bike
/
BikeShed-1
mirror of https://github.com/fspc/BikeShed-1.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #27 from spacemunkay/denney-fix-some-cancan 

Fixing some cancan permission issues… i think
eperez-timeinput
jnm 11 years ago
parent
fa51dd25f3 854c8efaa9
commit
7a935c250b
4 changed files with 38 additions and 29 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      app/components/app_tab_panel.rb
  2. 21
      app/components/transaction_logs.rb
  3. 13
      app/components/user_logs.rb
  4. 4
      app/models/ability.rb

29
app/components/app_tab_panel.rb
View File

@ -26,31 +26,34 @@ class AppTabPanel < Netzke::Basepack::TabPanel
title: "Brands/Models"}
]
#for users
if controller.current_user.role?(:user)
# (had to use hash for borders to get the title to display properly)
#for users only
if not controller.current_user.role?(:admin)
@@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :user_profile_border,
title: "Profile"},
title: "My Profile"},
{ layout: :fit,
wrappedComponent: :user_transactions_border,
title: "Transactions"}
title: "My Transactions"}
]
end
#for admins
if controller.current_user.role?(:admin)
# (had to use hash for borders to get the title to display properly)
if can? :manage, User
@@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :users_and_profiles_border,
title: "Users/Profiles"},
{ layout: :fit,
title: "Users/Profiles"}]
end
if can? :manage, Transaction
@@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :transactions_border,
title: "Transactions"},
:logs,
{ layout: :fit,
title: "Users/Transactions"}]
end
if can? :manage, ::ActsAsLoggable::Log.all
@@app_tab_panel_items.concat [:logs, :check_ins]
end
if can? :manage, Role
@@app_tab_panel_items.concat [{ layout: :fit,
wrappedComponent: :user_role_joins,
title: "User Roles"},
:check_ins
]
end

21
app/components/transaction_logs.rb
View File

@ -29,22 +29,21 @@ class TransactionLogs < Netzke::Basepack::Grid
}
]
c.prohibit_update = true if cannot? :update, ::ActsAsLoggable::Log
c.prohibit_create = true if cannot? :create, ::ActsAsLoggable::Log
c.prohibit_delete = true if cannot? :delete, ::ActsAsLoggable::Log
@transaction_logs = ::ActsAsLoggable::Log.where(:loggable_type => "Transaction").all
c.prohibit_update = true if cannot? :update, @transaction_logs
c.prohibit_create = true if cannot? :create, @transaction_logs
c.prohibit_delete = true if cannot? :delete, @transaction_logs
end
def default_fields_for_forms
customer = nil
item = nil
if session[:selected_transaction_id]
trans = Transaction.find_by_id(session[:selected_transaction_id])
customer = "No Customer Selected"
item = "No Item Selected"
trans = Transaction.find_by_id(session[:selected_transaction_id])
if trans
customer = trans.customer
item = trans.item
end
customer = "No Customer Selected" if customer.nil?
item = "No Item Selected" if item.nil?
[
{ :no_binding => true, :xtype => 'displayfield', :fieldLabel => "Payment from:", :value => "#{customer.to_s}"},
{ :no_binding => true, :xtype => 'displayfield', :fieldLabel => "Payment for:", :value => "#{item.to_s}"},
@ -58,8 +57,8 @@ class TransactionLogs < Netzke::Basepack::Grid
#override with nil to remove actions
def default_bbar
bbar = [ :search ]
bbar.concat [ :apply ] if can? :update, ::ActsAsLoggable::Log
bbar.concat [:add_in_form ] if can? :create, ::ActsAsLoggable::Log
bbar.concat [ :apply ] if can? :update, @transaction_logs
bbar.concat [:add_in_form ] if can? :create, @transaction_logs
bbar
end

13
app/components/user_logs.rb
View File

@ -14,10 +14,16 @@ class UserLogs < Netzke::Basepack::Grid
:copy_action_id => 4
}
if can? :manage, ::ActsAsLoggable::Log
#this seems inefficient
if can? :manage, ::ActsAsLoggable::Log.where(:loggable_type => "User").all
#admins and staff
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => session[:selected_user_id]);}
user_log_strong_default_attrs.merge!( { :loggable_id => session[:selected_user_id] } )
#if selected user nil, then the admin is viewing their own profile
selected_user = User.find_by_id(session[:selected_user_id])
selected_user = controller.current_user if selected_user.nil?
user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => selected_user.id );}
user_log_strong_default_attrs.merge!( { :loggable_id => selected_user.id } )
user_log_data_store = {auto_load: true }
else
#just users
@ -54,6 +60,7 @@ class UserLogs < Netzke::Basepack::Grid
current_user ||= User.find_by_id(session[:selected_user_id]) || controller.current_user
bike_id = current_user.bike.nil? ? nil : current_user.bike.id
[
{ :no_binding => true, :xtype => 'displayfield', :fieldLabel => "Log for:", :value => "#{current_user.to_s}"},
{ :name => :start_date},
{ :name => :end_date},
{ :name => :description},

4
app/models/ability.rb
View File

@ -24,7 +24,7 @@ class Ability
def user
can :read, :all
can :manage, Bike, :id => @current_user.bike_id unless @current_user.bike.nil?
can :manage, ::ActsAsLoggable::Log, { :loggable_type => "Bike", :loggable_id => @current_user.bike_id }
can :manage, ::ActsAsLoggable::Log, { :loggable_type => "User", :loggable_id => @current_user.id }
can :manage, ::ActsAsLoggable::Log, :loggable_type => "Bike", :loggable_id => @current_user.bike_id
can :manage, ::ActsAsLoggable::Log, :loggable_type => "User", :loggable_id => @current_user.id
end
end

Write Preview
Loading…
Cancel
Save