Class: Caboose::RolesController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Caboose::RolesController

Defined in:

app/controllers/caboose/roles_controller.rb

Instance Method Summary

• #add_permission ⇒ Object
• #add_role_options(role, level) ⇒ Object
• #before_action ⇒ Object
• #create ⇒ Object
• #destroy ⇒ Object
• #edit ⇒ Object
• #index ⇒ Object
• #new ⇒ Object
• #options ⇒ Object
• #remove_permission ⇒ Object
• #update ⇒ Object

Methods inherited from ApplicationController

#add_ga_event, #admin_add, #admin_bulk_add, #admin_bulk_delete, #admin_bulk_update, #admin_delete, #admin_edit, #admin_index, #admin_json, #admin_json_single, #admin_update, #before_before_action, #hashify_query_string, #init_cart, #logged_in?, #logged_in_user, #login_user, #logout_user, #parse_url_params, #reject_param, #under_construction_or_forwarding_domain?, #user_is_allowed, #user_is_allowed_to, #validate_cookie, #validate_token, #var, #verify_logged_in

Instance Method Details

#add_permission ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 108

def add_permission
  return if !user_is_allowed('roles', 'edit')
  if !RolePermission.where(:role_id => params[:id], :permission_id => params[:permission_id], ).exists?
    RolePermission.create(:role_id => params[:id], :permission_id => params[:permission_id])
  end
  render :json => true
end

#add_role_options(role, level) ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 136

def add_role_options(role, level)
  arr = [{ 
    "value" => role.id, 
    "text" => (" - " * level) + role.name 
  }]
  role.children.each do |kid|
    arr += add_role_options(kid, level + 1)
  end
  return arr
end

#before_action ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 5

def before_action
  @page = Page.page_with_uri(request.host_with_port, '/admin')
end

#create ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 31

def create
  return unless user_is_allowed('roles', 'add')
  
  resp = StdClass.new({
      'error' => nil,
      'redirect' => nil
  })
  
  parent = Role.where(:id => params[:parent_id]).first
  if parent.nil?
    resp.error = "Parent role must be part of this site."
  else              
    role = Role.new()
    role.site_id = @site.id
    role.parent_id = params[:parent_id]
    role.name = params[:name]    
    role.save
    resp.redirect = "/admin/roles/#{role.id}"
  end
        
  render json: resp
end

#destroy ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 100

def destroy
  return unless user_is_allowed('roles', 'delete')
  @role = Role.find(params[:id])
  @role.destroy
  render json: { 'redirect' => '/admin/roles' }
end

#edit ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 25

def edit
  return unless user_is_allowed('roles', 'edit')
  @role = Role.find(params[:id])
end

#index ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 10

def index
  return unless user_is_allowed('roles', 'view')
  top_roles = Role.tree(@site.id)
  arr = []
  top_roles.each { |r| arr += add_role_options(r, 0) }
  @roles = arr        
end

#new ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 19

def new
  return unless user_is_allowed('roles', 'add')
  @role = Role.new
end

#options ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 125

def options
  return unless user_is_allowed('roles', 'view')
  @top_roles = Role.tree(@site.id)
  arr = [{ 
    "value" => -1, 
    "text" => 'Top Level'
  }]
  @top_roles.each { |r| arr += add_role_options(r, 1) }
  render json: arr.to_json    
end

#remove_permission ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 117

def remove_permission
  return if !user_is_allowed('roles', 'edit')
  RolePermission.where(:role_id => params[:id], :permission_id => params[:permission_id]).destroy_all        
  render :json => true
end

#update ⇒ Object

# File 'app/controllers/caboose/roles_controller.rb', line 55

def update
  return unless user_is_allowed('roles', 'edit')
  
  resp = StdClass.new     
  role = Role.find(params[:id])
  
  save = true
  params.each do |name,value|
    case name
     when "name"
       role.name = value
     when "description"
       role.description = value
     when "parent_id"
       value = value.to_i
       p = Role.where(:id => value).first
       if role.id == value
         resp.error = "You can't set the parent to be this role."
         save = false
       elsif value != -1 && (p.nil? || p.site_id != role.site_id)
         resp.error = "Invalid parent."
         save = false
       elsif role.is_ancestor_of?(value)
         resp.error = "You can't set the parent to be one of the child roles."
         save = false
       else
         role.parent_id = value
         if value == -1
           resp.attributes = { 'parent_id' => { 'text' => '[No parent]' }}
         else               
           resp.attributes = { 'parent_id' => { 'text' => p.name }}
         end
       end           
     when "members"
       value = [] if value.nil? || value.length == 0
       role.users = value.collect { |uid| User.find(uid) }
       resp.attributes = { 'members' => { 'text' => role.users.collect{ |u| "#{u.first_name} #{u.last_name}" }.join('<br />') }}
    end
  end
  
  resp.success = save && role.save
  render json: resp
end