Class: Anoubis::Tenant::ApplicationController

Inherits:

Core::ApplicationController

• Object
• ActionController::API
• Core::ApplicationController
• Anoubis::Tenant::ApplicationController

Defined in:

app/controllers/anoubis/tenant/application_controller.rb

Direct Known Subclasses

IndexController

Instance Attribute Summary

Attributes inherited from Core::ApplicationController

#current_user, #etc, #exports, #locale, #output, #version, #writer

Instance Method Summary

• #get_user_model ⇒ ActiveRecord

  Get current user model.

• #get_user_model_except ⇒ Array

  Get current user model filed json exception.

• #menu_access(controller, exit = true) ⇒ Boolean

  Check menu access for current user of current controller.

Methods inherited from Core::ApplicationController

#access_allowed?, #after_initialization, #anubis_core_initialization, #authenticate?, #authentication, #bin_to_uuid, #check_menu_access?, #default_locale, #error_exit, #new_session_id, #new_uuid, #options, #redis, #redis_prefix, #redis_save_user, #set_access_control_headers, #token, #uuid_to_bin

Instance Method Details

#get_user_model ⇒ ActiveRecord

Get current user model

Returns:

• (ActiveRecord) —

  defined user model. It is used for get current user data. May be redefined when user model is changed

# File 'app/controllers/anoubis/tenant/application_controller.rb', line 5

def get_user_model
  Anoubis::Tenant::User
end

#get_user_model_except ⇒ Array

Get current user model filed json exception

Returns:

• (Array) —

  defined user exception for to_json function

# File 'app/controllers/anoubis/tenant/application_controller.rb', line 12

def get_user_model_except
  [:uuid_bin]
end

#menu_access(controller, exit = true) ⇒ Boolean

Check menu access for current user of current controller

Returns:

• (Boolean) —

  if true, then user have access for this controller.

# File 'app/controllers/anoubis/tenant/application_controller.rb', line 19

def menu_access(controller, exit = true)
  menu_access_status = redis.get self.redis_prefix + self.current_user.uuid+'_'+controller

  if !menu_access_status
    access = Anoubis::Tenant::GroupMenu.accesses[:read].to_s+','+Anoubis::Tenant::GroupMenu.accesses[:write].to_s
    query = <<-SQL
        SELECT `t`.* FROM
          (SELECT `menus`.`id`, `menus`.`mode`, `menus`.`action`, `menus`.`menu_id`,
            MAX(`group_menus`.`access`) AS `access`, `user_groups`.`user_id`
          FROM `menus`, `group_menus`, `groups`, `user_groups`
          WHERE `menus`.`mode` = '#{controller}' AND `menus`.`id` = `group_menus`.`menu_id` AND
            `menus`.`status` = 0 AND `group_menus`.`group_id` = `groups`.`id` AND `groups`.`id` = `user_groups`.`group_id` AND 
            `user_groups`.`user_id` = #{self.current_user.id}
          GROUP BY `menus`.`id`) AS `t`
          WHERE `t`.`access` IN (#{access})
          ORDER BY `t`.`menu_id`
    SQL
    menu = Anoubis::Tenant::GroupMenu.find_by_sql(query).first
    if (!menu)
      redis.set self.redis_prefix + self.current_user.uuid+'_'+controller, 'not'
      self.error_exit({ error: I18n.t('errors.access_not_allowed') }) if exit
      return false
    end

    menu_access_status = menu.access
    redis.set self.redis_prefix + self.current_user.uuid+'_'+controller, menu_access_status
  else
    if menu_access_status == 'not'
      self.error_exit({ error: I18n.t('errors.access_not_allowed') }) if exit
      return false
    end
  end
  self.writer = true if menu_access_status == 'write'
  return true
end