Add authorization
This commit is contained in:
parent
c6fe4b9cd3
commit
381c0ab337
|
@ -1,4 +1,6 @@
|
||||||
class Admin::ConferenceAuthorTypesController < OrbitAdminController
|
class Admin::ConferenceAuthorTypesController < OrbitMemberController
|
||||||
|
before_action :allow_admin_only
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@author_type = ConferenceAuthorType.new
|
@author_type = ConferenceAuthorType.new
|
||||||
@url = admin_conference_author_types_path(@author_type)
|
@url = admin_conference_author_types_path(@author_type)
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
class Admin::ConferencePaperLevelsController < OrbitAdminController
|
class Admin::ConferencePaperLevelsController < OrbitMemberController
|
||||||
|
before_action :allow_admin_only
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@paper_level = ConferencePaperLevel.new
|
@paper_level = ConferencePaperLevel.new
|
||||||
@url = admin_conference_paper_levels_path(@paper_level)
|
@url = admin_conference_paper_levels_path(@paper_level)
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
class Admin::ConferencePaperTypesController < OrbitAdminController
|
class Admin::ConferencePaperTypesController < OrbitMemberController
|
||||||
|
before_action :allow_admin_only
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@paper_type = ConferencePaperType.new
|
@paper_type = ConferencePaperType.new
|
||||||
@url = admin_conference_paper_types_path(@paper_type)
|
@url = admin_conference_paper_types_path(@paper_type)
|
||||||
|
|
|
@ -4,6 +4,9 @@ class Admin::WritingConferencesController < OrbitMemberController
|
||||||
before_action :set_plugin
|
before_action :set_plugin
|
||||||
before_action :get_settings,:only => [:new, :edit, :setting]
|
before_action :get_settings,:only => [:new, :edit, :setting]
|
||||||
|
|
||||||
|
before_action :allow_admin_only, :only => [:setting]
|
||||||
|
before_action :need_access_right,:only => [ :new, :create, :edit, :update, :destroy, :frontend_setting, :update_frontend_setting]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@writing_conferences = WritingConference.order_by(:year=>'desc').page(params[:page]).per(10)
|
@writing_conferences = WritingConference.order_by(:year=>'desc').page(params[:page]).per(10)
|
||||||
end
|
end
|
||||||
|
@ -17,7 +20,7 @@ class Admin::WritingConferencesController < OrbitMemberController
|
||||||
@member = MemberProfile.find(conference_params['member_profile_id']) rescue nil
|
@member = MemberProfile.find(conference_params['member_profile_id']) rescue nil
|
||||||
@writing_conference = WritingConference.new(conference_params)
|
@writing_conference = WritingConference.new(conference_params)
|
||||||
@writing_conference.save
|
@writing_conference.save
|
||||||
redirect_to URI.encode('/admin/members/'+@member.to_param+'/WritingConference')
|
redirect_to params['referer_url']
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
|
@ -30,7 +33,7 @@ class Admin::WritingConferencesController < OrbitMemberController
|
||||||
@writing_conference = WritingConference.find(params[:id])
|
@writing_conference = WritingConference.find(params[:id])
|
||||||
@writing_conference.update_attributes(conference_params)
|
@writing_conference.update_attributes(conference_params)
|
||||||
@writing_conference.save
|
@writing_conference.save
|
||||||
redirect_to URI.encode('/admin/members/'+@member.to_param+'/WritingConference')
|
redirect_to params['referer_url']
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
|
|
|
@ -300,6 +300,7 @@
|
||||||
<!-- Form Actions -->
|
<!-- Form Actions -->
|
||||||
<div class="form-actions">
|
<div class="form-actions">
|
||||||
<%= f.hidden_field :user_id, :value => params[:user_id] if !params[:user_id].blank? %>
|
<%= f.hidden_field :user_id, :value => params[:user_id] if !params[:user_id].blank? %>
|
||||||
|
<input type="hidden" name="referer_url" value="<%= request.referer %>">
|
||||||
<%= f.submit t('submit'), class: 'btn btn-primary' %>
|
<%= f.submit t('submit'), class: 'btn btn-primary' %>
|
||||||
<%= link_to t('cancel'), get_go_back, :class=>"btn" %>
|
<%= link_to t('cancel'), get_go_back, :class=>"btn" %>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -6,15 +6,14 @@
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<%
|
<%
|
||||||
is_autorized_user = (current_user==@member.user || current_user.is_admin?)
|
if has_access?
|
||||||
if is_autorized_user
|
|
||||||
@writing_conferences = WritingConference.where(member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
@writing_conferences = WritingConference.where(member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
||||||
else
|
else
|
||||||
@writing_conferences = WritingConference.where(is_hidden: false, member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
@writing_conferences = WritingConference.where(is_hidden: false, member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
||||||
end
|
end
|
||||||
%>
|
%>
|
||||||
|
|
||||||
<% if is_autorized_user %>
|
<% if has_access? %>
|
||||||
<div class="list-active">
|
<div class="list-active">
|
||||||
<div class="btn-group">
|
<div class="btn-group">
|
||||||
<%= link_to('Hide', '#', :class => "btn btn-mini list-active-btn disabled", "data-check-action" => "list-be-hide", :rel => toggle_hide_admin_writing_conferences_path(member_profile_id: params[:id], disable: 'true') ) %>
|
<%= link_to('Hide', '#', :class => "btn btn-mini list-active-btn disabled", "data-check-action" => "list-be-hide", :rel => toggle_hide_admin_writing_conferences_path(member_profile_id: params[:id], disable: 'true') ) %>
|
||||||
|
@ -26,7 +25,7 @@
|
||||||
<table class="table table-condensed table-striped main-list">
|
<table class="table table-condensed table-striped main-list">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<% if is_autorized_user %>
|
<% if has_access? %>
|
||||||
<th><input type="checkbox" /></th>
|
<th><input type="checkbox" /></th>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<th class="span1"><%= t('personal_plugins.year') %></th>
|
<th class="span1"><%= t('personal_plugins.year') %></th>
|
||||||
|
@ -39,7 +38,7 @@
|
||||||
<tbody>
|
<tbody>
|
||||||
<% @writing_conferences.each do |writing_conference| %>
|
<% @writing_conferences.each do |writing_conference| %>
|
||||||
<tr id="<%= dom_id writing_conference %>" class="<%= writing_conference.is_hidden ? "checkHide" : "" %>">
|
<tr id="<%= dom_id writing_conference %>" class="<%= writing_conference.is_hidden ? "checkHide" : "" %>">
|
||||||
<% if is_autorized_user %>
|
<% if has_access? %>
|
||||||
<td>
|
<td>
|
||||||
<%= check_box_tag 'to_change[]', writing_conference.id.to_s, false, :class => "list-check" %>
|
<%= check_box_tag 'to_change[]', writing_conference.id.to_s, false, :class => "list-check" %>
|
||||||
</td>
|
</td>
|
||||||
|
@ -49,8 +48,10 @@
|
||||||
<%= link_to writing_conference.paper_title, OrbitHelper.url_to_plugin_show(writing_conference.to_param,'personal_conference'), target: "blank"%>
|
<%= link_to writing_conference.paper_title, OrbitHelper.url_to_plugin_show(writing_conference.to_param,'personal_conference'), target: "blank"%>
|
||||||
<div class="quick-edit">
|
<div class="quick-edit">
|
||||||
<ul class="nav nav-pills hide">
|
<ul class="nav nav-pills hide">
|
||||||
<li><%= link_to t('edit'), '/admin/members/'+@member.to_param+'/writing_conferences/'+writing_conference.id+'/edit' %></li>
|
<% if has_access? %>
|
||||||
<li><%= link_to t(:delete_), admin_writing_conference_path(id: writing_conference.id, member_profile_id: @member.id), method: :delete, remote: true, data: { confirm: t('sure?') } %></li>
|
<li><%= link_to t('edit'), '/admin/members/'+@member.to_param+'/writing_conferences/'+writing_conference.id+'/edit' %></li>
|
||||||
|
<li><%= link_to t(:delete_), admin_writing_conference_path(id: writing_conference.id, member_profile_id: @member.id), method: :delete, remote: true, data: { confirm: t('sure?') } %></li>
|
||||||
|
<% end %>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
|
@ -62,7 +63,7 @@
|
||||||
|
|
||||||
|
|
||||||
<div class="bottomnav clearfix">
|
<div class="bottomnav clearfix">
|
||||||
<% if is_autorized_user %>
|
<% if has_access? %>
|
||||||
<div class="action pull-right">
|
<div class="action pull-right">
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-edit') +' '+ t('setting'),'/admin/members/'+@member.to_param+'/writing_conferences/frontend_setting', :class => 'btn btn-primary' %>
|
<%= link_to content_tag(:i, nil, :class => 'icon-edit') +' '+ t('setting'),'/admin/members/'+@member.to_param+'/writing_conferences/frontend_setting', :class => 'btn btn-primary' %>
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-plus') +' '+ t('new_'),
|
<%= link_to content_tag(:i, nil, :class => 'icon-plus') +' '+ t('new_'),
|
||||||
|
|
Loading…
Reference in New Issue