Adding permissions tab for webapps plugin

amahi · Jun 19, 2014 · b08e8a9 · b08e8a9
1 parent 8c85215
commit b08e8a9
Show file tree

Hide file tree

Showing 15 changed files with 222 additions and 2 deletions.
diff --git a/app/assets/javascripts/webapps.js.coffee b/app/assets/javascripts/webapps.js.coffee
@@ -33,6 +33,9 @@ $(document).on "ajax:success", ".edit_form", (event, results) ->
 		else if results.type is "path"
 			element = "#webapp_path_"+results.id
 			$(element).html(results.content)
+		else if results.type is "permission"
+			element = "#permission_webapp"+results.webappid+"_user"+results.userid
+			$(element).html(results.content)
 
 $(document).on "ajax:beforeSend", ".edit_form", ->
 	form = $(this)
@@ -44,4 +47,4 @@ $(document).on "ajax:complete", ".edit_form", ->
 	form = $(this)
 	form.find(".spinner").hide()
 	form.find("button, input[type=submit]").show()
-	form.find("a.cancel_link").show()
+	form.find("a.cancel_link").show()
diff --git a/app/assets/stylesheets/img/delete.png b/app/assets/stylesheets/img/delete.png
diff --git a/app/assets/stylesheets/webapp_style.css b/app/assets/stylesheets/webapp_style.css
@@ -0,0 +1,10 @@
+#alias-delete-icon{
+	background: url("img/delete.png");
+	height: 19px;
+	width: 19px;
+	display: inline-block;
+	text-indent: -9999px;
+}
+.settings-table{
+margin-top: 30px;
+}
diff --git a/app/controllers/webapps_controller.rb b/app/controllers/webapps_controller.rb
@@ -125,6 +125,39 @@ def webapp_alias_destroy
 		return unless @waa
 	end
 
+	def permissions
+		@webapps = Webapp.where(:login_required=>1)
+		@users = User.all
+
+	end
+
+	def remove_permission
+		@user = User.find(params[:id]) if params[:id]
+		@webapp = Webapp.find(params[:webapp_id]) if params[:webapp_id]
+		check = false
+		if (@user && @webapp)
+			w = WebappAccess.find_or_create(@webapp.id)
+			w.removeUser(@user)
+			@users_allowed = WebappAccess.find_or_create(@webapp.id).getUsers
+			check = true
+		end
+		@status = check ? "ok" : "notok"
+		@users_allowed = WebappAccess.find_or_create(@webapp.id).getUsers
+	end
+
+	def add_permission
+		password = params[:password]
+		@user = User.find(params[:id]) if params[:id]
+		@webapp = Webapp.find(params[:webapp_id]) if params[:webapp_id]
+		if (@user && @webapp)
+			check = @user.valid_password?(password)
+			w = WebappAccess.find_or_create(@webapp.id)
+			w.addUser(@user,password)
+		end
+		status = check ? "ok" : "notok"
+		@users_allowed = WebappAccess.find_or_create(@webapp.id).getUsers
+	end
+
 private
 
 	def valid_name?(nm)

diff --git a/app/models/webapp_access.rb b/app/models/webapp_access.rb
@@ -0,0 +1,85 @@
+# Amahi Home Server
+# Copyright (C) 2007-2013 Amahi
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License v3
+# (29 June 2007), as published in the COPYING file.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# file COPYING for more details.
+#
+# You should have received a copy of the GNU General Public
+# License along with this program; if not, write to the Amahi
+# team at http://www.amahi.org/ under "Contact Us."
+
+require 'command'
+require 'platform'
+
+
+class WebappAccess < ActiveRecord::Base
+
+attr_accessible :webapp_id, :access_to
+belongs_to :webapps
+
+
+	def getUsers
+		user_ids = JSON.parse(self.access_to)
+		@users_allowed = []
+		user_ids.each do |user_id|
+			@users_allowed << User.find(user_id)
+		end
+		@users_allowed
+	end
+
+	def remove_all_users
+		self.access_to = [].to_s
+		self.save!
+	end
+
+	def addUser(user,password)
+		users = JSON.parse(self.access_to)
+		if(!users.include?(user.id))
+			users = users << user.id
+		end
+		self.access_to = users.to_s
+		self.save!
+		webapp = Webapp.find(self.webapp_id)
+		path = webapp.path
+		htpasswd_path = path+'/htpasswd'
+		if(File.file?(htpasswd_path))
+			c = Command.new "htpasswd -bm #{htpasswd_path} #{user.login} #{password}"
+		else
+			c = Command.new "htpasswd -cbm #{htpasswd_path} #{user.login} #{password}"
+		end
+			c.execute
+		Platform.reload(:apache)
+	end
+
+	def removeUser(user)
+		users = JSON.parse(self.access_to)
+		if(users.include?(user.id))
+			users.delete(user.id)
+		end
+		self.access_to = users.to_s
+		self.save!
+		webapp = Webapp.find(self.webapp_id)
+		path = webapp.path
+		htpasswd_path = path+'/htpasswd'
+		if(File.file?(htpasswd_path))
+			c = Command.new "htpasswd -D #{htpasswd_path} #{user.login}"
+			c.execute
+		end
+		Platform.reload(:apache)
+
+	end
+
+	def self.find_or_create(webapp_id)
+		webapp_access = WebappAccess.where(:webapp_id=>webapp_id).first
+		if(webapp_access == nil)
+			webapp_access = WebappAccess.create(:webapp_id=>webapp_id,:access_to=>[].to_s)
+		end
+		webapp_access
+	end
+end
diff --git a/app/views/webapps/_permission_webapp.html.slim b/app/views/webapps/_permission_webapp.html.slim
@@ -0,0 +1,25 @@
+- @webapp = webapp
+- return if @webapp.nil?
+- uid = @webapp.id.to_s
+- @users_allowed = WebappAccess.find_or_create(@webapp.id).getUsers
+div.webapp[id="whole_webapp_#{uid}"]
+  table.settings.stretchtoggle id="webapp_row_#{uid}"
+    tr
+      td.settings-col1.webapps-col1
+        = link_to(@webapp.name, '')
+      td.settings-col2.webapps-col2 id="webapp_url_#{uid}"
+        a href=("http://#{webapp.name}") target="_"
+          | http://#{@webapp.name}
+  .settings-stretcher id="webapp_info_#{uid}" style="display:none;"
+    .webapp-manage
+      fieldset
+        legend
+          |&nbsp; #{t 'edit_web_app_permission_for'}&nbsp;
+          b= h(@webapp.name)
+          | &nbsp;
+        .settings-fields
+          table
+            -for item in @users
+              -@user = item
+              tr[id="permission_webapp#{@webapp.id}_user#{@user.id}"]
+                = render :partial=>'user_permissions'
diff --git a/app/views/webapps/_user_permissions.html.slim b/app/views/webapps/_user_permissions.html.slim
@@ -0,0 +1,18 @@
+-checked = @users_allowed.include?@user
+
+td = @user.name
+td
+	span
+	- if checked
+		= link_to("[x]",webapps_engine.remove_permission_webapp_path(:id => @user.id,:webapp_id=>@webapp.id), {:remote=>true, :method=>:delete, :class=>:edit_form, :id=>'alias-delete-icon'})
+	- else
+	  	a.click_change  Add Permission
+	    form.edit_form.form_hidden action=webapps_engine.add_permission_webapp_path(:id => @user.id,:webapp_id=>@webapp.id) data-remote="true" method="post" style=("display: none;")
+			input id="text_webapp_#{@user.id}" name="password" type="password"
+		    button.btn.btn-create.margin-for-message type="submit"
+		      span = t('add')
+		    a.cancel_link Cancel
+		    span.spinner.theme-image style=("display: none")
+
+
+
diff --git a/app/views/webapps/_webapp.html.slim b/app/views/webapps/_webapp.html.slim
@@ -2,7 +2,7 @@
 - webapp = webapp
 - uid = webapp.id.to_s
 - return if webapp.nil?
-div.user[id="whole_webapp_#{uid}"]
+div.webapp[id="whole_webapp_#{uid}"]
   table.settings.stretchtoggle id="webapp_row_#{uid}"
     tr
       td.settings-col1.webapps-col1

diff --git a/app/views/webapps/add_permission.json.jbuilder b/app/views/webapps/add_permission.json.jbuilder
@@ -0,0 +1,6 @@
+self.formats = [:html]
+	json.status :ok
+	json.type :permission
+	json.webappid @webapp.id
+	json.userid @user.id
+	json.content render(:partial => 'user_permissions')
diff --git a/app/views/webapps/permissions.html.slim b/app/views/webapps/permissions.html.slim
@@ -0,0 +1,14 @@
+#webapps-table
+  .settings-table
+    - if @webapps.size > 0
+      table.settings
+        thead
+          tr
+            th.settings-col1.webapps-col1 scope="col" = t 'name'
+            th.settings-col2.webapps-col2 scope="col" = t 'url'
+        tbody
+      = render :partial => 'permission_webapp', :collection => @webapps, :as=> :webapp
+    - else
+      div align="center"
+          div align="left"
+            h2= t 'there_are_no_webapps'
diff --git a/app/views/webapps/remove_permission.json.jbuilder b/app/views/webapps/remove_permission.json.jbuilder
@@ -0,0 +1,6 @@
+self.formats = [:html]
+	json.status @status
+	json.type :permission
+	json.webappid @webapp.id
+	json.userid @user.id
+	json.content render(:partial => 'user_permissions')
diff --git a/config/initializers/plugin_init.rb b/config/initializers/plugin_init.rb
@@ -2,3 +2,4 @@
 t = Tab.find("apps")
 # add any subtabs with what you need. params are controller and the label, for example
 t.add("webapps", "Web Apps")
+t.add("webapps/permissions","Permissions")
diff --git a/config/routes.rb b/config/routes.rb
@@ -12,7 +12,10 @@
 			get 'toggle_login_required'
 			post 'webapp_alias_create'
 			delete 'webapp_alias_destroy'
+			post 'add_permission'
+			delete 'remove_permission'
 		end
 	end
+	get "permissions" => "webapps#permissions"
 	# examples of controllers built in this generator. delete at will
 end
diff --git a/db/migrate/20140619092000_create_webapp_accesses.rb b/db/migrate/20140619092000_create_webapp_accesses.rb
@@ -0,0 +1,9 @@
+class CreateWebappAccesses < ActiveRecord::Migration
+  def change
+    create_table "webapp_accesses" do |t|
+      t.integer  "webapp_id"
+      t.string "access_to"
+      t.timestamps
+    end
+  end
+end
diff --git a/lib/webapps/engine.rb b/lib/webapps/engine.rb
@@ -7,5 +7,12 @@ class Engine < ::Rails::Engine
 		initializer :assets do |config|
 	      Rails.application.config.assets.paths << root.join("app", "assets", "images")
 	    end
+	    initializer :append_migrations do |app|
+ 			unless app.root.to_s.match root.to_s
+ 				config.paths["db/migrate"].expanded.each do |expanded_path|
+ 					app.config.paths["db/migrate"] << expanded_path
+ 				end
+ 			end
+ 		end
 	end
 end