Fix bug in is_admin?

Fix bug in helpers for news and announcement
This commit is contained in:
Christophe Vilayphiou 2012-05-05 17:40:07 +08:00
parent 555aa088d9
commit b48099d752
3 changed files with 12 additions and 13 deletions

View File

@ -46,8 +46,7 @@ class ApplicationController < ActionController::Base
# Check if the current_user is admin # Check if the current_user is admin
def is_admin? def is_admin?
current_user.admin? ? true : auth_failed_in_backend
auth_failed_in_backend unless current_user.admin?
end end
def is_manager? def is_manager?
@ -67,27 +66,27 @@ class ApplicationController < ActionController::Base
if is_manager? if is_manager?
true true
else else
flash[:error] = t("admin.access.denied.app.not_manager") flash[:error] = t("admin.access.denied.app.not_manager")
auth_failed_in_backend auth_failed_in_backend
end end
end end
def for_app_sub_manager def for_app_sub_manager
if (@module_app.sub_managing_users.include?(current_user) || is_manager?) if (@module_app.sub_managing_users.include?(current_user) || is_manager?)
true true
else else
flash[:error] = t("admin.access.denied.app.not_sub_manager") flash[:error] = t("admin.access.denied.app.not_sub_manager")
auth_failed_in_backend auth_failed_in_backend
end end
end end
def for_app_user def for_app_user
if (@module_app.app_auth.auth_users.include?(current_user) || for_app_sub_manager ) if (@module_app.app_auth.auth_users.include?(current_user) || for_app_sub_manager )
true true
else else
flash[:error] = t("admin.access.denied.app.not_authed_user") flash[:error] = t("admin.access.denied.app.not_authed_user")
auth_failed_in_backend auth_failed_in_backend
end end
end end
def check_object_premission(obj,title) def check_object_premission(obj,title)

View File

@ -1,6 +1,6 @@
module Panel::News::BackEnd::NewsBulletinsHelper module Panel::News::BackEnd::NewsBulletinsHelper
def show_approval_link(news_bulletin) def news_show_approval_link(news_bulletin)
by_news_bulletin = (!news_bulletin.is_expired? and !news_bulletin.is_checked?) by_news_bulletin = (!news_bulletin.is_expired? and !news_bulletin.is_checked?)
by_user = news_bulletin.news_bulletin_category.authed_users('fact_check').include?(current_user) or is_manager? by_user = news_bulletin.news_bulletin_category.authed_users('fact_check').include?(current_user) or is_manager?
by_news_bulletin and by_user by_news_bulletin and by_user

View File

@ -54,7 +54,7 @@
<% end %> <% end %>
<li class="dropdown"><%= link_to t('news_bulletin.delete'), panel_news_back_end_news_bulletin_path(news_bulletin), :confirm => t('news.sure?'), :method => :delete, :remote => true %></li> <li class="dropdown"><%= link_to t('news_bulletin.delete'), panel_news_back_end_news_bulletin_path(news_bulletin), :confirm => t('news.sure?'), :method => :delete, :remote => true %></li>
<% end %> <% end %>
<% if show_approval_link(news_bulletin) %> <% if news_show_approval_link(news_bulletin) %>
<li><%= link_to t('news.news_bulletin.approval'), panel_news_back_end_news_bulletin_approval_preview_path(news_bulletin) %></li><%#= #TODO add ancher so user can quick access into that part %> <li><%= link_to t('news.news_bulletin.approval'), panel_news_back_end_news_bulletin_approval_preview_path(news_bulletin) %></li><%#= #TODO add ancher so user can quick access into that part %>
<% end %> <% end %>