diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 8b5af54af..f7372d2aa 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,7 +1,45 @@ +# coding: UTF-8 class ApplicationController < ActionController::Base protect_from_forgery layout :layout_by_resource - + private + def checkright(role_id) + @role=Role.find(role_id) + if @role.name.downcase!="admin" + @c = self.controller_name + @a = self.action_name + case @c + when "projects" + case @a + when "new", "show", "create" + @right=1,2 + when "build", "process_build" + @right=3 + end + when "repositories" + case @a + when "show" + @right=4 + when "add_project", "remove_project" + @right=5 + when "new", "create" + @right=6 + end + when "platforms" + case @a + when "edit", "update", "freeze", "unfreeze" + @right=7 + end + else return true + end + Permission.where(:role_id => @role.id, :right_id => @right).first + @ok=false if @permission.nil? + if not @ok + flash[:notice] = t('layout.not_access') + redirect_to(:back) + end + end + end protected def layout_by_resource if devise_controller? @@ -11,12 +49,6 @@ class ApplicationController < ActionController::Base end end - def get_acter - return User.find params[:user_id] if params[:user_id] - return Group.find params[:group_id] if params[:group_id] - return current_user - end - def authenticate_build_service! if request.remote_ip != APP_CONFIG['build_service_ip'] render :nothing => true, :status => 403 diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb new file mode 100644 index 000000000..2a6429bdb --- /dev/null +++ b/app/controllers/roles_controller.rb @@ -0,0 +1,60 @@ +class RolesController < ApplicationController + before_filter :find_role, :only => [:show, :edit, :update, :destroy] + + def index + @roles = Role.all + end + + def show + @permissions = Permission.where(:role_id => @role.id) + end + + def new + @role = Role.new + end + + def edit + end + + def create + @role = Role.new(params[:role]) + if @role.save + for right in params[:right][:id] + Permission.create(:role_id => @role.id, :right_id => right) + end + flash[:notice] = t('flash.role.saved') + redirect_to roles_path + else + flash[:error] = t('flash.role.save_error') + render :action => :new + end + end + + def update + if @role.update_attributes(params[:role]) + if params[:right][:id] + Permission.destroy_all(:role_id => @role.id) + for right in params[:right][:id] + Permission.create(:role_id => @role.id, :right_id => right) + end + end + flash[:notice] = t('flash.role.saved') + redirect_to roles_path + else + flash[:error] = t('flash.role.save_error') + render :action => :edit + end + end + + def destroy + @role.destroy + Permission.destroy_all(:role_id => params[:id]) + flash[:notice] = t("flash.role.destroyed") + redirect_to roles_path + end + + protected + def find_role + @role = Role.find(params[:id]) + end +end \ No newline at end of file diff --git a/app/models/permission.rb b/app/models/permission.rb index da2599966..5db19cfa5 100644 --- a/app/models/permission.rb +++ b/app/models/permission.rb @@ -1,4 +1,33 @@ class Permission < ActiveRecord::Base - belongs_to :right belongs_to :role -end + def name + Permission.right(self.right_id) + end + def self.get_rights_list + res=[] + for k in 1..8 + res << [Permission.right(k), k] + end + return res + end + def self.right(n) + case n + when 1 + "Проекты - Чтение" + when 2 + "Проекты - Чтение/Запись" + when 3 + "Проекты - Сборка" + when 4 + "Репозиторий - Просмотр" + when 5 + "Репозиторий - Изменение состава пакетов" + when 6 + "Платформа - Создание/Удаление репозиториев" + when 7 + "Платформа - Изменение параметров платформы" + when 8 + "Платформа - Сборка" + end + end +end \ No newline at end of file diff --git a/app/models/right.rb b/app/models/right.rb deleted file mode 100644 index 8289fc2e8..000000000 --- a/app/models/right.rb +++ /dev/null @@ -1,2 +0,0 @@ -class Right < ActiveRecord::Base -end diff --git a/app/models/role.rb b/app/models/role.rb index cf9a70496..85e31b9da 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -1,5 +1,4 @@ class Role < ActiveRecord::Base has_many :permissions - has_many :rights, :through => :permissions has_many :relations end diff --git a/app/views/roles/_form.html.haml b/app/views/roles/_form.html.haml new file mode 100644 index 000000000..8710ea245 --- /dev/null +++ b/app/views/roles/_form.html.haml @@ -0,0 +1,15 @@ +.group + = f.label :name, t("activerecord.attributes.role.name"), :class => :label + = f.text_field :name, :class => 'text_field' +.group + %label.label Разрешения + - rights = Permission.get_rights_list + - rights_selected = Permission.where(:role_id => @role.id).map { |perm| perm.right_id } + = select_tag("right[id]", options_for_select(rights, rights_selected), :size => 10, :multiple => true) + +.group.navform.wat-cf + %button.button{:type => "submit"} + = image_tag("web-app-theme/icons/tick.png", :alt => t("layout.save")) + = t("layout.save") + %span.text_button_padding= t("layout.or") + = link_to t("layout.cancel"), roles_path, :class => "text_button_padding link_button" \ No newline at end of file diff --git a/app/views/roles/_sidebar.html.haml b/app/views/roles/_sidebar.html.haml new file mode 100644 index 000000000..e69de29bb diff --git a/app/views/roles/edit.html.haml b/app/views/roles/edit.html.haml new file mode 100644 index 000000000..8f833ba6d --- /dev/null +++ b/app/views/roles/edit.html.haml @@ -0,0 +1,12 @@ +.block + .secondary-navigation + %ul.wat-cf + %li.first= link_to t("layout.roles.list"), roles_path + %li= link_to t("layout.roles.new"), new_role_path + %li.active= link_to t("layout.roles.edit"), edit_role_path + .content + %h2.title= t("layout.roles.edit_header") + .inner + = form_for @role, :url => role_path(@role), :html => { :class => :form } do |f| + = render :partial => "form", :locals => {:f => f} +- content_for :sidebar, render(:partial => 'sidebar') diff --git a/app/views/roles/index.html.haml b/app/views/roles/index.html.haml new file mode 100644 index 000000000..3462e5071 --- /dev/null +++ b/app/views/roles/index.html.haml @@ -0,0 +1,30 @@ +.block + .secondary-navigation + %ul.wat-cf + %li.first.active= link_to t("layout.roles.list"), roles_path + %li= link_to t("layout.roles.new"), new_role_path + .content + %h2.title + = t("layout.roles.list_header") + .inner + -unless @roles.empty? + %table.table + %tr + %th.first ID + %th= t("activerecord.attributes.role.name") + %th.last   + - @roles.each do |role| + %tr{:class => cycle("odd", "even")} + %td + = role.id + %td + = link_to role.name, role_path(role) + %td.last + #{link_to t("layout.show"), role_path(role)} | #{link_to t("layout.edit"), edit_role_path(role)} | #{link_to t("layout.delete"), role_path(role), :method => :delete, :confirm => t("layout.roles.confirm_delete")} + .actions-bar.wat-cf + .actions + -else + .inner + %label.label Роли отсутствуют, + = link_to "создать новую роль", new_role_path +- content_for :sidebar, render(:partial => 'sidebar') diff --git a/app/views/roles/new.html.haml b/app/views/roles/new.html.haml new file mode 100644 index 000000000..c433a39ed --- /dev/null +++ b/app/views/roles/new.html.haml @@ -0,0 +1,11 @@ +.block + .secondary-navigation + %ul.wat-cf + %li.first= link_to t("layout.roles.list"), roles_path + %li.active= link_to t("layout.roles.new"), new_role_path + .content + %h2.title= t("layout.roles.new_header") + .inner + = form_for :role, :url => roles_path, :html => { :class => :form } do |f| + = render :partial => "form", :locals => {:f => f} +- content_for :sidebar, render(:partial => 'sidebar') \ No newline at end of file diff --git a/app/views/roles/show.html.haml b/app/views/roles/show.html.haml new file mode 100644 index 000000000..6a98822b6 --- /dev/null +++ b/app/views/roles/show.html.haml @@ -0,0 +1,38 @@ +.block + .secondary-navigation + %ul.wat-cf + %li.first= link_to t("layout.roles.list"), roles_path + %li= link_to t("layout.roles.new"), new_role_path + %li.active= link_to t("layout.roles.show"), role_path + .content + .inner + %p + %b + Id + \: + = @role.id + %p + %b + = t("activerecord.attributes.role.name") + \: + = @role.name + %p + %b + = t("activerecord.models.permission") + \: + -unless @permissions.empty? + %table.table + %tr + %th.first ID + %th= t("activerecord.attributes.right.name") + - @permissions.each do |permission| + %tr{:class => cycle("odd", "even")} + %td + = permission.right_id + %td + = permission.name + .wat-cf + = link_to image_tag("web-app-theme/icons/application_edit.png", :alt => t("layout.edit")) + " " + t("layout.edit"), edit_role_path(@role), :class => "button" + = link_to image_tag("web-app-theme/icons/cross.png", :alt => t("layout.delete")) + " " + t("layout.delete"), role_path(@role), :method => "delete", :class => "button", :confirm => t("layout.users.confirm_delete") + +- content_for :sidebar, render(:partial => 'sidebar') diff --git a/db/migrate/20111012222824_create_rights.rb b/db/migrate/20111012222824_create_rights.rb deleted file mode 100644 index 37f5cfaaf..000000000 --- a/db/migrate/20111012222824_create_rights.rb +++ /dev/null @@ -1,14 +0,0 @@ -class CreateRights < ActiveRecord::Migration - def self.up - create_table :rights do |t| - t.integer :id - t.string :name - - t.timestamps - end - end - - def self.down - drop_table :rights - end -end diff --git a/db/migrate/20111012223306_create_roles.rb b/db/migrate/20111012223306_create_roles.rb index 947201455..b5693219d 100644 --- a/db/migrate/20111012223306_create_roles.rb +++ b/db/migrate/20111012223306_create_roles.rb @@ -3,8 +3,6 @@ class CreateRoles < ActiveRecord::Migration create_table :roles do |t| t.integer :id t.string :name - t.string :to - t.string :on t.timestamps end