Commit 958d6bfeb6ce57ff3adabe73d5a33c7952b81cb9
1 parent
d4e67135
Exists in
master
and in
29 other branches
ActionItem111: applied premission control everywhere
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@736 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
13 changed files
with
48 additions
and
5 deletions
Show diff stats
app/controllers/environment_admin/admin_panel_controller.rb
app/controllers/environment_admin/categories_controller.rb
app/controllers/environment_admin/edit_template_controller.rb
app/controllers/environment_admin/environment_role_manager_controller.rb
1 | 1 | class EnvironmentRoleManagerController < ApplicationController |
2 | + protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate, :make_admin], 'manage_environment_roles', environment | |
3 | + | |
2 | 4 | def index |
3 | 5 | @admins = Person.find(:all, :conditions => ['role_assignments.resource_type = ?', 'Environment'], :include => :role_assignments ) |
4 | 6 | end | ... | ... |
app/controllers/environment_admin/features_controller.rb
app/controllers/profile_admin/cms_controller.rb
app/controllers/profile_admin/membership_editor_controller.rb
app/controllers/profile_admin/profile_editor_controller.rb
... | ... | @@ -3,6 +3,9 @@ class ProfileEditorController < ProfileAdminController |
3 | 3 | |
4 | 4 | design_editor :holder => 'profile', :autosave => true, :block_types => :block_types |
5 | 5 | |
6 | +# protect [:edit], 'edit_profile', profile | |
7 | +# protect [] | |
8 | + | |
6 | 9 | def block_types |
7 | 10 | { |
8 | 11 | 'ListBlock' => _("List Block"), | ... | ... |
app/controllers/profile_admin/profile_members_controller.rb
app/models/environment.rb
... | ... | @@ -4,6 +4,7 @@ |
4 | 4 | class Environment < ActiveRecord::Base |
5 | 5 | |
6 | 6 | PERMISSIONS[:environment] = { |
7 | + 'view_environment_admin_panel' => N_('View environment admin panel'), | |
7 | 8 | 'edit_environment_features' => N_('Edit environment features'), |
8 | 9 | 'edit_environment_design' => N_('Edit environment design'), |
9 | 10 | 'manage_environment_categories' => N_('Manage environment categories'), | ... | ... |
app/models/profile.rb
... | ... | @@ -28,7 +28,8 @@ class Profile < ActiveRecord::Base |
28 | 28 | |
29 | 29 | acts_as_design |
30 | 30 | |
31 | - acts_as_ferret :fields => [ :name ] | |
31 | + # FIXME: ferret is causing a strange bug | |
32 | + # acts_as_ferret :fields => [ :name ] | |
32 | 33 | |
33 | 34 | # Valid identifiers must match this format. |
34 | 35 | IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]*[a-z0-9]$/ |
... | ... | @@ -120,6 +121,10 @@ class Profile < ActiveRecord::Base |
120 | 121 | homepage.children.find(:all, :limit => limit, :order => 'created_on desc') |
121 | 122 | end |
122 | 123 | |
124 | + def superior_instance | |
125 | + environment | |
126 | + end | |
127 | + | |
123 | 128 | # def affiliate(person, roles) |
124 | 129 | # roles = [roles] unless roles.kind_of?(Array) |
125 | 130 | # roles.map do |role| | ... | ... |
app/views/profile_editor/index.rhtml
... | ... | @@ -2,7 +2,13 @@ |
2 | 2 | |
3 | 3 | <%= display_profile_info(profile) %> |
4 | 4 | |
5 | -<p> <%= link_to _('Edit'), :action => 'edit' %> </p> | |
5 | +<% if @profile.class == Person %> | |
6 | + <p> <%= link_to _('Edit'), :action => 'edit' %> </p> | |
7 | +<% elsif @profile.class == Enterprise %> | |
8 | + <p> <%= link_to _('Edit'), :controller => 'enterprise_editor'%> </p> | |
9 | +<% else %> | |
10 | + | |
11 | +<% end %> | |
6 | 12 | |
7 | 13 | <p> <%= link_to _('Edit Visual Design'), :action => 'design_editor' %> </p> |
8 | 14 | ... | ... |
script/anhetegua
... | ... | @@ -48,3 +48,20 @@ new_validator(df, 'Forum Brasileiro de Economia Solidaria', 'fbes') |
48 | 48 | new_validator(rs, 'Associacao Software Livre.Org', 'asl') |
49 | 49 | new_validator(rs, 'Forum Gaucho de Economia Solidaria', 'ecosolrs') |
50 | 50 | |
51 | +# Profile for exibition of homepage and creations of sytem articles such as about and accessibility | |
52 | +noosfero = Profile.create!(:name => 'noosfero', :identifier => 'noosfero') | |
53 | + | |
54 | +# Role for own things | |
55 | +owner_role = Role.create!(:name => 'owner', :permissions => ['edit_profile', 'destroy_profile', 'manage_memberships', 'post_content', 'edit_profile_design']) | |
56 | + | |
57 | +# root user of the system, admin_role for him, the assignment of the role for him and the ownership of the system homepage | |
58 | +root = User.create!(:login => 'root', :email => 'root@noosfero.org', :password => 'root', :password_confirmation => 'root').person | |
59 | +admin_role = Role.create!(:name => 'admin', :permissions => ['edit_environment_features', 'edit_environment_design', 'manage_environment_categories', 'manage_environment_roles', 'manage_environment_validators']) | |
60 | +RoleAssignment.create!(:accessor => root, :role => admin_role, :resource => nil) | |
61 | +RoleAssignment.create!(:accessor => root, :role => owner_role, :resource => noosfero) | |
62 | + | |
63 | +# Sample user and sample enterprise owned by him | |
64 | +ze= User.create!(:login => 'ze', :email => 'ze@localhost.localdomain', :password => 'test', :password_confirmation => 'test') | |
65 | +empa = Enterprise.create!(:name => 'Empreendimento A', :identifier => 'empreendimento_a') | |
66 | +RoleAssignment.create!(:accessor => ze, :role => owner_role, :resource => empa) | |
67 | + | ... | ... |