34
|
+
|
21
35
|
# Method to handle the redirection after unsuccesful authentication
|
22
36
|
# This method should also handle the redirection if it has come through a client appliction for authentication
|
23
37
|
# In that case, it should persist the params passed by the client application
|
24
|
-
def redirect_after_unsuccessful_authentication
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
38
|
+
def redirect_after_unsuccessful_authentication(redirect_to_last_page=true)
|
39
|
+
if redirect_to_last_page
|
40
|
+
set_params_hsh
|
41
|
+
redirect_to add_query_params(default_sign_in_url, @params_hsh)
|
42
|
+
else
|
43
|
+
redirect_to default_sign_in_url
|
44
|
+
end
|
45
|
+
|
30
46
|
return
|
31
47
|
end
|
32
48
|
|
@@ -56,25 +72,21 @@ module Usman
|
|
56
72
|
end
|
57
73
|
end
|
58
74
|
|
59
|
-
def redirect_or_popup_to_default_sign_in_page
|
75
|
+
def redirect_or_popup_to_default_sign_in_page(redirect_to_last_page=true)
|
60
76
|
respond_to do |format|
|
61
77
|
format.html {
|
62
|
-
redirect_after_unsuccessful_authentication
|
78
|
+
redirect_after_unsuccessful_authentication(redirect_to_last_page)
|
63
79
|
}
|
64
80
|
format.js {
|
65
|
-
|
66
|
-
@params_hsh[:client_app] = params[:client_app] if params[:client_app]
|
67
|
-
@params_hsh[:redirect_back_url] = params[:redirect_back_url] if params[:redirect_back_url]
|
68
|
-
@params_hsh[:requested_url] = request.original_url if request.get?
|
69
|
-
|
81
|
+
set_params_hsh if redirect_to_last_page
|
70
82
|
render(:partial => 'usman/sessions/sign_in.js.erb', :handlers => [:erb], :formats => [:js])
|
71
83
|
}
|
72
84
|
end
|
73
85
|
end
|
74
86
|
|
75
|
-
|
76
|
-
|
77
|
-
|
87
|
+
# -------------------
|
88
|
+
# Permission Helpers
|
89
|
+
# -------------------
|
78
90
|
|
79
91
|
# This method is widely used to create the @current_user object from the session
|
80
92
|
# This method will return @current_user if it already exists which will save queries when called multiple times
|
@@ -90,7 +102,6 @@ module Usman
|
|
90
102
|
unless @current_user
|
91
103
|
text = "#{I18n.t("authentication.login_required.heading")}"
|
92
104
|
set_flash_message(text, :error, false) if defined?(flash) && flash
|
93
|
-
|
94
105
|
redirect_or_popup_to_default_sign_in_page
|
95
106
|
return
|
96
107
|
end
|
@@ -101,8 +112,7 @@ module Usman
|
|
101
112
|
unless @current_user.super_admin?
|
102
113
|
text = "#{I18n.t("authentication.permission_denied.heading")}: #{I18n.t("authentication.permission_denied.message")}"
|
103
114
|
set_flash_message(text, :error, false) if defined?(flash) && flash
|
104
|
-
|
105
|
-
redirect_or_popup_to_default_sign_in_page
|
115
|
+
redirect_or_popup_to_default_sign_in_page(false)
|
106
116
|
end
|
107
117
|
end
|
108
118
|
|
@@ -110,24 +120,82 @@ module Usman
|
|
110
120
|
return true if @current_user && @current_user.super_admin?
|
111
121
|
unless @current_user && @current_user.has_role?("Site Admin")
|
112
122
|
respond_to do |format|
|
113
|
-
format.html {
|
114
|
-
#text = "#{I18n.t("authentication.permission_denied.heading")}: #{I18n.t("authentication.permission_denied.message")}"
|
115
|
-
#set_flash_message(text, :error, false) if defined?(flash) && flash
|
116
|
-
#redirect_after_unsuccessful_authentication
|
117
|
-
permission_denied
|
118
|
-
}
|
123
|
+
format.html { permission_denied }
|
119
124
|
format.js {
|
120
|
-
|
121
|
-
@params_hsh[:client_app] = params[:client_app] if params[:client_app]
|
122
|
-
@params_hsh[:redirect_back_url] = params[:redirect_back_url] if params[:redirect_back_url]
|
123
|
-
@params_hsh[:requested_url] = request.original_url if request.get?
|
124
|
-
|
125
|
+
set_params_hsh
|
125
126
|
render(:partial => 'usman/sessions/sign_in.js.erb', :handlers => [:erb], :formats => [:js])
|
126
127
|
}
|
127
128
|
end
|
128
129
|
end
|
129
130
|
end
|
130
131
|
|
132
|
+
def require_read_permission
|
133
|
+
return true if @current_user && @current_user.super_admin?
|
134
|
+
current_permission
|
135
|
+
unless (@current_permission && @current_permission.can_read?)
|
136
|
+
respond_to do |format|
|
137
|
+
format.html { permission_denied }
|
138
|
+
format.js {
|
139
|
+
set_params_hsh
|
140
|
+
render(:partial => 'usman/sessions/permission_denied.js.erb', :handlers => [:erb], :formats => [:js])
|
141
|
+
}
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|
145
|
+
|
146
|
+
def require_create_permission
|
147
|
+
return true if @current_user && @current_user.super_admin?
|
148
|
+
current_permission
|
149
|
+
unless (@current_permission && @current_permission.can_create?)
|
150
|
+
respond_to do |format|
|
151
|
+
format.html { permission_denied }
|
152
|
+
format.js {
|
153
|
+
set_params_hsh
|
154
|
+
render(:partial => 'usman/sessions/permission_denied.js.erb', :handlers => [:erb], :formats => [:js])
|
155
|
+
}
|
156
|
+
end
|
157
|
+
end
|
158
|
+
end
|
159
|
+
|
160
|
+
def require_update_permission
|
161
|
+
return true if @current_user && @current_user.super_admin?
|
162
|
+
current_permission
|
163
|
+
unless (@current_permission && @current_permission.can_update?)
|
164
|
+
respond_to do |format|
|
165
|
+
format.html { permission_denied }
|
166
|
+
format.js {
|
167
|
+
set_params_hsh
|
168
|
+
render(:partial => 'usman/sessions/permission_denied.js.erb', :handlers => [:erb], :formats => [:js])
|
169
|
+
}
|
170
|
+
end
|
171
|
+
end
|
172
|
+
end
|
173
|
+
|
174
|
+
def require_delete_permission
|
175
|
+
return true if @current_user && @current_user.super_admin?
|
176
|
+
current_permission
|
177
|
+
unless (@current_permission && @current_permission.can_delete?)
|
178
|
+
respond_to do |format|
|
179
|
+
format.html { permission_denied }
|
180
|
+
format.js {
|
181
|
+
set_params_hsh
|
182
|
+
render(:partial => 'usman/sessions/permission_denied.js.erb', :handlers => [:erb], :formats => [:js])
|
183
|
+
}
|
184
|
+
end
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
def current_permission
|
189
|
+
feature_class = @resource_options[:feature_class] || @resource_options[:class]
|
190
|
+
@current_feature = Feature.published.find_by_name(feature_class)
|
191
|
+
feature_id = @current_feature ? @current_feature.id : -1
|
192
|
+
@current_permission = @current_user.permissions.where("feature_id = ?", feature_id).first
|
193
|
+
end
|
194
|
+
|
195
|
+
# -------------------
|
196
|
+
# Masquerade Helpers
|
197
|
+
# -------------------
|
198
|
+
|
131
199
|
# This method is only used for masquerading. When admin masquerade as user A and then as B, when he logs out as B he should be logged in back as A
|
132
200
|
# This is accomplished by storing the last user id in session and activating it when user is logged off
|
133
201
|
def restore_last_user
|
data/app/models/feature.rb
CHANGED
@@ -53,7 +53,7 @@ class Feature < Usman::ApplicationRecord
|
|
53
53
|
|
54
54
|
feature = Feature.find_by_name(hsh[:name]) || Feature.new
|
55
55
|
feature.name = hsh[:name]
|
56
|
-
feature.status =
|
56
|
+
feature.status = hsh[:status]
|
57
57
|
|
58
58
|
if feature.valid?
|
59
59
|
begin
|
@@ -160,7 +160,7 @@ class Feature < Usman::ApplicationRecord
|
|
160
160
|
# >>> feature.display_name
|
161
161
|
# => "Products"
|
162
162
|
def display_name
|
163
|
-
"#{name}"
|
163
|
+
"#{name.to_s.demodulize.pluralize.titleize}"
|
164
164
|
end
|
165
165
|
|
166
166
|
end
|
data/app/models/permission.rb
CHANGED
data/app/models/user.rb
CHANGED
@@ -354,6 +354,71 @@ class User < Usman::ApplicationRecord
|
|
354
354
|
end
|
355
355
|
end
|
356
356
|
|
357
|
+
# Permission Methods
|
358
|
+
# ------------------
|
359
|
+
|
360
|
+
def add_permission(feature_name, **options)
|
361
|
+
options.reverse_merge!(
|
362
|
+
can_create: false,
|
363
|
+
can_read: true,
|
364
|
+
can_update: false,
|
365
|
+
can_delete: false
|
366
|
+
)
|
367
|
+
feature = Feature.find_by_name(feature_name)
|
368
|
+
permission = self.permissions.where("feature_id = ?", feature.id).first || self.permissions.build
|
369
|
+
permission.feature = feature
|
370
|
+
permission.can_create = options[:can_create]
|
371
|
+
permission.can_read = options[:can_read]
|
372
|
+
permission.can_update = options[:can_update]
|
373
|
+
permission.can_delete = options[:can_delete]
|
374
|
+
permission.save
|
375
|
+
permission
|
376
|
+
end
|
377
|
+
|
378
|
+
def has_read_permission?(class_name)
|
379
|
+
return true if self.super_admin
|
380
|
+
feature = Feature.published.find_by_name(class_name.to_s)
|
381
|
+
if feature
|
382
|
+
permission = Permission.where("feature_id =?", feature.id).first
|
383
|
+
return permission && permission.can_read?
|
384
|
+
else
|
385
|
+
return false
|
386
|
+
end
|
387
|
+
end
|
388
|
+
|
389
|
+
def has_create_permission?(class_name)
|
390
|
+
return true if self.super_admin
|
391
|
+
feature = Feature.published.find_by_name(class_name.to_s)
|
392
|
+
if feature
|
393
|
+
permission = Permission.where("feature_id =?", feature.id).first
|
394
|
+
return permission && permission.can_create?
|
395
|
+
else
|
396
|
+
return false
|
397
|
+
end
|
398
|
+
end
|
399
|
+
|
400
|
+
def has_update_permission?(class_name)
|
401
|
+
return true if self.super_admin
|
402
|
+
feature = Feature.published.find_by_name(class_name.to_s)
|
403
|
+
if feature
|
404
|
+
permission = Permission.where("feature_id =?", feature.id).first
|
405
|
+
return permission && permission.can_update?
|
406
|
+
else
|
407
|
+
return false
|
408
|
+
end
|
409
|
+
end
|
410
|
+
|
411
|
+
def has_delete_permission?(class_name)
|
412
|
+
return true if self.super_admin
|
413
|
+
feature = Feature.published.find_by_name(class_name.to_s)
|
414
|
+
if feature
|
415
|
+
permission = Permission.where("feature_id =?", feature.id).first
|
416
|
+
return permission && permission.can_delete?
|
417
|
+
else
|
418
|
+
return false
|
419
|
+
end
|
420
|
+
end
|
421
|
+
|
357
422
|
# Other Methods
|
358
423
|
# -------------
|
359
424
|
|