@@ -84,32 +84,63 @@ module AuthorizationRulesHelper role_color(role)) end + def human_privilege (privilege) + begin + I18n.t(privilege, :scope => [:declarative_authorization, :privilege], :raise => true) + rescue + privilege.to_s + end + end + + def human_context (context) + begin + context.to_s.classify.constantize.human_name + rescue + context.to_s + end + end + + def human_privilege_context (privilege, context) + human = [human_privilege(privilege), human_context(context)] + begin + unless I18n.t(:verb_in_front_of_object, :scope => :declarative_authorization, :raise => true) + human.reverse! + end + rescue + end + human * " " + end + + def human_role (role) + Authorization::Engine.instance.title_for(role) or role.to_s + end + def describe_step (step, options = {}) options = {:with_removal => false}.merge(options) case step[0] when :add_privilege dont_assign = prohibit_link(step[0,3], - "Add privilege <strong>#{h step[1].to_sym.inspect} #{h step[2].to_sym.inspect}</strong> to any role", - "Don't suggest adding #{h step[1].to_sym.inspect} #{h step[2].to_sym.inspect}.", options) - "Add privilege <strong>#{h step[1].inspect} #{h step[2].inspect}</strong>#{dont_assign} to role <strong>#{h step[3].to_sym.inspect}</strong>" + "Add privilege <strong>#{h human_privilege_context(step[1], step[2])}</strong> to any role", + "Don't suggest adding #{h human_privilege_context(step[1], step[2])}.", options) + "Add privilege <strong>#{h human_privilege_context(step[1], step[2])}</strong>#{dont_assign} to role <strong>#{h human_role(step[3].to_sym)}</strong>" when :remove_privilege dont_remove = prohibit_link(step[0,3], - "Remove privilege <strong>#{h step[1].to_sym.inspect} #{h step[2].to_sym.inspect}</strong> from any role", - "Don't suggest removing #{h step[1].to_sym.inspect} #{h step[2].to_sym.inspect}.", options) - "Remove privilege <strong>#{h step[1].inspect} #{h step[2].inspect}</strong>#{dont_remove} from role <strong>#{h step[3].to_sym.inspect}</strong>" + "Remove privilege <strong>#{h human_privilege_context(step[1], step[2])}</strong> from any role", + "Don't suggest removing #{h human_privilege_context(step[1], step[2])}.", options) + "Remove privilege <strong>#{h human_privilege_context(step[1], step[2])}</strong>#{dont_remove} from role <strong>#{h human_role(step[3].to_sym)}</strong>" when :add_role - "New role <strong>#{h step[1].to_sym.inspect}</strong>" + "New role <strong>#{h human_role(step[1].to_sym)}</strong>" when :assign_role_to_user dont_assign = prohibit_link(step[0,2], - "Assign role <strong>#{h step[1].to_sym.inspect}</strong> to any user", - "Don't suggest assigning #{h step[1].to_sym.inspect}.", options) - "Assign role <strong>#{h step[1].to_sym.inspect}</strong>#{dont_assign} to <strong>#{h readable_step_info(step[2])}</strong>" + "Assign role <strong>#{h human_role(step[1].to_sym)}</strong> to any user", + "Don't suggest assigning #{h human_role(step[1].to_sym)}.", options) + "Assign role <strong>#{h human_role(step[1].to_sym)}</strong>#{dont_assign} to <strong>#{h readable_step_info(step[2])}</strong>" when :remove_role_from_user dont_remove = prohibit_link(step[0,2], - "Remove role <strong>#{h step[1].to_sym.inspect}</strong> from any user", - "Don't suggest removing #{h step[1].to_sym.inspect}.", options) - "Remove role <strong>#{h step[1].to_sym.inspect}</strong>#{dont_remove} from <strong>#{h readable_step_info(step[2])}</strong>" + "Remove role <strong>#{h human_role(step[1].to_sym)}</strong> from any user", + "Don't suggest removing #{h human_role(step[1].to_sym)}.", options) + "Remove role <strong>#{h human_role(step[1].to_sym)}</strong>#{dont_remove} from <strong>#{h readable_step_info(step[2])}</strong>" else step.collect {|info| readable_step_info(info) }.map {|str| h str } * ', ' end + prohibit_link(step, options[:with_removal] ? "#{escape_javascript(describe_step(step))}" : '', app/helpers/authorization_rules_helper.rb @@ -2,10 +2,10 @@ <h2>Which permission to change?</h2> <p class="action-options"> <label>Privilege</label> - <%= select_tag :privilege, options_for_select(@privileges.map(&:to_s).sort, @privilege.to_s) %> + <%= select_tag :privilege, options_for_select(@privileges.map {|p| [human_privilege(p), p.to_s]}.sort, @privilege.to_s) %> <br/> <label>On</label> - <%= select_tag :context, options_for_select(@contexts.map(&:to_s).sort, @context.to_s) %> + <%= select_tag :context, options_for_select(@contexts.map {|c| [human_context(c), c.to_s]}.sort, @context.to_s) %> <br/> <label></label> <%= link_to_function "Show current permissions", "show_current_permissions()", :class => 'unimportant' %> @@ -35,7 +35,7 @@ <tr class="<%= controller.authorization_engine.permit?(@privilege, :context => @context, :user => user, :skip_attribute_test => true) ? 'permitted' : 'not-permitted' %>"> <td class="user_id"><%=h user.id %></td> <td style="font-weight:bold"><%=h user.login %></td> - <td><%=h user.role_symbols * ', ' %></td> + <td><%=h user.role_symbols.map {|r| human_role(r)} * ', ' %></td> <td><%= radio_button_tag "user[#{user.id}][permission]", "undetermined", true %></td> <td class="yes"><%= radio_button_tag "user[#{user.id}][permission]", "yes" %></td> <td class="no"><%= radio_button_tag "user[#{user.id}][permission]", "no" %></td> app/views/authorization_rules/_change.erb @@ -30,13 +30,13 @@ <% if grouped_approach.similar_approaches.empty? %> <span class="unimportant show-others-in-group">No further suggestions in this group</span> <% else %> - <%= link_to_function "Show further #{pluralize grouped_approach.similar_approaches.length, "suggestion"} in this group", "show_group_approaches(#{group_index})", :class => "show-others-in-group" %> + <%= link_to_function "Show further <strong>#{pluralize grouped_approach.similar_approaches.length, "suggestion"}</strong> in this group", "show_group_approaches(#{group_index})", :class => "show-others-in-group" %> <% end %> <% end %> <%= link_to_function "Hide further suggestions", "hide_group_approaches(#{group_index})" if index > 0 and index == grouped_approach.similar_approaches.length %> </li> <% if index == 0 and group_index == 2 and @grouped_approaches.length > 3 %> - <li <%= !params[:show_all] ? '' : 'style="display: none"' %>><%= link_to_function "Show further #{pluralize(@grouped_approaches.length - 3, 'group')}", "show_all_groups(); $(this).up().hide()" %></li> + <li <%= !params[:show_all] ? '' : 'style="display: none"' %>><%= link_to_function "Show further <strong>#{pluralize(@grouped_approaches.length - 3, 'group')}</strong>", "show_all_groups(); $(this).up().hide()" %></li> <% end %> <% end %> <% end %> app/views/authorization_rules/_suggestions.erb @@ -8,6 +8,8 @@ </div> <%= render 'show_graph' %> +<div id="spinner" style="display:none">Searching...</div> + <style type="text/css"> .action-options label { display: block; float: left; width: 7em; padding-bottom: 0.5em } .action-options label.inline { display: inline; float: none } @@ -52,17 +54,32 @@ .unimportant, .remove, .prohibit { color: grey } .important { font-weight: bold } .remove { cursor: pointer } + #spinner { position: fixed; top: 0; right: 0; background: #FFE599; padding: 1em } </style> <% javascript_tag do %> function suggest_changes (refresh) { - if (!refresh) + var opened_groups = $$("#suggest-result>ul>li.secondary").select(function (li) {return li.visible()}).collect(function (li) { + return li.classNames().toArray()[1].split("-")[1]; + }).uniq(); + + if (refresh) + $("spinner").show(); + else $("suggest-result").innerHTML = "Searching..."; + + $("suggest-result").show(); new Ajax.Updater({success: 'suggest-result'}, '<%= suggest_change_authorization_rules_path %>', { method: 'get', onFailure: function(request) { $("suggest-result").innerHTML = "Error while searching." }, + onComplete: function () { + $("spinner").hide(); + opened_groups.each(function (group_no) { + show_group_approaches(group_no); + }); + }, parameters: $H($('change').down('form').serialize(true)).merge(refresh ? {show_all: "true"} : {}).toQueryString() }); if (!refresh) @@ -70,7 +87,7 @@ } function show_suggest_graph (changes, filter_roles_params, filter_context, user_ids) { - var params = {changes: changes, highlight_privilege: $F('privilege')}; + var params = {changes: changes, highlight_privilege: $F('privilege'), stacked_roles: '1'}; if (filter_context) params['filter_contexts'] = filter_context; if (user_ids) app/views/authorization_rules/change.html.erb @@ -22,7 +22,7 @@ digraph rules { node [shape=ellipse,style=filled] <%= @stacked_roles ? '' : "rank = same" %> <% @roles.each do |role| %> - "<%= role.inspect %>" [fillcolor="<%= role_fill_color(role) %>"] + "<%= role.inspect %>" [fillcolor="<%= role_fill_color(role) %>",label="<%= human_role(role) %>"] // ,URL="javascript:set_filter({roles: '<%= role %>'})" <% end %> <% @roles.each do |role| %> @@ -42,11 +42,11 @@ digraph rules { <% @contexts.each do |context| %> subgraph cluster_<%= context %> { - label = "<%= context.inspect %>" + label = "<%= human_context(context) %>" style=filled; fillcolor="#eeeeee" node[fillcolor=white,style=filled] <% (@context_privs[context] || []).each do |priv| %> - <%= priv %>_<%= context %> [label="<%= priv.inspect %>"<%= ',fontcolor="#ff0000"' if @highlight_privilege == priv %>] + <%= priv %>_<%= context %> [label="<%= human_privilege(priv) %>"<%= ',fontcolor="#ff0000"' if @highlight_privilege == priv %>] <% end %> <% (@context_privs[context] || []).each do |priv| %> <% (@privilege_hierarchy[priv] || []). app/views/authorization_rules/graph.dot.erb c6ee88ec3e1ebb617d496f89f6fdc128f66b6743 Steffen Bartsch sbartsch@tzi.org http://github.com/stffn/declarative_authorization/commit/26c5ac4e29f15a1fd5e316477a60a81e040dea89 26c5ac4e29f15a1fd5e316477a60a81e040dea89 2009-11-06T01:21:09-08:00 2009-09-10T04:55:34-07:00 Change support i18n a97aa20c5cdda3c10152e64d5fec7574508a1bae Steffen Bartsch sbartsch@tzi.org