Merge branch 'custom_roles_management'

Rodrigo Souto
2 parents 9304a753 5f7895c3
Showing 24 changed files with 423 additions and 8 deletions Show diff stats
app/controllers/admin/role_controller.rb
app/controllers/my_profile/profile_members_controller.rb
app/controllers/my_profile/profile_roles_controller.rb
app/models/organization.rb
app/models/profile.rb
app/views/profile_editor/index.html.erb
app/views/profile_members/change_role.html.erb
app/views/profile_roles/_form.html.erb
app/views/profile_roles/assign.html.erb
app/views/profile_roles/destroy.html.erb
app/views/profile_roles/edit.html.erb
app/views/profile_roles/index.html.erb
app/views/profile_roles/new.html.erb
app/views/profile_roles/show.html.erb
app/views/tasks/_add_member_accept_details.html.erb
db/migrate/20150203143051_add_reference_to_role.rb
db/migrate/20150210143723_add_custom_roles_permission_to_admin_roles.rb
public/images/control-panel/role-management.gif
public/images/control-panel/role-management.png
public/javascripts/assign_role.js
@@ -2,7 +2,7 @@ class RoleController &lt; AdminController
   protect 'manage_environment_roles', :environment
   def index
-    @roles = environment.roles.find(:all)
+    @roles = environment.roles.find(:all, :conditions => {:profile_id => nil})
   end
   def new
@@ -58,6 +58,7 @@ class ProfileMembersController &lt; MyProfileController
   def change_role
     @roles = Profile::Roles.organization_member_roles(environment.id)
+    @custom_roles = profile.custom_roles
     begin
       @member = profile.members.find(params[:id])
     rescue ActiveRecord::RecordNotFound
@@ -0,0 +1,115 @@
+class ProfileRolesController < MyProfileController
+
+  protect 'manage_custom_roles', :profile
+
+  def index
+    @roles = profile.custom_roles
+  end
+
+  def new
+    @role = Role.new
+  end
+
+  def create
+    @role = Role.create({:name => params[:role][:name], :permissions => params[:role][:permissions], :profile_id => profile.id, :environment => environment }, :without_protection => true)
+    if @role.save
+      redirect_to :action => 'show', :id => @role
+    else
+      session[:notice] = _('Failed to create role')
+      render :action => 'new'
+    end
+  end
+
+  def show
+    @role = environment.roles.find(params[:id])
+  end
+
+  def edit
+    @role = environment.roles.find(params[:id])
+  end
+
+  def assign_role_by_members
+    return redirect_to "/" if params[:q].nil? or !request.xhr?
+    arg = params[:q].downcase
+    result = find_by_contents(:people, environment, profile.members, params[:q])[:results]
+    render :text => prepare_to_token_input(result).to_json
+  end
+
+  def destroy
+    @role = environment.roles.find(params[:id])
+    @members = profile.members_by_role(@role)
+    @roles_list = all_roles(environment, profile)
+    @roles_list.delete(@role)
+  end
+
+  def remove
+    @role = environment.roles.find(params[:id])
+    @members = profile.members_by_role(@role)
+    member_roles = params[:roles] ? environment.roles.find(params[:roles].select{|r|!r.to_i.zero?}) : []
+    append_roles(@members, member_roles, profile)
+    if @role.destroy
+      session[:notice] = _('Role successfuly removed!')
+    else
+      session[:notice] = _('Failed to remove role!')
+    end
+    redirect_to :action => 'index'
+  end
+
+  def update
+    @role = environment.roles.find(params[:id])
+    if @role.update_attributes(params[:role])
+      redirect_to :action => 'show', :id => @role
+    else
+      session[:notice] = _('Failed to edit role')
+      render :action => 'edit'
+    end
+  end
+
+  def assign
+    @role = environment.roles.find(params[:id])
+    @roles_list = all_roles(environment, profile)
+    @roles_list.delete(@role)
+  end
+
+  def define
+    @role = environment.roles.find(params[:id])
+    selected_role = params[:selected_role] ? environment.roles.find(params[:selected_role].to_i) : nil
+    if params[:assign_role_by].eql? "members"
+      members_list = params[:person_id].split(',').collect {|id| environment.profiles.find(id.to_i)}
+      members_list.collect{|person| person.add_role(@role, profile)}
+    elsif params[:assign_role_by].eql? "roles"
+      members = profile.members_by_role(selected_role)
+      replace_role(members, selected_role, @role, profile)
+    else
+      session[:notice] = _("Error")
+    end
+    redirect_to :action => 'index'
+  end
+
+  protected
+
+  def append_roles(members, roles, profile)
+    members.each do |person|
+      all_roles = person.find_roles(profile).map(&:role) + roles
+      person.define_roles(all_roles, profile)
+    end
+  end
+
+  def all_roles(environment, profile)
+    Profile::Roles.organization_member_roles(environment.id) + profile.custom_roles
+  end
+
+  def replace_roles(members, roles, profile)
+    members.each do |person|
+      person.define_roles(roles, profile)
+    end
+  end
+
+  def replace_role(members, role, new_role, profile)
+    members.each do |person|
+      person.remove_role(role, profile)
+      person.add_role(new_role, profile)
+    end
+  end
+
+end
@@ -29,6 +29,8 @@ class Organization &lt; Profile
   has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'
+  has_many :custom_roles, :class_name => 'Role', :foreign_key => :profile_id
+
   scope :more_popular, :order => 'members_count DESC'
   validate :presence_of_required_fieds, :unless => :is_template
@@ -43,7 +43,7 @@ class Profile &lt; ActiveRecord::Base
       find_role('editor', env_id)
     end
     def self.organization_member_roles(env_id)
-      all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? }
+      all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? || !r.profile_id.nil?}
     end
     def self.all_roles(env_id)
       Role.all :conditions => { :environment_id => env_id }
@@ -75,6 +75,7 @@ class Profile &lt; ActiveRecord::Base
     'publish_content'      => N_('Publish content'),
     'invite_members'       => N_('Invite members'),
     'send_mail_to_members' => N_('Send e-Mail to members'),
+    'manage_custom_roles'  => N_('Manage custom roles'),
   }
   acts_as_accessible
@@ -28,6 +28,8 @@
   <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
+  <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
+
   <% unless profile.enterprise? %>
     <%= case profile.blogs.count
       when 0
 <h3> <%= _('Changing role of %s') % @member.name %> </h3>
 <%= labelled_form_for :member, :url => {:action => 'update_roles'} do |f| %>
-  
-  <%= _('Roles:') %> <br>
+
+  <h4><%= _('Roles:') %></h4>
   <% @roles.each do |r| %>
     <%= labelled_check_box(r.name, 'roles[]', r.id, @associations.map(&:role).include?(r) ) %><br/>
     <ul class="role-permissions">
@@ -11,6 +11,17 @@
       <% end %>
     </ul>
   <% end %>
+  <% unless @custom_roles.empty? %>
+    <h4><%= _('Custom Roles:') %></h4>
+    <% @custom_roles.each do |r| %>
+    <%= labelled_check_box(r.name, 'roles[]', r.id, @associations.map(&:role).include?(r) ) %><br/>
+    <ul class="role-permissions">
+      <% r.permissions.each do |p| %>
+      <li> <%= permission_name(p) %> </li>
+      <% end %>
+    </ul>
+    <% end %>
+  <% end %>
   <%= hidden_field_tag 'person', @member.id %>
   <% button_bar do %>
@@ -0,0 +1,22 @@
+<%= error_messages_for :role %>
+
+<%= labelled_form_for :role, :url => (mode == :edit) ? {:action => 'update', :id => role} : {:action => 'create'} do |f| %>
+
+  <%= required_fields_message %>
+
+  <%= required f.text_field(:name) %>
+
+  <% permissions.each do |key| %>
+  <div class="permissions <%= key.downcase %>">
+    <h4><%= _('%s Permissions:' % key) %></h4>
+    <% ActiveRecord::Base::PERMISSIONS[key].keys.each do |p| %>
+      <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
+      <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
+    <% end %>
+  </div>
+  <% end %>
+
+  <% button_bar do %>
+    <%= submit_button('save', (mode == :edit) ? _('Save changes') : _('Create role'), :cancel => {:action => 'index'} ) %>
+  <% end %>
+<% end %>
@@ -0,0 +1,35 @@
+<%= javascript_include_tag('assign_role.js') %>
+
+<h1> <%= _("Assign #{@role.name}") %> </h1>
+
+
+<%= labelled_form_for :role, :url => { :action => 'define', :id => @role.id } do |f| %>
+
+  <h2>
+    <%= _("Assign role by:") %>
+  </h2>
+  <p>
+    <%= labelled_radio_button _("Members"), :assign_role_by, "members", true, :id => "assign_role_by_members", :class => "assign_role_by" %>
+    &nbsp;
+    <%= labelled_radio_button _("Roles"), :assign_role_by, "roles", false, :id => "assign_role_by_roles", :class => "assign_role_by" %>
+  </p>
+  <div class="assign_by_members">
+    <%=token_input_field_tag(:person_id, 'search-profile-members', {:action => 'assign_role_by_members'},
+    {:focus => false, :hint_text => _('Select members to assign the role')}) %>
+
+    <% button_bar do %>
+      <%= submit_button(:forward, _("Confirm")) %>
+    <% end %>
+  </div>
+  <div class="assign_by_roles" style="display: none;">
+    <h6>
+      <%= _("Replace role: ") %>
+    </h6>
+    <% @roles_list.each do |role| %>
+      <%= labelled_radio_button role.name , :selected_role, role.id , false, :class => "selected_role" %> <br>
+    <% end %>
+    <% button_bar do %>
+      <%= submit_button('save',_('Confirm'), :cancel => {:action => 'index'} ) %>
+    <% end %>
+  </div>
+<% end %>
@@ -0,0 +1,23 @@
+<h1> <%= _("Deleting #{@role.name}") %> </h1>
+
+<% if @members.nil? || @members.empty? %>
+  <p><%= _('This role is not being currently used.')%></p>
+  <p><%= _('Are you sure you want to delete this role?') %></p>
+
+  <% button_bar do %>
+    <%= button(:remove, _('Yes, I am sure'), {:action => 'remove', :id => @role.id}, :method => :post) %>
+    <%= button(:cancel, _('No, I gave up'), {:action => 'index'}) %>
+  <% end %>
+<% else %>
+  <p><%= _('There are members currently using this role.')%></p>
+  <p><%= _('To which role do you want to change them?') %></p>
+  <%= labelled_form_for :role, :url => { :action => 'remove', :id => @role.id } do |f| %>
+    <% @roles_list.each do |role| %>
+      <%= check_box_tag("roles[]", role.id, false ,{:id => role.key}) %>
+      <%= content_tag(:label, role.name, { :for => role.key }) %><br/>
+    <% end %>
+    <% button_bar do %>
+    <%= submit_button('save',_('Delete role'), :cancel => {:action => 'index'} ) %>
+    <% end %>
+  <% end %>
+<% end %>
@@ -0,0 +1,3 @@
+<h1> <%= _("Editing #{@role.name}") %> </h1>
+
+<%= render :partial => 'form', :locals => { :mode => :edit, :role => @role, :permissions => [@role.kind] } %>
@@ -0,0 +1,27 @@
+<h1><%= _('Manage user roles') %></h1>
+
+<table>
+  <tr>
+    <th><%= _('Role') %></th>
+    <th><%= _('Actions') %></th>
+  </tr>
+  <% @roles.each do |role| %>
+    <tr>
+      <td>
+        <%= link_to role.name, :action => 'show', :id => role %>
+      </td>
+      <td>
+        <div style="text-align: center;">
+          <%= button_without_text :edit, _('Edit'), :action => 'edit', :id => role %>
+          <%= button_without_text :delete, _('Delete'), :action => 'destroy', :id => role %>
+          <%= button_without_text 'vertical-toggle', _('Assign'), :action => 'assign', :id => role %>
+        </div>
+      </td>
+    </tr>
+  <% end %>
+</table>
+
+<% button_bar do %>
+  <%= button :add, _('Create a new role'), :action => 'new' %>
+  <%= button :back, _('Back to control panel'), :controller => 'profile_editor' %>
+<% end %>
@@ -0,0 +1,3 @@
+<h1> <%= _("Create a new role") %> </h1>
+
+<%= render :partial => 'form', :locals => { :mode => :create, :role => @role, :permissions => ['Profile'] } %>
@@ -0,0 +1,13 @@
+<h1> <%= _(@role.name)  %></h1>
+
+<h3> <%= _('Permissions') %> </h3>
+<ul>
+  <% @role.permissions.each do |p| %>
+    <li> <%= permission_name(p) %> </li> 
+  <% end %>
+</ul>
+
+<% button_bar do %>
+  <%= button :edit, _('Edit'), :action => 'edit', :id => @role %>
+  <%= button :back, _('Back to roles management'), :action => 'index' %>
+<% end %>
 <%= content = _("Roles:")+"<br />"
-roles = Profile::Roles.organization_member_roles(task.target.environment.id)
+roles = Profile::Roles.organization_all_roles(task.target.environment.id)
 roles.each do |role|
   content += labelled_check_box(role.name, "tasks[#{task.id}][task][roles][]", role.id, false)+"<br />"
 end
 content_tag('p', content, :class => 'member-classify-suggestion')
 %>
-
@@ -0,0 +1,8 @@
+class AddReferenceToRole < ActiveRecord::Migration
+  def self.up
+    add_column :roles, :profile_id, :integer
+  end
+  def self.down
+    remove_column :roles , :profile_id
+  end
+end
@@ -0,0 +1,18 @@
+class AddCustomRolesPermissionToAdminRoles < ActiveRecord::Migration
+  def self.up
+    environment_admin = Role.find_by_key("environment_administrator")
+    profile_admin = Role.find_by_key("profile_admin")
+    environment_admin.permissions.append("manage_custom_roles")
+    profile_admin.permissions.append("manage_custom_roles")
+    environment_admin.save!
+    profile_admin.save!
+  end
+  def self.down
+    environment_admin = Role.find_by_key("environment_administrator")
+    profile_admin = Role.find_by_key("profile_admin")
+    environment_admin.permissions.delete("manage_custom_roles")
+    profile_admin.permissions.delete("manage_custom_roles")
+    environment_admin.save!
+    profile_admin.save!
+  end
+end
@@ -0,0 +1,19 @@
+(function($){
+  'use strict';
+
+  function toggle_assignment_method() {
+    if (this.value != "roles") {
+      $('.assign_by_roles').hide();
+      $('.assign_by_members').show();
+    } else {
+      $('.assign_by_members').hide();
+      $('.assign_by_roles').show();
+    }
+  }
+
+  $(document).ready(function() {
+    $('.assign_by_roles').hide();
+    // Event triggers
+    $('.assign_role_by').click(toggle_assignment_method);
+  });
+})(jQuery);
@@ -4685,6 +4685,12 @@ h1#agenda-title {
 .controller-profile_editor a.control-panel-welcome-page {
   background-image: url(../images/control-panel/welcome-page.png)
 }
+.controller-profile_editor a.control-panel-roles {
+  background-image: url(../images/control-panel/role-management.png)
+}
+.controller-profile_editor .msie6 a.control-panel-roles {
+  background-image: url(../images/control-panel/role-management.gif)
+}
 /* ==> public/stylesheets/controller_profile_members.css <== */
 .controller-profile_members .no-boxes {
   margin: 30px
@@ -175,7 +175,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     admin = fast_create(Person)
     community.add_member(admin)
-    folder = fast_create(Folder, :profile_id => community.id, :published => false)
+    folder = fast_create(Folder, :profile_id => community.id, :published => false, :show_to_followers => false)
     community.add_member(profile)
     login_as(profile.identifier)
@@ -278,7 +278,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
   should 'not give access to private articles if logged in and only member' do
     person = create_user('test_user').person
     profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile')
-    intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false)
+    intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false, :show_to_followers => false)
     profile.affiliate(person, Profile::Roles.member(profile.environment.id))
     login_as('test_user')
@@ -0,0 +1,106 @@
+require_relative "../test_helper"
+require 'profile_roles_controller'
+
+class ProfileRolesControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = ProfileRolesController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @role = Role.find(:first)
+  end
+
+  should 'create a custom role' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    post :create, :profile => community.identifier, :role => {:name => "some_role", :permissions => ["edit_profile"] }
+    role = Role.where(:name => 'some_role').first
+
+    assert_not_nil role
+    assert_equal community.id, role.profile_id
+  end
+
+  should 'not create a custom role without permission' do
+    community = fast_create(Community)
+    moderator = create_user_with_permission('profile_admin', 'edit_profile', community)
+    login_as :profile_admin
+    post :create, :profile => community.identifier, :role => {:name => "new_admin", :permissions => ["edit_profile"] }
+
+    assert_response 403
+    assert_template 'access_denied'
+
+    role = Role.where(:name => 'new_admin')
+
+    assert_empty role
+  end
+
+
+  should 'delete a custom role not used' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+    post :remove , :profile => community.identifier, :id => role.id
+
+    assert_response :redirect
+    assert_redirected_to :action => 'index'
+
+    assert_not_includes Role.all, role
+  end
+
+  should 'delete a custom role being used' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+    admin.add_role(role, community)
+    moderator_role = Role.find_by_name("moderator")
+
+    assert_not_includes community.members_by_role(moderator_role), admin
+
+    post :remove , :profile => community.identifier, :id => role.id, :roles => [moderator_role.id]
+
+    assert_response :redirect
+    assert_redirected_to :action => 'index'
+
+    assert_not_includes Role.all, role
+    assert_includes community.members_by_role(moderator_role), admin
+  end
+
+  should 'assign a custom role to single user' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+
+    assert_not_includes community.members_by_role(role), admin
+
+    post :define, :profile => community.identifier, :id => role.id, :assign_role_by => "members", :person_id => admin.id
+
+    assert_includes community.members_by_role(role), admin
+  end
+
+  should  'replace a role with a custom role' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    moderator = create_user_with_permission('profile_admin', 'edit_profile', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+    moderator_role = Role.find_by_name("moderator")
+    admin.add_role(moderator_role, community)
+
+    assert_not_includes community.members_by_role(role), admin
+
+    assert_not_includes community.members_by_role(role), moderator
+    assert_not_includes community.members_by_role(moderator_role), moderator
+
+    post :define, :profile => community.identifier, :id => role.id, :assign_role_by => "roles", :selected_role => moderator_role.id
+
+    assert_not_includes community.members_by_role(moderator_role), admin
+    assert_includes community.members_by_role(role), admin
+
+    assert_not_includes community.members_by_role(role), moderator
+    assert_not_includes community.members_by_role(moderator_role), moderator
+  end
+end
@@ -4,6 +4,7 @@ class Role &lt; ActiveRecord::Base
   has_many :role_assignments, :dependent => :destroy
   belongs_to :environment
+  belongs_to :organization
   serialize :permissions, Array
   validates_presence_of :name
   validates_uniqueness_of :name, :scope => :environment_id
	@@ -2,7 +2,7 @@ class RoleController < AdminController		@@ -2,7 +2,7 @@ class RoleController < AdminController
2	protect 'manage_environment_roles', :environment	2	protect 'manage_environment_roles', :environment
3		3
4	def index	4	def index
5	- @roles = environment.roles.find(:all)	5	+ @roles = environment.roles.find(:all, :conditions => {:profile_id => nil})
6	end	6	end
7		7
8	def new	8	def new
	@@ -58,6 +58,7 @@ class ProfileMembersController < MyProfileController		@@ -58,6 +58,7 @@ class ProfileMembersController < MyProfileController
58		58
59	def change_role	59	def change_role
60	@roles = Profile::Roles.organization_member_roles(environment.id)	60	@roles = Profile::Roles.organization_member_roles(environment.id)
		61	+ @custom_roles = profile.custom_roles
61	begin	62	begin
62	@member = profile.members.find(params[:id])	63	@member = profile.members.find(params[:id])
63	rescue ActiveRecord::RecordNotFound	64	rescue ActiveRecord::RecordNotFound
@@ -0,0 +1,115 @@		@@ -0,0 +1,115 @@
	1	+class ProfileRolesController < MyProfileController
	2	+
	3	+ protect 'manage_custom_roles', :profile
	4	+
	5	+ def index
	6	+ @roles = profile.custom_roles
	7	+ end
	8	+
	9	+ def new
	10	+ @role = Role.new
	11	+ end
	12	+
	13	+ def create
	14	+ @role = Role.create({:name => params[:role][:name], :permissions => params[:role][:permissions], :profile_id => profile.id, :environment => environment }, :without_protection => true)
	15	+ if @role.save
	16	+ redirect_to :action => 'show', :id => @role
	17	+ else
	18	+ session[:notice] = _('Failed to create role')
	19	+ render :action => 'new'
	20	+ end
	21	+ end
	22	+
	23	+ def show
	24	+ @role = environment.roles.find(params[:id])
	25	+ end
	26	+
	27	+ def edit
	28	+ @role = environment.roles.find(params[:id])
	29	+ end
	30	+
	31	+ def assign_role_by_members
	32	+ return redirect_to "/" if params[:q].nil? or !request.xhr?
	33	+ arg = params[:q].downcase
	34	+ result = find_by_contents(:people, environment, profile.members, params[:q])[:results]
	35	+ render :text => prepare_to_token_input(result).to_json
	36	+ end
	37	+
	38	+ def destroy
	39	+ @role = environment.roles.find(params[:id])
	40	+ @members = profile.members_by_role(@role)
	41	+ @roles_list = all_roles(environment, profile)
	42	+ @roles_list.delete(@role)
	43	+ end
	44	+
	45	+ def remove
	46	+ @role = environment.roles.find(params[:id])
	47	+ @members = profile.members_by_role(@role)
	48	+ member_roles = params[:roles] ? environment.roles.find(params[:roles].select{\|r\|!r.to_i.zero?}) : []
	49	+ append_roles(@members, member_roles, profile)
	50	+ if @role.destroy
	51	+ session[:notice] = _('Role successfuly removed!')
	52	+ else
	53	+ session[:notice] = _('Failed to remove role!')
	54	+ end
	55	+ redirect_to :action => 'index'
	56	+ end
	57	+
	58	+ def update
	59	+ @role = environment.roles.find(params[:id])
	60	+ if @role.update_attributes(params[:role])
	61	+ redirect_to :action => 'show', :id => @role
	62	+ else
	63	+ session[:notice] = _('Failed to edit role')
	64	+ render :action => 'edit'
	65	+ end
	66	+ end
	67	+
	68	+ def assign
	69	+ @role = environment.roles.find(params[:id])
	70	+ @roles_list = all_roles(environment, profile)
	71	+ @roles_list.delete(@role)
	72	+ end
	73	+
	74	+ def define
	75	+ @role = environment.roles.find(params[:id])
	76	+ selected_role = params[:selected_role] ? environment.roles.find(params[:selected_role].to_i) : nil
	77	+ if params[:assign_role_by].eql? "members"
	78	+ members_list = params[:person_id].split(',').collect {\|id\| environment.profiles.find(id.to_i)}
	79	+ members_list.collect{\|person\| person.add_role(@role, profile)}
	80	+ elsif params[:assign_role_by].eql? "roles"
	81	+ members = profile.members_by_role(selected_role)
	82	+ replace_role(members, selected_role, @role, profile)
	83	+ else
	84	+ session[:notice] = _("Error")
	85	+ end
	86	+ redirect_to :action => 'index'
	87	+ end
	88	+
	89	+ protected
	90	+
	91	+ def append_roles(members, roles, profile)
	92	+ members.each do \|person\|
	93	+ all_roles = person.find_roles(profile).map(&:role) + roles
	94	+ person.define_roles(all_roles, profile)
	95	+ end
	96	+ end
	97	+
	98	+ def all_roles(environment, profile)
	99	+ Profile::Roles.organization_member_roles(environment.id) + profile.custom_roles
	100	+ end
	101	+
	102	+ def replace_roles(members, roles, profile)
	103	+ members.each do \|person\|
	104	+ person.define_roles(roles, profile)
	105	+ end
	106	+ end
	107	+
	108	+ def replace_role(members, role, new_role, profile)
	109	+ members.each do \|person\|
	110	+ person.remove_role(role, profile)
	111	+ person.add_role(new_role, profile)
	112	+ end
	113	+ end
	114	+
	115	+end
	@@ -29,6 +29,8 @@ class Organization < Profile		@@ -29,6 +29,8 @@ class Organization < Profile
29		29
30	has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'	30	has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'
31		31
		32	+ has_many :custom_roles, :class_name => 'Role', :foreign_key => :profile_id
		33	+
32	scope :more_popular, :order => 'members_count DESC'	34	scope :more_popular, :order => 'members_count DESC'
33		35
34	validate :presence_of_required_fieds, :unless => :is_template	36	validate :presence_of_required_fieds, :unless => :is_template
	@@ -28,6 +28,8 @@		@@ -28,6 +28,8 @@
28		28
29	<%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>	29	<%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
30		30
		31	+ <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
		32	+
31	<% unless profile.enterprise? %>	33	<% unless profile.enterprise? %>
32	<%= case profile.blogs.count	34	<%= case profile.blogs.count
33	when 0	35	when 0
@@ -0,0 +1,22 @@		@@ -0,0 +1,22 @@
	1	+<%= error_messages_for :role %>
	2	+
	3	+<%= labelled_form_for :role, :url => (mode == :edit) ? {:action => 'update', :id => role} : {:action => 'create'} do \|f\| %>
	4	+
	5	+ <%= required_fields_message %>
	6	+
	7	+ <%= required f.text_field(:name) %>
	8	+
	9	+ <% permissions.each do \|key\| %>
	10	+ <div class="permissions <%= key.downcase %>">
	11	+ <h4><%= _('%s Permissions:' % key) %></h4>
	12	+ <% ActiveRecord::Base::PERMISSIONS[key].keys.each do \|p\| %>
	13	+ <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
	14	+ <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
	15	+ <% end %>
	16	+ </div>
	17	+ <% end %>
	18	+
	19	+ <% button_bar do %>
	20	+ <%= submit_button('save', (mode == :edit) ? _('Save changes') : _('Create role'), :cancel => {:action => 'index'} ) %>
	21	+ <% end %>
	22	+<% end %>
@@ -0,0 +1,35 @@		@@ -0,0 +1,35 @@
	1	+<%= javascript_include_tag('assign_role.js') %>
	2	+
	3	+<h1> <%= _("Assign #{@role.name}") %> </h1>
	4	+
	5	+
	6	+<%= labelled_form_for :role, :url => { :action => 'define', :id => @role.id } do \|f\| %>
	7	+
	8	+ <h2>
	9	+ <%= _("Assign role by:") %>
	10	+ </h2>
	11	+ <p>
	12	+ <%= labelled_radio_button _("Members"), :assign_role_by, "members", true, :id => "assign_role_by_members", :class => "assign_role_by" %>
	13	+
	14	+ <%= labelled_radio_button _("Roles"), :assign_role_by, "roles", false, :id => "assign_role_by_roles", :class => "assign_role_by" %>
	15	+ </p>
	16	+ <div class="assign_by_members">
	17	+ <%=token_input_field_tag(:person_id, 'search-profile-members', {:action => 'assign_role_by_members'},
	18	+ {:focus => false, :hint_text => _('Select members to assign the role')}) %>
	19	+
	20	+ <% button_bar do %>
	21	+ <%= submit_button(:forward, _("Confirm")) %>
	22	+ <% end %>
	23	+ </div>
	24	+ <div class="assign_by_roles" style="display: none;">
	25	+ <h6>
	26	+ <%= _("Replace role: ") %>
	27	+ </h6>
	28	+ <% @roles_list.each do \|role\| %>
	29	+ <%= labelled_radio_button role.name , :selected_role, role.id , false, :class => "selected_role" %> <br>
	30	+ <% end %>
	31	+ <% button_bar do %>
	32	+ <%= submit_button('save',_('Confirm'), :cancel => {:action => 'index'} ) %>
	33	+ <% end %>
	34	+ </div>
	35	+<% end %>
@@ -0,0 +1,23 @@		@@ -0,0 +1,23 @@
	1	+<h1> <%= _("Deleting #{@role.name}") %> </h1>
	2	+
	3	+<% if @members.nil? \|\| @members.empty? %>
	4	+ <p><%= _('This role is not being currently used.')%></p>
	5	+ <p><%= _('Are you sure you want to delete this role?') %></p>
	6	+
	7	+ <% button_bar do %>
	8	+ <%= button(:remove, _('Yes, I am sure'), {:action => 'remove', :id => @role.id}, :method => :post) %>
	9	+ <%= button(:cancel, _('No, I gave up'), {:action => 'index'}) %>
	10	+ <% end %>
	11	+<% else %>
	12	+ <p><%= _('There are members currently using this role.')%></p>
	13	+ <p><%= _('To which role do you want to change them?') %></p>
	14	+ <%= labelled_form_for :role, :url => { :action => 'remove', :id => @role.id } do \|f\| %>
	15	+ <% @roles_list.each do \|role\| %>
	16	+ <%= check_box_tag("roles[]", role.id, false ,{:id => role.key}) %>
	17	+ <%= content_tag(:label, role.name, { :for => role.key }) %><br/>
	18	+ <% end %>
	19	+ <% button_bar do %>
	20	+ <%= submit_button('save',_('Delete role'), :cancel => {:action => 'index'} ) %>
	21	+ <% end %>
	22	+ <% end %>
	23	+<% end %>
@@ -0,0 +1,3 @@		@@ -0,0 +1,3 @@
	1	+<h1> <%= _("Editing #{@role.name}") %> </h1>
	2	+
	3	+<%= render :partial => 'form', :locals => { :mode => :edit, :role => @role, :permissions => [@role.kind] } %>
@@ -0,0 +1,27 @@		@@ -0,0 +1,27 @@
	1	+<h1><%= _('Manage user roles') %></h1>
	2	+
	3	+<table>
	4	+ <tr>
	5	+ <th><%= _('Role') %></th>
	6	+ <th><%= _('Actions') %></th>
	7	+ </tr>
	8	+ <% @roles.each do \|role\| %>
	9	+ <tr>
	10	+ <td>
	11	+ <%= link_to role.name, :action => 'show', :id => role %>
	12	+ </td>
	13	+ <td>
	14	+ <div style="text-align: center;">
	15	+ <%= button_without_text :edit, _('Edit'), :action => 'edit', :id => role %>
	16	+ <%= button_without_text :delete, _('Delete'), :action => 'destroy', :id => role %>
	17	+ <%= button_without_text 'vertical-toggle', _('Assign'), :action => 'assign', :id => role %>
	18	+ </div>
	19	+ </td>
	20	+ </tr>
	21	+ <% end %>
	22	+</table>
	23	+
	24	+<% button_bar do %>
	25	+ <%= button :add, _('Create a new role'), :action => 'new' %>
	26	+ <%= button :back, _('Back to control panel'), :controller => 'profile_editor' %>
	27	+<% end %>