Changeset 44

Timestamp:

08/07/06 11:18:56 (2 years ago)

Author:

markku

Message:

• #12 implemented. Also made some minor improvements on asset permission code.
  
• Few translations for #12.
  
• AssetTest? and AssetControllerTest? rewriten. They don't use fixture files and many of the tests are simpler and better than the old ones. Some new tests were added.
  
• Added temporary models db/temp_models.rb, which are be used to create records to the database without the actual models. Usefull in test and migrations.
  
• Fixed broken link and checkbox disabling in view asset/user_permissions.
  

Files:

• trunk/app/controllers/asset_controller.rb (modified) (14 diffs)
• trunk/app/models/asset.rb (modified) (17 diffs)
• trunk/app/models/asset_join_model.rb (modified) (1 diff)
• trunk/app/models/assets_user_group.rb (modified) (1 diff)
• trunk/app/models/data_permission_profile.rb (modified) (1 diff)
• trunk/app/models/protected_asset_data.rb (modified) (2 diffs)
• trunk/app/models/protected_join_model.rb (modified) (3 diffs)
• trunk/app/views/asset/edit_user_permissions.rhtml (modified) (1 diff)
• trunk/app/views/asset/user_permissions.rhtml (modified) (1 diff)
• trunk/db/migrate/001_initial.rb (modified) (2 diffs)
• trunk/db/migrate/002_initial_data.rb (modified) (1 diff)
• trunk/db/temp_models.rb (added)
• trunk/po/fi_FI/norfello_cmms.po (modified) (24 diffs)
• trunk/test/functional/asset_controller_test.rb (modified) (32 diffs)
• trunk/test/functional/search_controller_test.rb (modified) (2 diffs)
• trunk/test/test_helper.rb (modified) (6 diffs)
• trunk/test/unit/asset_test.rb (modified) (19 diffs)
• trunk/test/unit/assets_user_group_test.rb (modified) (7 diffs)
• trunk/test/unit/data_permission_profile_test.rb (modified) (2 diffs)
• trunk/test/unit/protected_asset_data_test.rb (modified) (4 diffs)
• trunk/test/unit/protected_join_model_test.rb (modified) (1 diff)

trunk/app/controllers/asset_controller.rb

@@ -35 +35 @@
-
-  def add_sub_asset
-edi
+create_subasse
-      redirect_with_message(msg_unauthorized_operation(_('create subassets'), @selected_asset.code_and_name), :action => 'view')
-      return
@@ -91 +91 @@
-      @selected_asset.attributes = params[:selected_asset]
-
-if not
+unless
-        flash[:error] = msg_saving_failed
-        render :action => 'view'
@@ -114 +114 @@
-  end
-
-FIXME: Should these be moved to DataPermissionController
+TODO: It might be best to create AssetPermissionController for these actions
-
-  # Managing permissions.
@@ -126 +126 @@
-  # link to parent's permissions page are shown
-  def user_permissions
+    @authorized_to_edit = @selected_asset.authorized_to_edit_permissions?
+
-    if @selected_asset.use_parents_permissions
-      @title = _("Asset %s uses same permissions as its parent asset %s", @selected_asset.code_and_name, @selected_asset.parent.code_and_name)
@@ -139 +141 @@
-    @available_groups = UserGroup.find(:all, :readonly => true) - @items
-
-    @authorized_to_edit = @selected_asset.authorized_to_edit?
-    # Render edit permissions action link if user is authorized
-
+user_
-      @actions = [ [_('Edit permissions'), {:action => 'edit_user_permissions', :asset_id => @selected_asset.id, :image => '16x16/edit'}] ]
-    else
@@ -159 +160 @@
-    # Check that user is authorized to edit the asset and that it isn't using parent's permissions.
-    asset = Asset.find(params[:asset_id], :readonly => true)
-
+s_permissions
-
-    user_group = UserGroup.find(params[:id], :readonly => true)
@@ -181 +182 @@
-    # Check that user is authorized to edit the asset and that it isn't using parent's permissions.
-    asset = Asset.find(params[:asset_id], :readonly => true)
-
+s_permissions
-
-    redirect_to(:action => 'user_permissions')
@@ -196 +197 @@
-  # Sets asset @selected_asset's use_parents_permissions attribute.
-  def set_use_parents_permissions
+    invalid_request and return unless request.post? and params[:selected_asset] and ['0', '1'].include?(params[:selected_asset][:use_parents_permissions])
+
+    if @selected_asset.update_attribute(:use_parents_permissions, params[:selected_asset][:use_parents_permissions])
+      flash[:notice] = msg_changes_saved 
+    else
+      flash[:error] = msg_saving_failed
+    end
-    redirect_to :back
-
-    if request.post? and params[:selected_asset] and
-        ['0', '1'].include?(params[:selected_asset][:use_parents_permissions]) and
-        @selected_asset.update_attribute(:use_parents_permissions, params[:selected_asset][:use_parents_permissions])
-
-      flash[:notice] = msg_changes_saved 
-    else
-      flash[:error] = msg_saving_failed
-    end
-  end
-
@@ -212 +211 @@
-    if request.post? and params[:id] and params[:depth]
-      asset = Asset.find(params[:id], :readonly => true)
-
+s_permissions
-      copies = asset.copy_permissions_to_subassets(params[:depth].to_i)
-      if copies > 0
@@ -228 +227 @@
-    # Find objects and check that authorized to edit asset
-    @asset = Asset.find(params[:asset_id], :readonly => true)
-
+s_permissions
-
-    @user_group = UserGroup.find params[:id]
@@ -256 +255 @@
-    assets_user_group = AssetsUserGroup.find(params[:id])
-    asset = assets_user_group.asset
-
+s_permissions
-
-    # Update user group's permissions to the asset.
@@ -279 +278 @@
-    assets_user_group = AssetsUserGroup.find(params[:id])
-    asset = assets_user_group.asset
-
+s_permissions
-
-    assets_user_group.update_permission_profiles(params[:profile], params[:report], params[:work_order], params[:attachment])
@@ -297 +296 @@
-    assets_user_group = AssetsUserGroup.find(params[:id])
-    asset = assets_user_group.asset
-
+s_permissions
-
-    redirect_to(:action => 'edit_user_permissions',
@@ -318 +317 @@
-private
-
-
-
-
-
+'s permissions
+.
+s_permissions
+_permissions
-      error("Unauthorized to edit asset #{asset.full_code}'s permissions")
-      redirect_with_error_message(msg_unauthorized_operation(_('edit permissions'), asset.code_and_name),

trunk/app/models/asset.rb

@@ -174 +174 @@
-  end
-
+  # Returns true if the user is authorized to create sub-assets to this asset
+  def authorized_to_create_subasset?
+    authorized_to(:create_subasset)
+  end
+
+  # Returns true if the user is authorized to edit asset permissions for this asset
+  def authorized_to_edit_permissions?
+    authorized_to(:edit_permissions)
+  end
+
+  # Returns true if the user is authorized to remove this asset
+  def authorized_to_remove?
+    authorized_to(:remove)
+  end
+
-  # Returns true if the user is authorized to create new instances of +datatype+ to this asset
-  def authorized_to_create?(datatype)
@@ -202 +217 @@
-  # The same association is created also for all sub-assets using this asset's permissions.
-  # Returns true if the creation is successfull and returns false if it fails.
-edit = false
+permissions = {}
-    raise("#{user_group.class} in not a UserGroup") unless user_group.is_a?(UserGroup)
-
+
+
+
+
+
-
-    AssetsUserGroup.transaction do
-
-self.assets_user_groups.build(:user_group_id => user_group.id, :edit => edit)
+user_group_to_add
-        _info("User group \"#{user_group.name}\" added to asset #{self.full_code} and to all sub-assets using it's permissions.")
-        return true
@@ -223 +242 @@
-  def remove_user_groups(user_group_ids)
-    raise('Unable to remove user groups without ids') if user_group_ids.empty?
-use_parents_permissions) and authorized_to_edit
+self.use_parents_permissions) and authorized_to_edit_permissions
-
-    associations_to_destroy = self.assets_user_groups.find(:all, :conditions => ['user_group_id IN (?)', user_group_ids])
@@ -335 +354 @@
-
-    self.children.each { |subasset|
-
+_permissions
-
-      case operation
@@ -353 +372 @@
-                                             :create_report => assets_user_group.create_report,
-                                             :create_work_order => assets_user_group.create_work_order,
-
+
+
+
+
-          _info("AssetsUserGroup(id=#{subassets_group.id}) updated")
-        else
@@ -361 +383 @@
-        subassets_group = AssetsUserGroup.find_by_asset_id_and_user_group_id(subasset.id, user_group_id)
-
-not(subassets_group.nil?)
+subassets_group != nil
-          _info("User group (id=#{user_group_id}) removed from asset #{subasset.full_code}")
-        else
@@ -373 +395 @@
-  end
-
-'s data permission profiles in sub-asset'
+s data permission profiles in sub-asset
-  # by performing +operation+ to sub-asset's user group's data permission profile.
-  # Called by after_[create|update|destroy] callbacks in DataPermissionProfile model.
@@ -416 +438 @@
-        profile = permission_profile.class.find_by_assets_user_group_id_and_user_group_id(subassets_group.id, permission_profile.user_group_id)
-
-not(profile.nil?)
+profile != nil
-          _info("#{profile.class}(id=#{profile.id}) removed")
-        else
@@ -431 +453 @@
-
-  # Version of find which only returns assets the user is authorized to perform +operation+.
+  # +operation+::  Symbol defining which permission is checked. One of :edit, :create_subasset,
+  #                :remove, :edit_permissions, :create_report, :create_work_order, :attach_file.
-  def Asset.find_authorized_to(operation, args)
-    return records_not_found(args) unless user = User.current_user
@@ -440 +464 @@
-                when :read
-                  sanitize_sql(['user_group_id IN (?)', group_ids])
-
-'user_group_id IN (?) AND edit = ?'
+, :create_subasset, :edit_permissions, :remove, :create_report, :create_work_order, :attach_file
+"user_group_id IN (?) AND #{operation} = ?"
-                else
-                  raise("Unknown operation: #{operation}")
@@ -448 +472 @@
-    return records_not_found(args) if asset_ids.empty?
-
-final_
-
-final_
+
+
+
-  end
-
-  # Returns true if the user is authorized to perform operation +operation+ to this asset.
-Symbol defining which permission is checked.
-One of :edit, :create_report, :create_work_order, :attach_fil
+ Symbol defining which permission is checked. One of :edit, :create_report,
+ :create_work_order, :attach_file, :create_subasset, :edit_permissions, :remov
-  def authorized_to(operation)
-    if user = User.current_user
@@ -474 +498 @@
-  end
-
-editing
+create_subasset
-  def check_authorized_to_edit_parent
-    if Asset.count == 0
@@ -484 +508 @@
-    raise(ActiveRecord::ActiveRecordError, "Asset #{self.full_code} doesn't have parent!") if parent_asset.nil?
-
-edi
+create_subasse
-      _info("Authorized to create sub-asset to asset #{parent_asset.full_code}")
-      return true
@@ -500 +524 @@
-    end
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
-    else
-
-
-
-
+
+
+
+
+
+
+
+
+
-  end
-
@@ -536 +573 @@
-  # permissions are identical with those in +assets_groups+.
-  def copy_permissions(assets_groups)
-
+_permissions
-
-    if self.new_record?
-      self.assets_user_groups = AssetsUserGroup.new_ones_from_instances(assets_groups)
-
-Range.new(0, assets_groups.size-1).each
+0.upto(assets_groups.size - 1)
-        self.assets_user_groups[j].copy_data_permission_profiles_from(assets_groups[j])
-      }
@@ -552 +589 @@
-          :create_report => aug.create_report,
-          :create_work_order => aug.create_work_order,
-
+
+
+
+
-        }
-        if new_aug.nil?
@@ -573 +613 @@
-  end
-
+  # Returns true if all attributes, except use_parents_permissions, are unchanged.
+  def only_use_parents_permissions_changed?
+    original_attributes = Asset.find(self.id).attributes
+    original_attributes.delete('use_parents_permissions')
+    attributes = self.attributes
+    attributes.delete('use_parents_permissions')
+
+    attributes == original_attributes
+  end
+
+  # Returns true if use_parents_permissions is unchanged.
+  def use_parents_permissions_unchanged?
+    self.use_parents_permissions == @original_use_parents_permissions
+  end
+
-end

trunk/app/models/asset_join_model.rb

@@ -23 +23 @@
-  def new_from_instance
-    new_obj = self.clone
-
+[0]
-    new_obj
-  end

trunk/app/models/assets_user_group.rb

@@ -25 +25 @@
-  before_update :check_authorized_to_edit
-  # Associations
-
+, :edit_permission => :authorized_to_edit_permissions?
-  has_many :data_permission_profiles, :dependent => :delete_all
-  has_many :report_permission_profiles, :order => 'other', :dependent => :delete_all

trunk/app/models/data_permission_profile.rb

@@ -39 +39 @@
-      add = true
-      profiles.each { |profile|
+        next unless profile.class == profile_to_add.class
+
-        if profile.user_group_id == profile_to_add.user_group_id
-          add = false

trunk/app/models/protected_asset_data.rb

@@ -161 +161 @@
-    end
-
-final_
-
-final_
+
+
+
-  end
-
@@ -175 +175 @@
-    return records_not_found(args) if asset_ids.empty?
-
-final_
-
-final_
+
+
+
-  end
-

trunk/app/models/protected_join_model.rb

@@ -17 +17 @@
-  belongs_to :user_group
-
+  # Like ARs belongs_to association. In addition sets protector model for the model.
+  # Default value for option :edit_permission is :authorized_to_edit?
+  #
+  def ProtectedJoinModel.belongs_to_protector(association_id, options = {})
+    edit_permission = options.delete(:edit_permission) || :authorized_to_edit?
-
-  # Like belongs_to association. In addition sets protector model for the model.
-  def ProtectedJoinModel.belongs_to_protector(association_id, options = {})
-    belongs_to(association_id, options)
-
-association_id
+[association_id, edit_permission]
-  end
-
@@ -44 +47 @@
-  # Returns an instance of the protector model for this object.
-  def protector
-
+[0]
-  end
-
@@ -50 +53 @@
-  def authorized_to_edit?
-    begin
-authorized_to_edit?
+send(self.class::PROTECTOR_MODEL[1])
-    rescue NoMethodError
-
+[0]
-    end
-  end

trunk/app/views/asset/edit_user_permissions.rhtml

@@ -22 +22 @@
-      <th><%= _('Attach files') %></th>
-      <td><%= check_box(:assets_user_group, :attach_file) %></td>
+    </tr>
+    <tr>
+      <th><%= _('Create sub-assets') %></th>
+      <td><%= check_box(:assets_user_group, :create_subasset) %></td>
+    </tr>
+    <tr>
+      <th><%= _('Edit asset permissions') %></th>
+      <td><%= check_box(:assets_user_group, :edit_permissions) %></td>
+    </tr>
+    <tr>
+      <th><%= _('Remove asset') %></th>
+      <td><%= check_box(:assets_user_group, :remove) %></td>
-    </tr>
-    <tr>

trunk/app/views/asset/user_permissions.rhtml

@@ -29 +29 @@
-
-<% else -%>
-
+controller => 'asset_tree', :
-<% end -%>
-
-<% if @selected_asset.parent -%>
-  <br/>
-not @selected_asset.authorized_to_edit?
+@authorized_to_edit != true
-  <%= form_tag(:action => 'set_use_parents_permissions') %>
-    <table class="form">

trunk/db/migrate/001_initial.rb

@@ -2 +2 @@
-  def self.up
-    use_limit_for_binary_columns = ['MySQL'].include?(ActiveRecord::Base.connection.adapter_name)
+
-    #transaction do 
-      # USERS
@@ -275 +276 @@
-        t.column "user_group_id", :integer
-        t.column "edit", :boolean, :default => false
-        t.column "add_subasset", :boolean, :default => false
-        t.column "remove", :boolean, :default => false
-        t.column "edit_permissions", :boolean, :default => false
-        t.column "create_report", :boolean, :default => false
-        t.column "create_work_order", :boolean, :default => false
-        t.column "attach_file", :boolean, :default => false
+        t.column "create_subasset", :boolean, :default => false
+        t.column "edit_permissions", :boolean, :default => false
+        t.column "remove", :boolean, :default => false
-      end
-      add_index "assets_user_groups", ["asset_id"]

trunk/db/migrate/002_initial_data.rb

@@ -26 +26 @@
-      execute "INSERT INTO assets (code, name) VALUES ('CMMS', 'NorfelloCMMS');"
-      # User permissions to assets
-)"
-)"
-
-
-
-D
+, ?, ?, ?)", true, true, true
+, ?, ?, ?)", false, false, false
+
+, create_subasset, edit_permissions, remove
+
+d
-      [["(1, 1, ?, 'ReportPermissionProfile', ?, ?, ?)", false, true, true, true],
-       ["(1, 1, ?, 'WorkOrderPermissionProfile', ?, ?, ?)", false, true, true, true],

trunk/po/fi_FI/norfello_cmms.po

@@ -2 +2 @@
-msgstr ""
-"Project-Id-Version: NorfelloCMMS SVN trunk\n"
-0:50
-4 14:38
-Jarmo Hekkanen <jarmo.hekk
+1:11
+7 11:13
+Markku Oksanen <markku.oks
-"Language-Team: Norfello Ltd. <contact@norfello.com>\n"
-"MIME-Version: 1.0\n"
@@ -14 +14 @@
-"X-Poedit-Bookmarks: 311,243,-1,-1,-1,-1,-1,-1,-1,-1\n"
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-#: app/controllers/asset_controller.rb:31
-#: app/controllers/asset_tree_controller.rb:50
-#: app/controllers/data_permission_controller.rb:31
-#: app/controllers/data_permission_controller.rb:34
-#: app/controllers/data_permission_controller.rb:37
-#: app/controllers/attachment_controller.rb:46