Class: Caboose::RolesController

Inherits:
ApplicationController show all
Defined in:
app/controllers/caboose/roles_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#admin_add, #admin_bulk_add, #admin_bulk_delete, #admin_bulk_update, #admin_delete, #admin_edit, #admin_index, #admin_json, #admin_json_single, #admin_update, #before_before_action, #hashify_query_string, #init_cart, #logged_in?, #logged_in_user, #login_user, #logout_user, #parse_url_params, #reject_param, #user_is_allowed, #user_is_allowed_to, #validate_cookie, #validate_token, #var, #verify_logged_in

Instance Method Details

#add_permissionObject

POST /admin/roles/:id/permissions/:permission_id



99
100
101
102
103
104
105
# File 'app/controllers/caboose/roles_controller.rb', line 99

def add_permission
  return if !user_is_allowed('roles', 'edit')
  if !RolePermission.where(:role_id => params[:id], :permission_id => params[:permission_id], ).exists?
    RolePermission.create(:role_id => params[:id], :permission_id => params[:permission_id])
  end
  render :json => true
end

#add_role_options(role, level) ⇒ Object



126
127
128
129
130
131
132
133
134
135
# File 'app/controllers/caboose/roles_controller.rb', line 126

def add_role_options(role, level)
  arr = [{ 
    "value" => role.id, 
    "text" => (" - " * level) + role.name 
  }]
  role.children.each do |kid|
    arr += add_role_options(kid, level + 1)
  end
  return arr
end

#before_actionObject



5
6
7
# File 'app/controllers/caboose/roles_controller.rb', line 5

def before_action
  @page = Page.page_with_uri(request.host_with_port, '/admin')
end

#createObject

POST /admin/roles



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# File 'app/controllers/caboose/roles_controller.rb', line 31

def create
  return unless user_is_allowed('roles', 'add')
  
  resp = StdClass.new({
      'error' => nil,
      'redirect' => nil
  })
  
  role = Role.new()
  role.parent_id = params[:parent_id]
  role.name = params[:name]    
  role.save
  
  resp.redirect = "/admin/roles/#{role.id}/edit"
  render json: resp
end

#destroyObject

DELETE /admin/roles/1



91
92
93
94
95
96
# File 'app/controllers/caboose/roles_controller.rb', line 91

def destroy
  return unless user_is_allowed('roles', 'delete')
  @role = Role.find(params[:id])
  @role.destroy
  render json: { 'redirect' => '/admin/roles' }
end

#editObject

GET /admin/roles/1/edit



25
26
27
28
# File 'app/controllers/caboose/roles_controller.rb', line 25

def edit
  return unless user_is_allowed('roles', 'edit')
  @role = Role.find(params[:id])
end

#indexObject

GET /admin/roles



10
11
12
13
14
15
16
# File 'app/controllers/caboose/roles_controller.rb', line 10

def index
  return unless user_is_allowed('roles', 'view')
  top_roles = Role.tree
  arr = []
  top_roles.each { |r| arr += add_role_options(r, 0) }
  @roles = arr        
end

#newObject

GET /admin/roles/new



19
20
21
22
# File 'app/controllers/caboose/roles_controller.rb', line 19

def new
  return unless user_is_allowed('roles', 'add')
  @role = Role.new
end

#optionsObject

GET /admin/roles/options



115
116
117
118
119
120
121
122
123
124
# File 'app/controllers/caboose/roles_controller.rb', line 115

def options
  return unless user_is_allowed('roles', 'view')
  @top_roles = Role.tree
  arr = [{ 
    "value" => -1, 
    "text" => 'Top Level'
  }]
  @top_roles.each { |r| arr += add_role_options(r, 1) }
  render json: arr.to_json    
end

#remove_permissionObject

DELETE /admin/roles/:id/permissions/:permission_id



108
109
110
111
112
# File 'app/controllers/caboose/roles_controller.rb', line 108

def remove_permission
  return if !user_is_allowed('roles', 'edit')
  RolePermission.where(:role_id => params[:id], :permission_id => params[:permission_id]).destroy_all        
  render :json => true
end

#updateObject

PUT /admin/roles/1



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'app/controllers/caboose/roles_controller.rb', line 49

def update
  return unless user_is_allowed('roles', 'edit')
  
  resp = StdClass.new     
  role = Role.find(params[:id])
  
  save = true
  params.each do |name,value|
    case name
	  	when "name"
	  	  role.name = value
	  	when "description"
	  	  role.description = value
	  	when "parent_id"
	  	  value = value.to_i
	  	  if role.id == value
	  	    resp.error = "You can't set the parent to be this role."
	  	    save = false
	  		elsif role.is_ancestor_of?(value)
	  		  resp.error = "You can't set the parent to be one of the child roles."
	  		  save = false
	  		else
	  		  role.parent_id = value
	  		  if value == -1
	  		    resp.attributes = { 'parent_id' => { 'text' => '[No parent]' }}
	  		  else
	  		    p = Role.find(value)
	  		    resp.attributes = { 'parent_id' => { 'text' => p.name }}
	  		  end
	  		end    	  		
	  	when "members"
	  	  value = [] if value.nil? || value.length == 0
	  	  role.users = value.collect { |uid| User.find(uid) }
	  	  resp.attributes = { 'members' => { 'text' => role.users.collect{ |u| "#{u.first_name} #{u.last_name}" }.join('<br />') }}
	  end
	end
	
	resp.success = save && role.save
	render json: resp
end