locomotivecms · jookeing-ng · Oct 7, 2018 · Oct 9, 2018
diff --git a/app/assets/javascripts/locomotive/views/roles/edit_view.js.coffee b/app/assets/javascripts/locomotive/views/roles/edit_view.js.coffee
@@ -0,0 +1,17 @@
+#= require ../shared/form_view
+
+Locomotive.Views.Roles ||= {}
+
+class Locomotive.Views.Roles.EditView extends Locomotive.Views.Shared.FormView
+
+  el: '.main'
+
+  initialize: ->
+    tree = @$('.tree-view-div').tree(
+      primaryKey: 'id',
+      uiLibrary: 'bootstrap',
+      dataSource: JSON.parse(@$('.tree-view-div').attr('data-source')),
+      checkboxes: true)
+
+    @$('.edit_role').on 'submit', (e) ->
+      $('.role-pages-input').val(tree.getCheckedNodes())
diff --git a/app/assets/javascripts/locomotive/views/roles/new_view.js.coffee b/app/assets/javascripts/locomotive/views/roles/new_view.js.coffee
@@ -0,0 +1,17 @@
+#= require ../shared/form_view
+
+Locomotive.Views.Roles ||= {}
+
+class Locomotive.Views.Roles.NewView extends Locomotive.Views.Shared.FormView
+
+  el: '.main'
+
+  initialize: ->
+    tree = @$('.tree-view-div').tree(
+      primaryKey: 'id',
+      uiLibrary: 'bootstrap',
+      dataSource: JSON.parse(@$('.tree-view-div').attr('data-source')),
+      checkboxes: true)
+
+    @$('.edit_role').on 'submit', (e) ->
+      $('.role-pages-input').val(tree.getCheckedNodes())
diff --git a/app/controllers/locomotive/accounts_controller.rb b/app/controllers/locomotive/accounts_controller.rb
@@ -12,7 +12,7 @@ def new
     def create
       authorize Membership
       @account = Account.create(account_params)
-      service.create(@account) if @account.errors.empty?
+      service.create(@account,params[:account][:role_id]) if @account.errors.empty?
       respond_with @account, location: edit_current_site_path(current_site)
     end
 

diff --git a/app/controllers/locomotive/concerns/membership_controller.rb b/app/controllers/locomotive/concerns/membership_controller.rb
@@ -22,6 +22,11 @@ def current_membership
         end
       end
 
+      def current_role
+        return nil if current_membership.nil?
+        current_membership.role
+      end
+
       def validate_site_membership
         return true if current_membership.try(:site).present?
 

diff --git a/app/controllers/locomotive/editable_elements_controller.rb b/app/controllers/locomotive/editable_elements_controller.rb
@@ -8,6 +8,7 @@ class EditableElementsController < BaseController
 
     before_action :load_page
     after_action  :store_location_if_content_entry
+    before_action :validate_pages_access, only: [:index]
 
     layout :editable_elements_layout
 
@@ -72,5 +73,14 @@ def store_location_if_content_entry
       store_location if @content_entry
     end
 
+    protected 
+    def validate_pages_access
+        return true if current_role.is_admin?
+        if current_role.role_pages.exclude? @page.id.to_s
+          flash[:alert] = "You have no access to #{ @page.title.to_s.titleize }"
+          redirect_to dashboard_url(current_site) and return false
+        end
+    end
+
   end
 end
diff --git a/app/controllers/locomotive/memberships_controller.rb b/app/controllers/locomotive/memberships_controller.rb
@@ -13,10 +13,10 @@ def new
 
     def create
       authorize Membership
-      if @membership = service.create(membership_params[:email])
+      if @membership = service.create(membership_params[:email],membership_params[:role_id])
         respond_with @membership, location: edit_current_site_path(current_site), flash: true
       else
-        redirect_to new_account_path(email: membership_params[:email])
+        redirect_to new_account_path(email: membership_params[:email],role_id: membership_params[:role_id])
       end
     end
 
@@ -26,7 +26,7 @@ def edit
 
     def update
       authorize @membership
-      self.service.change_role(@membership, membership_params[:role])
+      self.service.change_role(@membership, membership_params[:role_id])
       respond_with @membership, location: edit_current_site_path
     end
 

diff --git a/app/controllers/locomotive/roles_controller.rb b/app/controllers/locomotive/roles_controller.rb
@@ -0,0 +1,62 @@
+module Locomotive
+  class RolesController < BaseController
+
+    account_required & within_site
+
+    before_action :load_role, only: [:edit, :update, :destroy]
+
+    def new
+      authorize Role
+      @role = current_site.roles.build
+      respond_with @role
+    end
+
+    def create
+      authorize Role
+      if @role = service.create(role_params)
+        respond_with @role, location: edit_current_site_path(:anchor => "role"), flash: true
+      else
+        redirect_to new_role_path(current_site)
+      end
+    end
+
+    def edit
+      respond_with @role
+    end
+
+    def update
+      authorize @role
+      self.service.update(@role, role_params)
+      respond_with @role, location: edit_current_site_path(:anchor => "role")
+    end
+
+    def destroy
+      authorize @role
+      @role.destroy
+      respond_with @role, location: edit_current_site_path(:anchor => "role")
+    end
+
+    def new_model
+      if params[:role_model].present?
+        render partial: 'role_models', locals: { role_model: params[:role_model] }
+      else
+        head :unprocessable_entity
+      end
+    end
+
+    protected
+
+    def service
+      @service ||= Locomotive::RoleService.new(current_site, current_locomotive_account)
+    end
+
+    def load_role
+      @role = current_site.roles.find(params[:id])
+    end
+
+    def role_params
+      params.require(:role).permit(*policy(@role || Role).permitted_attributes)
+    end
+
+  end
+end
diff --git a/app/helpers/locomotive/accounts_helper.rb b/app/helpers/locomotive/accounts_helper.rb
@@ -5,5 +5,14 @@ def options_for_account
       current_site.accounts.collect { |a| ["#{a.name} <#{a.email}>", a.id.to_s] }
     end
 
+    def options_for_membership_roles
+      roles_arr = [].tap do |options|
+        current_site.roles.each do |role|
+          options << [role.name.capitalize, role.id.to_s]
+        end
+      end
+      roles_arr.sort!
+    end    
+
   end
 end
diff --git a/app/helpers/locomotive/dashboard_helper.rb b/app/helpers/locomotive/dashboard_helper.rb
@@ -21,6 +21,7 @@ def activity_to_icon(activity)
       when 'content_entry'    then activity.action == 'created_public' ? 'fa-comment' : 'fa-archive'
       when 'content_asset'    then 'fa-image'
       when 'membership'       then 'fa-user'
+      when 'role'             then 'fa-user'
       when 'site_metafields'  then current_site_metafields_ui[:icon]
       end
     end
@@ -36,6 +37,8 @@ def render_activity_sentence(activity)
       when 'content_asset.destroyed'        then { name:  activity_emphasize(params[:name]) }
       when 'membership.created'             then { name: activity_emphasize(params[:name]) }
       when 'site_metafields.updated'        then { label: current_site_metafields_ui[:label].downcase }
+      when 'role.created'                   then { name: activity_emphasize(params[:name]) }
+      when 'role.updated'                   then { name: activity_emphasize(params[:name]) }
       end
 
       activity_key_to_sentence(activity.key, options)

diff --git a/app/helpers/locomotive/memberships_helper.rb b/app/helpers/locomotive/memberships_helper.rb
@@ -1,18 +1,13 @@
 module Locomotive
   module MembershipsHelper
 
-    def options_for_membership_roles(membership)
-      current_role = membership.role
-
-      [].tap do |options|
-        Locomotive::Membership::ROLES.each do |role|
-          membership.role = role
-          if policy(membership).change_role?
-            options << [t("locomotive.memberships.roles.#{role}"), role.to_s]
-          end
+    def options_for_membership_roles
+      roles_arr = [].tap do |options|
+        current_site.roles.each do |role|
+          options << [role.name.capitalize, role.id.to_s]
         end
-        membership.role = current_role
       end
+      roles_arr.sort!
     end
 
   end

diff --git a/app/helpers/locomotive/roles_helper.rb b/app/helpers/locomotive/roles_helper.rb
@@ -0,0 +1,22 @@
+module Locomotive
+  module RolesHelper
+
+    def options_for_role_models
+      [].tap do |options|
+        Locomotive::ContentTypeService.new(current_site).list.each do |model|
+          options << [model.slug.titleize,model.slug]
+        end
+      end
+    end
+
+    def options_for_role_pages(role, pages)
+      collection = []
+      pages.each do |page|
+        children_page = page.children
+        collection << { id: page.id.to_s, text: page.title, checked: (role.role_pages.to_a.include? page.id.to_s) , hasChildren: children_page.present? , children: options_for_role_pages(role, children_page) }
+      end
+      collection
+    end
+
+  end
+end
diff --git a/app/helpers/locomotive/shared/pages_helper.rb b/app/helpers/locomotive/shared/pages_helper.rb
@@ -39,7 +39,7 @@ def render_pages
       end
 
       def build_page_tree
-        @page_tree ||= Locomotive::PageTreeService.new(current_site).build_tree
+        @page_tree ||= Locomotive::PageTreeService.new(current_site,current_membership).build_tree
       end
 
       class Node < Struct.new(:page, :children, :controller)

diff --git a/app/inputs/locomotive/tree_view_input.rb b/app/inputs/locomotive/tree_view_input.rb
@@ -0,0 +1,40 @@
+module Locomotive
+  class TreeViewInput < ::SimpleForm::Inputs::Base
+
+    include Locomotive::SimpleForm::BootstrapHelpers
+    include Locomotive::SimpleForm::HeaderLink
+    include Locomotive::SimpleForm::Inputs::FasterTranslate
+
+    def input(wrapper_options)
+      hidden_input + tree_view_wrapper
+    end
+
+    def hidden_input
+       _template = options[:template]
+      template_path = _template.respond_to?(:has_key?) ? _template[:path].to_s : _template.to_s
+      template.render(template_path).html_safe
+    end
+
+    def tree_view_wrapper
+      row_wrapping do
+        template.content_tag :div,
+          tree_view_html,
+          class: tree_view_wrapper_class
+      end
+    end
+
+    def tree_view_wrapper_class
+      %w(col-md-12).tap do |wrapper_class|
+      end.join(' ')
+    end
+
+    def tree_view_html
+      template.content_tag :div, '', class: 'tree-view-div', 'data-source': options[:source_options].to_json
+    end
+
+    def link(wrapper_options)
+
+    end
+
+  end
+end
diff --git a/app/models/locomotive/account.rb b/app/models/locomotive/account.rb
@@ -26,6 +26,7 @@ class Account
     field :name
     field :locale,  default: Locomotive.config.default_locale.to_s or 'en'
     field :super_admin, type: Boolean, default: false
+    attr_reader   :role_id
 
     ## validations ##
     validates_presence_of :name

diff --git a/app/models/locomotive/concerns/membership/role.rb b/app/models/locomotive/concerns/membership/role.rb
@@ -0,0 +1,27 @@
+module Locomotive
+  module Concerns
+    module Membership
+      module Role
+
+        extend ActiveSupport::Concern
+
+        included do
+
+        end
+
+        def to_role
+          role_name.to_sym
+        end
+
+        def role_name
+          self.role.try(:name).to_s
+        end
+
+        def role_name=(role)
+          self.role.name = role
+        end
+
+      end
+    end
+  end
+end
diff --git a/app/models/locomotive/concerns/role/role_models.rb b/app/models/locomotive/concerns/role/role_models.rb
@@ -0,0 +1,15 @@
+module Locomotive
+  module Concerns
+    module Role
+      module RoleModels
+
+        extend ActiveSupport::Concern
+
+        included do
+          field :role_models, type: ::RawArray, default: []
+        end
+
+      end
+    end
+  end
+end
diff --git a/app/models/locomotive/concerns/role/role_pages.rb b/app/models/locomotive/concerns/role/role_pages.rb
@@ -0,0 +1,19 @@
+module Locomotive
+  module Concerns
+    module Role
+      module RolePages
+
+        extend ActiveSupport::Concern
+
+        included do
+          field :role_pages,  type: ::RawArray, default: []
+        end
+
+        def role_pages_str=(pages_str)
+          self.role_pages = pages_str.split(',')
+        end
+
+      end
+    end
+  end
+end