Skip to content

Commit

Permalink
Abandon the xml stuff still master at github
Browse files Browse the repository at this point in the history
  • Loading branch information
Gerry Gleason committed Jan 9, 2010
2 parents 8c90ab3 + 026cb8d commit bd1fd9a
Show file tree
Hide file tree
Showing 11 changed files with 1,473 additions and 0 deletions.
66 changes: 66 additions & 0 deletions app/models/card/defaults.rb
View file
@@ -0,0 +1,66 @@
module CardLib
module Defaults
def self.included(base)
super
base.extend(ClassMethods)
base.class_eval do
# class_inheritable_accessor :editor_type, :description
# set_editor_type "RichText"
end
end
module ClassMethods

end
def queries
if !@queries
@queries = ['plus_cards', 'plussed_cards']
@queries << 'pieces' if !simple?
@queries << 'backlinks' if backlinks?
end
@queries
end

# -- called by the rendering pipeline-- defined in datatypes
def allow_duplicate_revisions
false
end

def xml_content_for_rendering
xml_content
end

def content_for_rendering
content
end

def cacheable?
return true
end

def post_render( content )
# FIXME-- client code shouldn't have to know to do this i don't think?
# content.replace(newcontent)
content
end

def valid_number?( string )
valid = true
begin
Kernel.Float( string )
rescue ArgumentError, TypeError
valid = false
end
valid
end
# --

protected
def backlinks
@backlinks ||= Card.find_by_wql("cards that link to cards where id=#{id}")
end

def backlinks?
!backlinks.empty?
end
end
end
230 changes: 230 additions & 0 deletions app/models/card/permissions.rb
View file
@@ -0,0 +1,230 @@
module CardLib
class ::Card::PermissionDenied < Wagn::PermissionDenied
attr_reader :card
def initialize(card)
@card = card
super build_message
end

def build_message
"for card #{@card.name}: #{@card.errors.on(:permission_denied)}"
end
end



module Permissions
# Permissions --------------------------------------------------------------
def ydhpt
"#{User.current_user.login}, You don't have permission to"
end


module ClassMethods
def create_ok?()
::Cardtype.create_ok?( self.name.gsub(/.*::/,'') )
end
def create_ok!()
user, type = ::User.current_user.cardname, self.name.gsub(/.*::/,'')

unless self.create_ok?
msg = "You don't have permission to create #{type} cards"
raise Wagn::PermissionDenied.new(msg)
end
end
end


def destroy_with_permissions
ok! :delete
# FIXME this is not tested and the error will be confusing
dependents.each do |dep| dep.ok! :delete end
destroy_without_permissions
end

def destroy_with_permissions!
ok! :delete
dependents.each do |dep| dep.ok! :delete end
destroy_without_permissions!
end

def save_with_permissions(perform_checking=true)
unless perform_checking && !approved?
save_without_permissions(perform_checking)
else
raise ::Card::PermissionDenied.new(self)
end
end

def save_with_permissions!
if approved?
save_without_permissions!
else
raise ::Card::PermissionDenied.new(self)
end
end

def approved?
self.operation_approved = true
self.permission_errors = []
if new_record?
approve_create_me
end
updates.each_pair do |attr,value|
send("approve_#{attr}")
end
permission_errors.each do |err|
errors.add :permission_denied, err
end
operation_approved
end

# ok? and ok! are public facing methods to approve one operation at a time
def ok?(operation)
self.operation_approved = true
self.permission_errors = []

send("approve_#{operation}")
# approve_* methods set errors on the card.
# that's what we want when doing approve? on save and checking each attribute
# but we don't want just checking ok? to set errors.
# so we hack around the errors added in approve_* by clearing them here.
# self.errors.clear

operation_approved
end

def ok!(operation)
raise ::Card::PermissionDenied.new(self) unless ok?(operation); true
end


def permit(task, party) #assign permissions
ok! :permissions unless new_record?# might need stronger checks on new records
perms = self.permissions.reject { |p| p.task == task.to_s }
perms << Permission.new(:task=>task.to_s, :party=>party)
self.permissions= perms
end

def who_can(operation)
return unless perm = permissions
perm = perm.reject { |perm| perm.task != operation.to_s }.first
perm && perm.party ? perm.party : nil
end

def personal_user
return nil if simple?
#warn "personal user tag: #{tag.extension} #{tag.extension.class == ::User}"
return tag.extension if tag.extension.class == ::User
return trunk.personal_user
end

protected
def you_cant(what)
"#{ydhpt} #{what}"
# => you_cant " #{what}"
end

def deny_because(why)
[why].flatten.each {|err| permission_errors << err }
self.operation_approved = false
end

def lets_user(operation)
party = who_can(operation)
return true if (System.always_ok? and operation != :comment)
System.party_ok? party
end

def approve_read
if reader_type=='Role'
(self.operation_approved = false) unless System.role_ok?(reader_id)
else
testee = template? ? trunk : self
(self.operation_approved = false) unless testee.lets_user( :read )
end
end

def approve_create_me
deny_because you_cant("create #{self.type} cards") unless Cardtype.create_ok?(self.type)
end

def approve_edit
approve_task(:edit)
end

def approve_delete
approve_task(:delete)
end

def approve_name
approve_task(:edit) unless new_record?
end

def approve_create
raise "must be a cardtype card" unless self.type == 'Cardtype'
deny_because you_cant("create #{self.name} cards") unless Cardtype.create_ok?(Cardtype.classname_for(self.name))
end

def approve_comment
approve_task(:comment, 'comment on')
deny_because("No comments allowed on template cards") if template?
deny_because("No comments allowed on hard templated cards") if hard_template
end

def approve_task(operation, verb=nil) #read, edit, comment, delete
verb ||= operation.to_s
testee = template? ? trunk : self
deny_because("#{ydhpt} #{verb} this card") unless testee.lets_user( operation )
end

def approve_type
unless new_record?
approve_delete
if right_template and right_template.hard_template? and !allow_type_change
deny_because you_cant( "change the type of this card -- it is hard templated by #{right_template.name}")
end
end
new_self = clone_to_type( type )
unless Cardtype.create_ok?(new_self.type)
deny_because you_cant("create #{new_self.cardtype.name} cards")
end
end

def approve_content
unless new_record?
approve_edit
if tmpl = hard_template
deny_because you_cant("change the content of this card -- it is hard templated by #{tmpl.name}")
end
end
end

def approve_template_tsar
deny_because "plus cards can't be control right formats" if !simple? and right_templator?
deny_because "can't be template" if template?
end

def approve_permissions
return if System.always_ok?
unless System.ok?(:set_card_permissions) or
(System.ok?(:set_personal_card_permissions) and (personal_user == ::User.current_user)) or
new_record? then #FIXME-perm. on new cards we should check that permission has not been altered from default unless user can set permissions.

deny_because you_cant("set permissions" )
end
end

def self.included(base)
super
base.extend(ClassMethods)
base.class_eval do
attr_accessor :operation_approved, :permission_errors
alias_method_chain :destroy, :permissions
alias_method_chain :destroy!, :permissions
alias_method_chain :save, :permissions
alias_method_chain :save!, :permissions
end
end
end
end

0 comments on commit bd1fd9a

Please sign in to comment.