Download as
Browse Code »

Commit 0107868d322629f22ff7dc57f9d8ccce222cf555

Authored by Victor Costa
1 parent 4b06d2fb
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

rails3: fix ActiveRecord extension at access_control

Showing 2 changed files with 85 additions and 72 deletions   Show diff stats
vendor/plugins/access_control/lib/acts_as_accessible.rb
  Diff comments   View file @0107868
1   -class ActiveRecord::Base
  1 +module ActsAsAccessible
2 2 # This is the global hash of permissions and each item is of the form
3 3 # 'class_name' => permission_hash for each target have its own set of permissions
4 4 # but its not a namespace so each permission name should be unique
5 5 PERMISSIONS = {}
6   -
7   - # Acts as accessible makes a model acts as a resource that can be targeted by a permission
8   - def self.acts_as_accessible
9   - has_many :role_assignments, :as => :resource, :dependent => :destroy
10   -
11   - # A superior instance is an object that has higher level an thus can be targeted by a permission
12   - # to represent an permission over a group of related resources rather than a single one
13   - def superior_instance
14   - nil
15   - end
16 6  
17   - def affiliate(accessor, roles)
18   - roles = [roles] unless roles.kind_of?(Array)
19   - roles.map {|role| accessor.add_role(role, self)}.any?
20   - end
  7 + extend ActiveSupport::Concern
21 8  
22   - def disaffiliate(accessor, roles)
23   - roles = [roles] unless roles.kind_of?(Array)
24   - role_assignments.map{|ra|ra.destroy if roles.include?(ra.role) && ra.accessor == accessor}
  9 + module ClassMethods
  10 + # Acts as accessible makes a model acts as a resource that can be targeted by a permission
  11 + def acts_as_accessible
  12 + has_many :role_assignments, :as => :resource, :dependent => :destroy
25 13 end
  14 + end
  15 +
  16 + # A superior instance is an object that has higher level an thus can be targeted by a permission
  17 + # to represent an permission over a group of related resources rather than a single one
  18 + def superior_instance
  19 + nil
  20 + end
26 21  
27   - def roles
28   - Role.find_all_by_environment_id(environment.id).select do |r|
29   - r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) }
30   - end
  22 + def affiliate(accessor, roles)
  23 + roles = [roles] unless roles.kind_of?(Array)
  24 + roles.map {|role| accessor.add_role(role, self)}.any?
  25 + end
  26 +
  27 + def disaffiliate(accessor, roles)
  28 + roles = [roles] unless roles.kind_of?(Array)
  29 + role_assignments.map{|ra|ra.destroy if roles.include?(ra.role) && ra.accessor == accessor}
  30 + end
  31 +
  32 + def roles
  33 + Role.find_all_by_environment_id(environment.id).select do |r|
  34 + r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) }
31 35 end
32 36 end
33 37 end
  38 +
  39 +ActiveRecord::Base.send(:include, ActsAsAccessible)
... ...
vendor/plugins/access_control/lib/acts_as_accessor.rb
  Diff comments   View file @0107868
1   -class ActiveRecord::Base
2   - def self.acts_as_accessor
3   - has_many :role_assignments, :as => :accessor, :dependent => :destroy
  1 +module ActsAsAccessor
4 2  
5   - def has_permission?(permission, resource = nil)
6   - return true if resource == self
7   - role_assignments.includes([:resource,:role]).any? {|ra| ra.has_permission?(permission, resource)}
8   - end
  3 + extend ActiveSupport::Concern
9 4  
10   - def define_roles(roles, resource)
11   - roles = [roles] unless roles.kind_of?(Array)
12   - actual_roles = RoleAssignment.find( :all, :conditions => role_attributes(nil, resource) ).map(&:role)
13   -
14   - (roles - actual_roles).each {|r| add_role(r, resource) }
15   - (actual_roles - roles).each {|r| remove_role(r, resource)}
  5 + module ClassMethods
  6 + def acts_as_accessor
  7 + has_many :role_assignments, :as => :accessor, :dependent => :destroy
16 8 end
  9 + end
17 10  
18   - def add_role(role, resource)
19   - attributes = role_attributes(role, resource)
20   - if RoleAssignment.find(:all, :conditions => attributes).empty?
21   - ra = RoleAssignment.new(attributes)
22   - role_assignments << ra
23   - resource.role_assignments << ra
24   - ra.save
25   - else
26   - false
27   - end
28   - end
  11 + def has_permission?(permission, resource = nil)
  12 + return true if resource == self
  13 + role_assignments.includes([:resource,:role]).any? {|ra| ra.has_permission?(permission, resource)}
  14 + end
29 15  
30   - def remove_role(role, resource)
31   - return unless role
32   - roles_destroy = RoleAssignment.find(:all, :conditions => role_attributes(role, resource))
33   - return if roles_destroy.empty?
34   - roles_destroy.map(&:destroy).all?
35   - end
  16 + def define_roles(roles, resource)
  17 + roles = [roles] unless roles.kind_of?(Array)
  18 + actual_roles = RoleAssignment.find( :all, :conditions => role_attributes(nil, resource) ).map(&:role)
  19 +
  20 + (roles - actual_roles).each {|r| add_role(r, resource) }
  21 + (actual_roles - roles).each {|r| remove_role(r, resource)}
  22 + end
36 23  
37   - def find_roles(res)
38   - RoleAssignment.find(:all, :conditions => role_attributes(nil, res))
  24 + def add_role(role, resource)
  25 + attributes = role_attributes(role, resource)
  26 + if RoleAssignment.find(:all, :conditions => attributes).empty?
  27 + ra = RoleAssignment.new(attributes)
  28 + role_assignments << ra
  29 + resource.role_assignments << ra
  30 + ra.save
  31 + else
  32 + false
39 33 end
  34 + end
40 35  
41   - protected
42   - def role_attributes(role, resource)
43   - attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name}
44   - if role
45   - attributes[:role_id] = role.id
46   - end
47   - if resource == 'global'
48   - attributes[:is_global] = true
49   - resource = nil
50   - end
51   - if resource
52   - attributes[:resource_id] = resource.id
53   - attributes[:resource_type] = resource.class.base_class.name
54   - else
55   - attributes[:resource_id] = nil
56   - attributes[:resource_type] = nil
57   - end
58   - attributes
  36 + def remove_role(role, resource)
  37 + return unless role
  38 + roles_destroy = RoleAssignment.find(:all, :conditions => role_attributes(role, resource))
  39 + return if roles_destroy.empty?
  40 + roles_destroy.map(&:destroy).all?
  41 + end
  42 +
  43 + def find_roles(res)
  44 + RoleAssignment.find(:all, :conditions => role_attributes(nil, res))
  45 + end
  46 +
  47 + protected
  48 + def role_attributes(role, resource)
  49 + attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name}
  50 + if role
  51 + attributes[:role_id] = role.id
59 52 end
  53 + if resource == 'global'
  54 + attributes[:is_global] = true
  55 + resource = nil
  56 + end
  57 + if resource
  58 + attributes[:resource_id] = resource.id
  59 + attributes[:resource_type] = resource.class.base_class.name
  60 + else
  61 + attributes[:resource_id] = nil
  62 + attributes[:resource_type] = nil
  63 + end
  64 + attributes
60 65 end
61 66 end
  67 +
  68 +ActiveRecord::Base.send(:include, ActsAsAccessor)
... ...