From b48099d752fcc0d37b9cec9c88074e3ce5fffc54 Mon Sep 17 00:00:00 2001 From: Christophe Vilayphiou Date: Sat, 5 May 2012 17:40:07 +0800 Subject: [PATCH] Fix bug in is_admin? Fix bug in helpers for news and announcement --- app/controllers/application_controller.rb | 21 +++++++++---------- .../news/back_end/news_bulletins_helper.rb | 2 +- .../news_bulletins/_news_bulletin.html.erb | 2 +- 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0a08ec43a..68f49e3bf 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -46,8 +46,7 @@ class ApplicationController < ActionController::Base # Check if the current_user is admin def is_admin? - - auth_failed_in_backend unless current_user.admin? + current_user.admin? ? true : auth_failed_in_backend end def is_manager? @@ -67,27 +66,27 @@ class ApplicationController < ActionController::Base if is_manager? true else - flash[:error] = t("admin.access.denied.app.not_manager") - auth_failed_in_backend - end + flash[:error] = t("admin.access.denied.app.not_manager") + auth_failed_in_backend + end end def for_app_sub_manager if (@module_app.sub_managing_users.include?(current_user) || is_manager?) true else - flash[:error] = t("admin.access.denied.app.not_sub_manager") - auth_failed_in_backend - end + flash[:error] = t("admin.access.denied.app.not_sub_manager") + auth_failed_in_backend + end end def for_app_user if (@module_app.app_auth.auth_users.include?(current_user) || for_app_sub_manager ) true else - flash[:error] = t("admin.access.denied.app.not_authed_user") - auth_failed_in_backend - end + flash[:error] = t("admin.access.denied.app.not_authed_user") + auth_failed_in_backend + end end def check_object_premission(obj,title) diff --git a/vendor/built_in_modules/news/app/helpers/panel/news/back_end/news_bulletins_helper.rb b/vendor/built_in_modules/news/app/helpers/panel/news/back_end/news_bulletins_helper.rb index 35a3afee2..666bcf4ea 100644 --- a/vendor/built_in_modules/news/app/helpers/panel/news/back_end/news_bulletins_helper.rb +++ b/vendor/built_in_modules/news/app/helpers/panel/news/back_end/news_bulletins_helper.rb @@ -1,6 +1,6 @@ module Panel::News::BackEnd::NewsBulletinsHelper - def show_approval_link(news_bulletin) + def news_show_approval_link(news_bulletin) by_news_bulletin = (!news_bulletin.is_expired? and !news_bulletin.is_checked?) by_user = news_bulletin.news_bulletin_category.authed_users('fact_check').include?(current_user) or is_manager? by_news_bulletin and by_user diff --git a/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb b/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb index 976cab00e..b84e89b9a 100644 --- a/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb +++ b/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb @@ -54,7 +54,7 @@ <% end %>
  • <%= link_to t('news_bulletin.delete'), panel_news_back_end_news_bulletin_path(news_bulletin), :confirm => t('news.sure?'), :method => :delete, :remote => true %>
    • <% end %> - <% if show_approval_link(news_bulletin) %> + <% if news_show_approval_link(news_bulletin) %>
  • <%= link_to t('news.news_bulletin.approval'), panel_news_back_end_news_bulletin_approval_preview_path(news_bulletin) %>
    • <%#= #TODO add ancher so user can quick access into that part %> <% end %>