Download as
Browse Code »

Commit 958d6bfeb6ce57ff3adabe73d5a33c7952b81cb9

Authored by MoisesMachado
1 parent d4e67135
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

ActionItem111: applied premission control everywhere 


git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@736 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing 13 changed files with 48 additions and 5 deletions   Show diff stats
app/controllers/environment_admin/admin_panel_controller.rb
  Diff comments   View file @958d6bf
1 class AdminPanelController < EnvironmentAdminController 1 class AdminPanelController < EnvironmentAdminController
  2 + protect [:index], 'view_environment_admin_panel'
  3 +
2 end 4 end
app/controllers/environment_admin/categories_controller.rb
  Diff comments   View file @958d6bf
1 class CategoriesController < EnvironmentAdminController 1 class CategoriesController < EnvironmentAdminController
2 2
  3 + protect [:index, :new, :edit, :remove], 'manage_environment_categories', environment
  4 +
3 helper :categories 5 helper :categories
4 6
5 def index 7 def index
app/controllers/environment_admin/edit_template_controller.rb
  Diff comments   View file @958d6bf
1 class EditTemplateController < EnvironmentAdminController 1 class EditTemplateController < EnvironmentAdminController
2 - 2 +
3 design_editor :holder => 'environment', :autosave => true, :block_types => :block_types 3 design_editor :holder => 'environment', :autosave => true, :block_types => :block_types
4 4
5 def block_types 5 def block_types
app/controllers/environment_admin/environment_role_manager_controller.rb
  Diff comments   View file @958d6bf
1 class EnvironmentRoleManagerController < ApplicationController 1 class EnvironmentRoleManagerController < ApplicationController
  2 + protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate, :make_admin], 'manage_environment_roles', environment
  3 +
2 def index 4 def index
3 @admins = Person.find(:all, :conditions => ['role_assignments.resource_type = ?', 'Environment'], :include => :role_assignments ) 5 @admins = Person.find(:all, :conditions => ['role_assignments.resource_type = ?', 'Environment'], :include => :role_assignments )
4 end 6 end
app/controllers/environment_admin/features_controller.rb
  Diff comments   View file @958d6bf
1 class FeaturesController < EnvironmentAdminController 1 class FeaturesController < EnvironmentAdminController
2 - 2 + protect [:index, :update], 'edit_environment_features', environment
  3 +
3 acts_as_environment_admin_controller 4 acts_as_environment_admin_controller
4 5
5 def index 6 def index
app/controllers/profile_admin/cms_controller.rb
  Diff comments   View file @958d6bf
@@ -4,7 +4,7 @@ class CmsController &lt; ComatoseAdminController @@ -4,7 +4,7 @@ class CmsController &lt; ComatoseAdminController
4 ApplicationController.needs_profile 4 ApplicationController.needs_profile
5 5
6 define_option :page_class, Article 6 define_option :page_class, Article
7 - 7 +
8 # not yet 8 # not yet
9 # protect [:edit, :new, :reorder, :delete], :post_content, :profile 9 # protect [:edit, :new, :reorder, :delete], :post_content, :profile
10 end 10 end
app/controllers/profile_admin/membership_editor_controller.rb
  Diff comments   View file @958d6bf
@@ -4,6 +4,8 @@ class MembershipEditorController &lt; ProfileAdminController @@ -4,6 +4,8 @@ class MembershipEditorController &lt; ProfileAdminController
4 4
5 needs_profile 5 needs_profile
6 6
  7 +# protect [:index, :new_enterprise, :create_enterprise ], 'edit_profile', profile
  8 +
7 def index 9 def index
8 @memberships = current_user.person.memberships 10 @memberships = current_user.person.memberships
9 end 11 end
app/controllers/profile_admin/profile_editor_controller.rb
  Diff comments   View file @958d6bf
@@ -3,6 +3,9 @@ class ProfileEditorController &lt; ProfileAdminController @@ -3,6 +3,9 @@ class ProfileEditorController &lt; ProfileAdminController
3 3
4 design_editor :holder => 'profile', :autosave => true, :block_types => :block_types 4 design_editor :holder => 'profile', :autosave => true, :block_types => :block_types
5 5
  6 +# protect [:edit], 'edit_profile', profile
  7 +# protect []
  8 +
6 def block_types 9 def block_types
7 { 10 {
8 'ListBlock' => _("List Block"), 11 'ListBlock' => _("List Block"),
app/controllers/profile_admin/profile_members_controller.rb
  Diff comments   View file @958d6bf
1 class ProfileMembersController < ProfileAdminController 1 class ProfileMembersController < ProfileAdminController
2 2
  3 +# protect [:index, :change_roles, :update_roles, :change_role, :add_role, :remove_role, :unassociate], 'manage_memberships', profile
  4 +
3 def index 5 def index
4 @members = profile.people.uniq 6 @members = profile.people.uniq
5 end 7 end
app/models/environment.rb
  Diff comments   View file @958d6bf
@@ -4,6 +4,7 @@ @@ -4,6 +4,7 @@
4 class Environment < ActiveRecord::Base 4 class Environment < ActiveRecord::Base
5 5
6 PERMISSIONS[:environment] = { 6 PERMISSIONS[:environment] = {
  7 + 'view_environment_admin_panel' => N_('View environment admin panel'),
7 'edit_environment_features' => N_('Edit environment features'), 8 'edit_environment_features' => N_('Edit environment features'),
8 'edit_environment_design' => N_('Edit environment design'), 9 'edit_environment_design' => N_('Edit environment design'),
9 'manage_environment_categories' => N_('Manage environment categories'), 10 'manage_environment_categories' => N_('Manage environment categories'),
app/models/profile.rb
  Diff comments   View file @958d6bf
@@ -28,7 +28,8 @@ class Profile &lt; ActiveRecord::Base @@ -28,7 +28,8 @@ class Profile &lt; ActiveRecord::Base
28 28
29 acts_as_design 29 acts_as_design
30 30
31 - acts_as_ferret :fields => [ :name ] 31 + # FIXME: ferret is causing a strange bug
  32 + # acts_as_ferret :fields => [ :name ]
32 33
33 # Valid identifiers must match this format. 34 # Valid identifiers must match this format.
34 IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]*[a-z0-9]$/ 35 IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]*[a-z0-9]$/
@@ -120,6 +121,10 @@ class Profile &lt; ActiveRecord::Base @@ -120,6 +121,10 @@ class Profile &lt; ActiveRecord::Base
120 homepage.children.find(:all, :limit => limit, :order => 'created_on desc') 121 homepage.children.find(:all, :limit => limit, :order => 'created_on desc')
121 end 122 end
122 123
  124 + def superior_instance
  125 + environment
  126 + end
  127 +
123 # def affiliate(person, roles) 128 # def affiliate(person, roles)
124 # roles = [roles] unless roles.kind_of?(Array) 129 # roles = [roles] unless roles.kind_of?(Array)
125 # roles.map do |role| 130 # roles.map do |role|
app/views/profile_editor/index.rhtml
  Diff comments   View file @958d6bf
@@ -2,7 +2,13 @@ @@ -2,7 +2,13 @@
2 2
3 <%= display_profile_info(profile) %> 3 <%= display_profile_info(profile) %>
4 4
5 -<p> <%= link_to _('Edit'), :action => 'edit' %> </p> 5 +<% if @profile.class == Person %>
  6 + <p> <%= link_to _('Edit'), :action => 'edit' %> </p>
  7 +<% elsif @profile.class == Enterprise %>
  8 + <p> <%= link_to _('Edit'), :controller => 'enterprise_editor'%> </p>
  9 +<% else %>
  10 +
  11 +<% end %>
6 12
7 <p> <%= link_to _('Edit Visual Design'), :action => 'design_editor' %> </p> 13 <p> <%= link_to _('Edit Visual Design'), :action => 'design_editor' %> </p>
8 14
script/anhetegua
  Diff comments   View file @958d6bf
@@ -48,3 +48,20 @@ new_validator(df, &#39;Forum Brasileiro de Economia Solidaria&#39;, &#39;fbes&#39;) @@ -48,3 +48,20 @@ new_validator(df, &#39;Forum Brasileiro de Economia Solidaria&#39;, &#39;fbes&#39;)
48 new_validator(rs, 'Associacao Software Livre.Org', 'asl') 48 new_validator(rs, 'Associacao Software Livre.Org', 'asl')
49 new_validator(rs, 'Forum Gaucho de Economia Solidaria', 'ecosolrs') 49 new_validator(rs, 'Forum Gaucho de Economia Solidaria', 'ecosolrs')
50 50
  51 +# Profile for exibition of homepage and creations of sytem articles such as about and accessibility
  52 +noosfero = Profile.create!(:name => 'noosfero', :identifier => 'noosfero')
  53 +
  54 +# Role for own things
  55 +owner_role = Role.create!(:name => 'owner', :permissions => ['edit_profile', 'destroy_profile', 'manage_memberships', 'post_content', 'edit_profile_design'])
  56 +
  57 +# root user of the system, admin_role for him, the assignment of the role for him and the ownership of the system homepage
  58 +root = User.create!(:login => 'root', :email => 'root@noosfero.org', :password => 'root', :password_confirmation => 'root').person
  59 +admin_role = Role.create!(:name => 'admin', :permissions => ['edit_environment_features', 'edit_environment_design', 'manage_environment_categories', 'manage_environment_roles', 'manage_environment_validators'])
  60 +RoleAssignment.create!(:accessor => root, :role => admin_role, :resource => nil)
  61 +RoleAssignment.create!(:accessor => root, :role => owner_role, :resource => noosfero)
  62 +
  63 +# Sample user and sample enterprise owned by him
  64 +ze= User.create!(:login => 'ze', :email => 'ze@localhost.localdomain', :password => 'test', :password_confirmation => 'test')
  65 +empa = Enterprise.create!(:name => 'Empreendimento A', :identifier => 'empreendimento_a')
  66 +RoleAssignment.create!(:accessor => ze, :role => owner_role, :resource => empa)
  67 +