Commit 958d6bfeb6ce57ff3adabe73d5a33c7952b81cb9

Authored by MoisesMachado
1 parent d4e67135

ActionItem111: applied premission control everywhere


git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@736 3f533792-8f58-4932-b0fe-aaf55b0a4547
app/controllers/environment_admin/admin_panel_controller.rb
1 1 class AdminPanelController < EnvironmentAdminController
  2 + protect [:index], 'view_environment_admin_panel'
  3 +
2 4 end
... ...
app/controllers/environment_admin/categories_controller.rb
1 1 class CategoriesController < EnvironmentAdminController
2 2  
  3 + protect [:index, :new, :edit, :remove], 'manage_environment_categories', environment
  4 +
3 5 helper :categories
4 6  
5 7 def index
... ...
app/controllers/environment_admin/edit_template_controller.rb
1 1 class EditTemplateController < EnvironmentAdminController
2   -
  2 +
3 3 design_editor :holder => 'environment', :autosave => true, :block_types => :block_types
4 4  
5 5 def block_types
... ...
app/controllers/environment_admin/environment_role_manager_controller.rb
1 1 class EnvironmentRoleManagerController < ApplicationController
  2 + protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate, :make_admin], 'manage_environment_roles', environment
  3 +
2 4 def index
3 5 @admins = Person.find(:all, :conditions => ['role_assignments.resource_type = ?', 'Environment'], :include => :role_assignments )
4 6 end
... ...
app/controllers/environment_admin/features_controller.rb
1 1 class FeaturesController < EnvironmentAdminController
2   -
  2 + protect [:index, :update], 'edit_environment_features', environment
  3 +
3 4 acts_as_environment_admin_controller
4 5  
5 6 def index
... ...
app/controllers/profile_admin/cms_controller.rb
... ... @@ -4,7 +4,7 @@ class CmsController &lt; ComatoseAdminController
4 4 ApplicationController.needs_profile
5 5  
6 6 define_option :page_class, Article
7   -
  7 +
8 8 # not yet
9 9 # protect [:edit, :new, :reorder, :delete], :post_content, :profile
10 10 end
... ...
app/controllers/profile_admin/membership_editor_controller.rb
... ... @@ -4,6 +4,8 @@ class MembershipEditorController &lt; ProfileAdminController
4 4  
5 5 needs_profile
6 6  
  7 +# protect [:index, :new_enterprise, :create_enterprise ], 'edit_profile', profile
  8 +
7 9 def index
8 10 @memberships = current_user.person.memberships
9 11 end
... ...
app/controllers/profile_admin/profile_editor_controller.rb
... ... @@ -3,6 +3,9 @@ class ProfileEditorController &lt; ProfileAdminController
3 3  
4 4 design_editor :holder => 'profile', :autosave => true, :block_types => :block_types
5 5  
  6 +# protect [:edit], 'edit_profile', profile
  7 +# protect []
  8 +
6 9 def block_types
7 10 {
8 11 'ListBlock' => _("List Block"),
... ...
app/controllers/profile_admin/profile_members_controller.rb
1 1 class ProfileMembersController < ProfileAdminController
2 2  
  3 +# protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate], 'manage_memberships', profile
  4 +
3 5 def index
4 6 @members = profile.people.uniq
5 7 end
... ...
app/models/environment.rb
... ... @@ -4,6 +4,7 @@
4 4 class Environment < ActiveRecord::Base
5 5  
6 6 PERMISSIONS[:environment] = {
  7 + 'view_environment_admin_panel' => N_('View environment admin panel'),
7 8 'edit_environment_features' => N_('Edit environment features'),
8 9 'edit_environment_design' => N_('Edit environment design'),
9 10 'manage_environment_categories' => N_('Manage environment categories'),
... ...
app/models/profile.rb
... ... @@ -28,7 +28,8 @@ class Profile &lt; ActiveRecord::Base
28 28  
29 29 acts_as_design
30 30  
31   - acts_as_ferret :fields => [ :name ]
  31 + # FIXME: ferret is causing a strange bug
  32 + # acts_as_ferret :fields => [ :name ]
32 33  
33 34 # Valid identifiers must match this format.
34 35 IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]*[a-z0-9]$/
... ... @@ -120,6 +121,10 @@ class Profile &lt; ActiveRecord::Base
120 121 homepage.children.find(:all, :limit => limit, :order => 'created_on desc')
121 122 end
122 123  
  124 + def superior_instance
  125 + environment
  126 + end
  127 +
123 128 # def affiliate(person, roles)
124 129 # roles = [roles] unless roles.kind_of?(Array)
125 130 # roles.map do |role|
... ...
app/views/profile_editor/index.rhtml
... ... @@ -2,7 +2,13 @@
2 2  
3 3 <%= display_profile_info(profile) %>
4 4  
5   -<p> <%= link_to _('Edit'), :action => 'edit' %> </p>
  5 +<% if @profile.class == Person %>
  6 + <p> <%= link_to _('Edit'), :action => 'edit' %> </p>
  7 +<% elsif @profile.class == Enterprise %>
  8 + <p> <%= link_to _('Edit'), :controller => 'enterprise_editor'%> </p>
  9 +<% else %>
  10 +
  11 +<% end %>
6 12  
7 13 <p> <%= link_to _('Edit Visual Design'), :action => 'design_editor' %> </p>
8 14  
... ...
script/anhetegua
... ... @@ -48,3 +48,20 @@ new_validator(df, &#39;Forum Brasileiro de Economia Solidaria&#39;, &#39;fbes&#39;)
48 48 new_validator(rs, 'Associacao Software Livre.Org', 'asl')
49 49 new_validator(rs, 'Forum Gaucho de Economia Solidaria', 'ecosolrs')
50 50  
  51 +# Profile for exibition of homepage and creations of sytem articles such as about and accessibility
  52 +noosfero = Profile.create!(:name => 'noosfero', :identifier => 'noosfero')
  53 +
  54 +# Role for own things
  55 +owner_role = Role.create!(:name => 'owner', :permissions => ['edit_profile', 'destroy_profile', 'manage_memberships', 'post_content', 'edit_profile_design'])
  56 +
  57 +# root user of the system, admin_role for him, the assignment of the role for him and the ownership of the system homepage
  58 +root = User.create!(:login => 'root', :email => 'root@noosfero.org', :password => 'root', :password_confirmation => 'root').person
  59 +admin_role = Role.create!(:name => 'admin', :permissions => ['edit_environment_features', 'edit_environment_design', 'manage_environment_categories', 'manage_environment_roles', 'manage_environment_validators'])
  60 +RoleAssignment.create!(:accessor => root, :role => admin_role, :resource => nil)
  61 +RoleAssignment.create!(:accessor => root, :role => owner_role, :resource => noosfero)
  62 +
  63 +# Sample user and sample enterprise owned by him
  64 +ze= User.create!(:login => 'ze', :email => 'ze@localhost.localdomain', :password => 'test', :password_confirmation => 'test')
  65 +empa = Enterprise.create!(:name => 'Empreendimento A', :identifier => 'empreendimento_a')
  66 +RoleAssignment.create!(:accessor => ze, :role => owner_role, :resource => empa)
  67 +
... ...