Fix for authorization

Dashboard and page authorisation
This commit is contained in:
chris 2013-08-23 12:08:33 +08:00
parent 399dfad392
commit 45e987d6f5
3 changed files with 4 additions and 12 deletions

View File

@ -1,10 +1,6 @@
class Admin::DashboardsController < OrbitBackendController
#before_filter :set_current_user
#before_filter :authenticate_user!, :except => [:index]
# before_filter :is_admin?
#prepend_before_filter :set_public
open_for_visitor
layout "basic_back_end"

View File

@ -202,6 +202,8 @@ module OrbitCoreLib
module InstanceMethods
protected
def can_use
setup_vars
set_current_user
if @user_type
@user_type.each do |user_type|
open = false
@ -220,14 +222,10 @@ module OrbitCoreLib
visitor ||= true
end
check_backend_openness if visitor
setup_vars
set_current_user
authenticate_user! unless visitor
redirect_to root_url unless open
end
else
setup_vars
set_current_user
authenticate_user!
check_user_can_use
end

View File

@ -1,8 +1,6 @@
class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController
prepend_before_filter :set_public, :only => [:index]
#before_filter :is_admin?
open_for_visitor :only => [:index]
def index
@page_contexts = (params.has_key?:sort)? get_sorted_and_filtered("page_contexts", {:archived => false}) : get_sorted_page_from_structure