Download as
Browse Code »

Commit 0107868d322629f22ff7dc57f9d8ccce222cf555

Authored by Victor Costa
1 parent 4b06d2fb
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

rails3: fix ActiveRecord extension at access_control

Showing 2 changed files with 85 additions and 72 deletions   Show diff stats
vendor/plugins/access_control/lib/acts_as_accessible.rb
  Diff comments   View file @0107868
1 -class ActiveRecord::Base 1 +module ActsAsAccessible
2 # This is the global hash of permissions and each item is of the form 2 # This is the global hash of permissions and each item is of the form
3 # 'class_name' => permission_hash for each target have its own set of permissions 3 # 'class_name' => permission_hash for each target have its own set of permissions
4 # but its not a namespace so each permission name should be unique 4 # but its not a namespace so each permission name should be unique
5 PERMISSIONS = {} 5 PERMISSIONS = {}
6 -  
7 - # Acts as accessible makes a model acts as a resource that can be targeted by a permission  
8 - def self.acts_as_accessible  
9 - has_many :role_assignments, :as => :resource, :dependent => :destroy  
10 -  
11 - # A superior instance is an object that has higher level an thus can be targeted by a permission  
12 - # to represent an permission over a group of related resources rather than a single one  
13 - def superior_instance  
14 - nil  
15 - end  
16 6
17 - def affiliate(accessor, roles)  
18 - roles = [roles] unless roles.kind_of?(Array)  
19 - roles.map {|role| accessor.add_role(role, self)}.any?  
20 - end 7 + extend ActiveSupport::Concern
21 8
22 - def disaffiliate(accessor, roles)  
23 - roles = [roles] unless roles.kind_of?(Array)  
24 - role_assignments.map{|ra|ra.destroy if roles.include?(ra.role) && ra.accessor == accessor} 9 + module ClassMethods
  10 + # Acts as accessible makes a model acts as a resource that can be targeted by a permission
  11 + def acts_as_accessible
  12 + has_many :role_assignments, :as => :resource, :dependent => :destroy
25 end 13 end
  14 + end
  15 +
  16 + # A superior instance is an object that has higher level an thus can be targeted by a permission
  17 + # to represent an permission over a group of related resources rather than a single one
  18 + def superior_instance
  19 + nil
  20 + end
26 21
27 - def roles  
28 - Role.find_all_by_environment_id(environment.id).select do |r|  
29 - r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) }  
30 - end 22 + def affiliate(accessor, roles)
  23 + roles = [roles] unless roles.kind_of?(Array)
  24 + roles.map {|role| accessor.add_role(role, self)}.any?
  25 + end
  26 +
  27 + def disaffiliate(accessor, roles)
  28 + roles = [roles] unless roles.kind_of?(Array)
  29 + role_assignments.map{|ra|ra.destroy if roles.include?(ra.role) && ra.accessor == accessor}
  30 + end
  31 +
  32 + def roles
  33 + Role.find_all_by_environment_id(environment.id).select do |r|
  34 + r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) }
31 end 35 end
32 end 36 end
33 end 37 end
  38 +
  39 +ActiveRecord::Base.send(:include, ActsAsAccessible)
vendor/plugins/access_control/lib/acts_as_accessor.rb
  Diff comments   View file @0107868
1 -class ActiveRecord::Base  
2 - def self.acts_as_accessor  
3 - has_many :role_assignments, :as => :accessor, :dependent => :destroy 1 +module ActsAsAccessor
4 2
5 - def has_permission?(permission, resource = nil)  
6 - return true if resource == self  
7 - role_assignments.includes([:resource,:role]).any? {|ra| ra.has_permission?(permission, resource)}  
8 - end 3 + extend ActiveSupport::Concern
9 4
10 - def define_roles(roles, resource)  
11 - roles = [roles] unless roles.kind_of?(Array)  
12 - actual_roles = RoleAssignment.find( :all, :conditions => role_attributes(nil, resource) ).map(&:role)  
13 -  
14 - (roles - actual_roles).each {|r| add_role(r, resource) }  
15 - (actual_roles - roles).each {|r| remove_role(r, resource)} 5 + module ClassMethods
  6 + def acts_as_accessor
  7 + has_many :role_assignments, :as => :accessor, :dependent => :destroy
16 end 8 end
  9 + end
17 10
18 - def add_role(role, resource)  
19 - attributes = role_attributes(role, resource)  
20 - if RoleAssignment.find(:all, :conditions => attributes).empty?  
21 - ra = RoleAssignment.new(attributes)  
22 - role_assignments << ra  
23 - resource.role_assignments << ra  
24 - ra.save  
25 - else  
26 - false  
27 - end  
28 - end 11 + def has_permission?(permission, resource = nil)
  12 + return true if resource == self
  13 + role_assignments.includes([:resource,:role]).any? {|ra| ra.has_permission?(permission, resource)}
  14 + end
29 15
30 - def remove_role(role, resource)  
31 - return unless role  
32 - roles_destroy = RoleAssignment.find(:all, :conditions => role_attributes(role, resource))  
33 - return if roles_destroy.empty?  
34 - roles_destroy.map(&:destroy).all?  
35 - end 16 + def define_roles(roles, resource)
  17 + roles = [roles] unless roles.kind_of?(Array)
  18 + actual_roles = RoleAssignment.find( :all, :conditions => role_attributes(nil, resource) ).map(&:role)
  19 +
  20 + (roles - actual_roles).each {|r| add_role(r, resource) }
  21 + (actual_roles - roles).each {|r| remove_role(r, resource)}
  22 + end
36 23
37 - def find_roles(res)  
38 - RoleAssignment.find(:all, :conditions => role_attributes(nil, res)) 24 + def add_role(role, resource)
  25 + attributes = role_attributes(role, resource)
  26 + if RoleAssignment.find(:all, :conditions => attributes).empty?
  27 + ra = RoleAssignment.new(attributes)
  28 + role_assignments << ra
  29 + resource.role_assignments << ra
  30 + ra.save
  31 + else
  32 + false
39 end 33 end
  34 + end
40 35
41 - protected  
42 - def role_attributes(role, resource)  
43 - attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name}  
44 - if role  
45 - attributes[:role_id] = role.id  
46 - end  
47 - if resource == 'global'  
48 - attributes[:is_global] = true  
49 - resource = nil  
50 - end  
51 - if resource  
52 - attributes[:resource_id] = resource.id  
53 - attributes[:resource_type] = resource.class.base_class.name  
54 - else  
55 - attributes[:resource_id] = nil  
56 - attributes[:resource_type] = nil  
57 - end  
58 - attributes 36 + def remove_role(role, resource)
  37 + return unless role
  38 + roles_destroy = RoleAssignment.find(:all, :conditions => role_attributes(role, resource))
  39 + return if roles_destroy.empty?
  40 + roles_destroy.map(&:destroy).all?
  41 + end
  42 +
  43 + def find_roles(res)
  44 + RoleAssignment.find(:all, :conditions => role_attributes(nil, res))
  45 + end
  46 +
  47 + protected
  48 + def role_attributes(role, resource)
  49 + attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name}
  50 + if role
  51 + attributes[:role_id] = role.id
59 end 52 end
  53 + if resource == 'global'
  54 + attributes[:is_global] = true
  55 + resource = nil
  56 + end
  57 + if resource
  58 + attributes[:resource_id] = resource.id
  59 + attributes[:resource_type] = resource.class.base_class.name
  60 + else
  61 + attributes[:resource_id] = nil
  62 + attributes[:resource_type] = nil
  63 + end
  64 + attributes
60 end 65 end
61 end 66 end
  67 +
  68 +ActiveRecord::Base.send(:include, ActsAsAccessor)