diff --git a/app/assets/stylesheets/widgets.css b/app/assets/stylesheets/widgets.css index eb66b33b..a44824c0 100644 --- a/app/assets/stylesheets/widgets.css +++ b/app/assets/stylesheets/widgets.css @@ -53,11 +53,11 @@ display:inline-block; margin-right: 5px; opacity: 0.8; - filter: alpha(opacity:80); + filter: alpha(opacity=80); } .action:hover { opacity: 1; - filter: alpha(opacity:80); + filter: alpha(opacity=80); cursor: pointer; } .select-role { diff --git a/app/controllers/admin/dashboards_controller.rb b/app/controllers/admin/dashboards_controller.rb index 50bbd1aa..991f19af 100644 --- a/app/controllers/admin/dashboards_controller.rb +++ b/app/controllers/admin/dashboards_controller.rb @@ -30,7 +30,7 @@ class Admin::DashboardsController < ApplicationController module_app_class = module_app.classify.constantize objects = module_app_class.order_by(:updated_at, :desc).limit(10) objects.each do |object| - a.merge!(object => object.updated_at) + a.merge!(object => object.updated_at) unless (object.archived rescue nil) end end sorted_objects = a.sort {|a,b| b[1]<=>a[1]} @@ -43,7 +43,7 @@ class Admin::DashboardsController < ApplicationController module_app_class = module_app.classify.constantize objects = module_app_class.order_by(:view_count, :desc).limit(10) objects.each do |object| - a.merge!(object => object.view_count) if object.view_count > 0 + a.merge!(object => object.view_count) if object.view_count > 0 && (!object.archived rescue true) end end sorted_objects = a.sort {|a,b| b[1]<=>a[1]} diff --git a/app/controllers/admin/module_apps_new_interface_controller.rb b/app/controllers/admin/module_apps_new_interface_controller.rb index 404ac693..57767d5f 100644 --- a/app/controllers/admin/module_apps_new_interface_controller.rb +++ b/app/controllers/admin/module_apps_new_interface_controller.rb @@ -39,7 +39,7 @@ class Admin::ModuleAppsNewInterfaceController < OrbitBackendController def update_setting_by_params user_sat = [] ma = ModuleApp.find params[:module_app][:id] - user_sat = User.find params[:users].keys if params.has_key? :users + user_sat += User.find params[:users].keys if params.has_key?('users') users_to_new = user_sat - ma.managing_users users_to_remove = ma.managing_users - user_sat diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f9c1577f..1455619a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -43,9 +43,59 @@ class ApplicationController < ActionController::Base @parent_item = Item.first(:conditions => { :id => BSON::ObjectId(params[:parent_id]) }) rescue nil end + def auth_failed_in_backend + #redirect_to admin_dashboards_url + redirect_to root_path + end + # Check if the current_user is admin def is_admin? - redirect_to root_url unless current_user.admin? + current_user.admin? ? true : auth_failed_in_backend + end + + def is_manager? + @module_app.managing_users.include?(current_user) || is_admin? + end + + def for_admin_only + if is_admin? + true + else + flash[:error] = t("admin.access.denied.not_admin") + auth_failed_in_backend + end + end + + def for_app_manager + if is_manager? + true + else + flash[:error] = t("admin.access.denied.app.not_manager") + auth_failed_in_backend + end + end + + def for_app_sub_manager + if (@module_app.sub_managing_users.include?(current_user) || is_manager?) + true + else + flash[:error] = t("admin.access.denied.app.not_sub_manager") + auth_failed_in_backend + end + end + + def for_app_user + if (@module_app.app_auth.auth_users.include?(current_user) || for_app_sub_manager ) + true + else + flash[:error] = t("admin.access.denied.app.not_authed_user") + auth_failed_in_backend + end + end + + def check_object_premission(obj,title) + flash[:error] = t("admin.access.denied.object") + auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_user) || is_manager? || is_admin? ) end # Render the page @@ -82,8 +132,8 @@ class ApplicationController < ActionController::Base # set site if exist or create site @site = Site.first || Site.create({:valid_locales => [], :in_use_locales => []}) session[:site] = @site.id - @site_in_use_locales = @site.in_use_locales - @site_valid_locales = @site.valid_locales + @site_in_use_locales = site_locales_default_head(@site.in_use_locales) + @site_valid_locales = site_locales_default_head(@site.valid_locales) end def set_current_item @@ -118,4 +168,14 @@ class ApplicationController < ActionController::Base end end + def site_locales_default_head(locales) + if locales[0].eql? I18n.locale.to_s + locales + else + a = Array.new(locales) + shift_out = a.delete(I18n.locale.to_s) + [shift_out] + a + end + end + end diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index fc93c29a..8f651392 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -181,7 +181,7 @@ module ApplicationHelper end def display_visitors(options={}) - Impression.where(options).distinct(:session_hash).count + Impression.where(options).and(:referrer.ne => nil).distinct(:session_hash).count end def display_visitors_today diff --git a/app/models/user/user.rb b/app/models/user/user.rb index 31f6e483..9cbd9967 100644 --- a/app/models/user/user.rb +++ b/app/models/user/user.rb @@ -31,7 +31,14 @@ class User end scope :remote_account, where(:nccu_id.ne => nil) - + + def self.current + Thread.current[:user] + end + + def self.current=(user) + Thread.current[:user] = user + end def avb_apps sub_role_ids_ary=self.sub_roles.collect{|t| t.id} diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb index 8757fe31..13c428ab 100644 --- a/app/views/devise/sessions/new.html.erb +++ b/app/views/devise/sessions/new.html.erb @@ -2,8 +2,6 @@

<%= t(:login) %>

- - <%= flash_messages %>
<%= form_for :user, :url => user_session_path, :html => {:class => 'user_new form-horizontal'} do |f| %>
diff --git a/config/environments/production.rb b/config/environments/production.rb index d55e06e5..611d7c0b 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -15,7 +15,7 @@ Orbit::Application.configure do config.assets.compress = true # Don't fallback to assets pipeline if a precompiled asset is missed - config.assets.compile = true + config.assets.compile = false # Generate digests for assets URLs config.assets.digest = true @@ -44,6 +44,7 @@ Orbit::Application.configure do # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added) # config.assets.precompile += %w( search.js ) + config.assets.precompile += %w( *.js *.css *.js.* *.css.* ) # Disable delivery errors, bad email addresses will be ignored # config.action_mailer.raise_delivery_errors = false diff --git a/lib/parsers/parser_common.rb b/lib/parsers/parser_common.rb index 32820a6f..f1387a93 100644 --- a/lib/parsers/parser_common.rb +++ b/lib/parsers/parser_common.rb @@ -29,7 +29,7 @@ module ParserCommon res << "'>" root = "/" res << "#{page.i18n_variable[I18n.locale]}" - if page.visible_children.size > 0 && current <= menu.levels + if page.visible_children.size > 0 && current < menu.levels res << "" res << menu_level(page, current_page, current + 1, menu, edit) end unless (page.root? rescue nil) diff --git a/lib/tasks/items.rake b/lib/tasks/items.rake index 7d94332e..8889567d 100644 --- a/lib/tasks/items.rake +++ b/lib/tasks/items.rake @@ -3,7 +3,7 @@ namespace :items do task :tree_changes => :environment do Item.all.each do |item| - item.position -= item.position > 5 ? 2 : 1 + item.position -= 1 item.parent_ids = ancestors(item) item.rename(:full_name, :path) item.save diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb index ff0e0a9c..74e5b648 100644 --- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb +++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb @@ -11,6 +11,7 @@ class BulletinCategory PAYMENT_TYPES = [ "List", "Picture" ] APP_NAME = 'Announcement' + field :key field :display @@ -26,4 +27,4 @@ class BulletinCategory BulletinCategory.find(id) rescue nil end -end \ No newline at end of file +end diff --git a/vendor/built_in_modules/news/app/controllers/panel/news/back_end/news_approvals_controller.rb b/vendor/built_in_modules/news/app/controllers/panel/news/back_end/news_approvals_controller.rb index 80838ec5..829daecc 100644 --- a/vendor/built_in_modules/news/app/controllers/panel/news/back_end/news_approvals_controller.rb +++ b/vendor/built_in_modules/news/app/controllers/panel/news/back_end/news_approvals_controller.rb @@ -4,7 +4,7 @@ class Panel::News::BackEnd::NewsApprovalsController < OrbitBackendController include AdminHelper def preview_and_approve - @bulletin = NewsBulletin.find params[:bulletin_id] + @news_bulletin = NewsBulletin.find params[:news_bulletin_id] end def approve diff --git a/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb b/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb index bdd19082..c4982392 100644 --- a/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb +++ b/vendor/built_in_modules/news/app/views/panel/news/back_end/news_bulletins/_news_bulletin.html.erb @@ -55,7 +55,7 @@
  • <%= link_to t('news_bulletin.delete'), panel_news_back_end_news_bulletin_path(news_bulletin), :confirm => t('news.sure?'), :method => :delete, :remote => true %>
    • <% end %> <% if news_show_approval_link(news_bulletin) %> -
  • <%= link_to t('news.news_bulletin.approval'), panel_news_back_end_news_bulletin_approval_preview_path(news_bulletin) %>
    • <%#= #TODO add ancher so user can quick access into that part %> +
  • <%= link_to t('news.news_bulletin.approval'), panel_news_back_end_news_bulletin_approval_preview_path(news_bulletin) ,:class=>"preview_trigger" %>
    • <%#= #TODO add ancher so user can quick access into that part %> <% end %> diff --git a/vendor/built_in_modules/news/config/locales/zh_tw.yml b/vendor/built_in_modules/news/config/locales/zh_tw.yml index 290df5e6..d52554c2 100644 --- a/vendor/built_in_modules/news/config/locales/zh_tw.yml +++ b/vendor/built_in_modules/news/config/locales/zh_tw.yml @@ -51,7 +51,7 @@ zh_tw: list_lower: 列表 title: 標題 postdate: 張貼日期 - approval: 公告審核 + approval: 新聞審核 approval_setting: 審核設定 approval_stat: 審核狀況 approval_pending: 待審核 @@ -68,7 +68,7 @@ zh_tw: category: 分類 status: 狀態 title: 標題 - fact_check: 公告審核 + fact_check: 新聞審核 delete: 刪除 edit: 編輯 # action: 行動 diff --git a/vendor/built_in_modules/news/config/routes.rb b/vendor/built_in_modules/news/config/routes.rb index 5aa7118f..52b3d379 100644 --- a/vendor/built_in_modules/news/config/routes.rb +++ b/vendor/built_in_modules/news/config/routes.rb @@ -6,8 +6,8 @@ Rails.application.routes.draw do match 'update_setting' => "news_approvals#update_setting" ,:as => :news_approval_update_setting resources :news_bulletins do - match "approve/:news_bulletin_id" => "approvals#preview_and_approve",:as => :approval_preview,:via => :put - match "approve/:news_bulletin_id" => "approvals#approve",:as => :approve,:via => :post + match "approve/:news_bulletin_id" => "news_approvals#preview_and_approve",:as => :approval_preview,:via => :put + match "approve/:news_bulletin_id" => "news_approvals#approve",:as => :approve,:via => :post match "link_quick_add/:news_bulletin_id" => "news_bulletins#link_quick_add" ,:as => :link_quick_add match "link_quick_edit/:news_bulletin_id" => "news_bulletins#link_quick_edit" ,:as => :link_quick_edit member do