added authorization to plugin
This commit is contained in:
parent
457533154a
commit
29c61c86e4
|
|
@ -1,4 +1,4 @@
|
||||||
class Admin::BookAuthorTypesController < ApplicationController
|
class Admin::BookAuthorTypesController < OrbitMemberController
|
||||||
before_action :set_book_author_type, only: [:edit, :update, :destroy]
|
before_action :set_book_author_type, only: [:edit, :update, :destroy]
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,11 @@ class Admin::BooksController < OrbitMemberController
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
|
if has_access?
|
||||||
@members_data = Book.member_data rescue nil
|
@members_data = Book.member_data rescue nil
|
||||||
|
else
|
||||||
|
render_401
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
|
|
@ -42,6 +46,7 @@ class Admin::BooksController < OrbitMemberController
|
||||||
end
|
end
|
||||||
|
|
||||||
def new
|
def new
|
||||||
|
if has_access?
|
||||||
@book = Book.new
|
@book = Book.new
|
||||||
@members_data = Book.member_data rescue nil
|
@members_data = Book.member_data rescue nil
|
||||||
|
|
||||||
|
|
@ -49,6 +54,9 @@ class Admin::BooksController < OrbitMemberController
|
||||||
format.html # new.html.erb
|
format.html # new.html.erb
|
||||||
format.xml { render :xml => @book }
|
format.xml { render :xml => @book }
|
||||||
end
|
end
|
||||||
|
else
|
||||||
|
render_401
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
|
@ -65,11 +73,15 @@ class Admin::BooksController < OrbitMemberController
|
||||||
end
|
end
|
||||||
|
|
||||||
def book_setting
|
def book_setting
|
||||||
|
if current_user.is_admin?
|
||||||
@set_author_type = BookAuthorType.new(display: 'List')
|
@set_author_type = BookAuthorType.new(display: 'List')
|
||||||
@author_type_url = admin_books_path
|
@author_type_url = admin_books_path
|
||||||
|
|
||||||
@set_book_type = BookType.new(display: 'List')
|
@set_book_type = BookType.new(display: 'List')
|
||||||
@book_type_url = admin_books_path
|
@book_type_url = admin_books_path
|
||||||
|
else
|
||||||
|
render_401
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,10 @@
|
||||||
<%= link_to writing_book.create_link, page_for_book(writing_book), target: "blank" %>
|
<%= link_to writing_book.create_link, page_for_book(writing_book), target: "blank" %>
|
||||||
<div class="quick-edit">
|
<div class="quick-edit">
|
||||||
<ul class="nav nav-pills hide">
|
<ul class="nav nav-pills hide">
|
||||||
<%if current_user.is_admin?%>
|
<% if current_user.is_admin? %>
|
||||||
<li><%= link_to t('edit'), edit_admin_book_path(writing_book) %></li>
|
<li><%= link_to t('edit'), edit_admin_book_path(writing_book) %></li>
|
||||||
<li><%= link_to t(:delete_), admin_book_path(writing_book), method: :delete, remote: true, data: { confirm: 'Are you sure?' } %></li>
|
<li><%= link_to t(:delete_), admin_book_path(writing_book), method: :delete, remote: true, data: { confirm: 'Are you sure?' } %></li>
|
||||||
<% end -%>
|
<% end %>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
|
|
|
||||||
|
|
@ -13,8 +13,9 @@
|
||||||
|
|
||||||
<div class="bottomnav clearfix">
|
<div class="bottomnav clearfix">
|
||||||
<div class="action pull-right">
|
<div class="action pull-right">
|
||||||
|
<% if current_user.is_admin? %>
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-cog icon-white') + t('setting'), admin_book_setting_path, :class => 'btn btn-primary pull-right' %>
|
<%= link_to content_tag(:i, nil, :class => 'icon-cog icon-white') + t('setting'), admin_book_setting_path, :class => 'btn btn-primary pull-right' %>
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_admin_book_path, :class => 'btn btn-primary pull-right' %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
<div class="pagination pagination-centered">
|
<div class="pagination pagination-centered">
|
||||||
<%= content_tag :div, paginate(@writing_books), class: "pagination pagination-centered" %>
|
<%= content_tag :div, paginate(@writing_books), class: "pagination pagination-centered" %>
|
||||||
|
|
|
||||||
|
|
@ -32,7 +32,7 @@
|
||||||
|
|
||||||
%>
|
%>
|
||||||
|
|
||||||
<% if current_user.is_admin? %>
|
<% if has_access? %>
|
||||||
<div class="list-active">
|
<div class="list-active">
|
||||||
<div class="btn-group">
|
<div class="btn-group">
|
||||||
<%= link_to('Hide', '#', :class => "btn btn-mini list-active-btn disabled", "data-check-action" => "list-be-hide", :rel => data_share_admin_books_path(member_profile_id: params[:id], disable: 'true') ) %>
|
<%= link_to('Hide', '#', :class => "btn btn-mini list-active-btn disabled", "data-check-action" => "list-be-hide", :rel => data_share_admin_books_path(member_profile_id: params[:id], disable: 'true') ) %>
|
||||||
|
|
@ -44,7 +44,7 @@
|
||||||
<table class="table table-condensed table-striped main-list">
|
<table class="table table-condensed table-striped main-list">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<% if current_user.is_admin? %>
|
<% if has_access? %>
|
||||||
<th><input type="checkbox" /></th>
|
<th><input type="checkbox" /></th>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<th class="span1"><%= t('personal_journal.year') %></th>
|
<th class="span1"><%= t('personal_journal.year') %></th>
|
||||||
|
|
@ -59,7 +59,7 @@
|
||||||
<% @books.each do |book| %>
|
<% @books.each do |book| %>
|
||||||
|
|
||||||
<tr id="<%= dom_id book %>" class="<%= book.is_hidden ? "checkHide" : "" %>">
|
<tr id="<%= dom_id book %>" class="<%= book.is_hidden ? "checkHide" : "" %>">
|
||||||
<% if is_admin? %>
|
<% if has_access? %>
|
||||||
<td>
|
<td>
|
||||||
<%= check_box_tag 'to_change[]', book.id.to_s, false, :class => "list-check" %>
|
<%= check_box_tag 'to_change[]', book.id.to_s, false, :class => "list-check" %>
|
||||||
</td>
|
</td>
|
||||||
|
|
@ -67,12 +67,14 @@
|
||||||
<td><%= book.year %></td>
|
<td><%= book.year %></td>
|
||||||
<td>
|
<td>
|
||||||
<%= link_to book.create_link, page_for_book(book), target: "blank"%>
|
<%= link_to book.create_link, page_for_book(book), target: "blank"%>
|
||||||
|
<% if has_access? %>
|
||||||
<div class="quick-edit">
|
<div class="quick-edit">
|
||||||
<ul class="nav nav-pills hide">
|
<ul class="nav nav-pills hide">
|
||||||
<li><%= link_to t('edit'), edit_admin_book_path(book, member_profile_id: @member.id) %></li>
|
<li><%= link_to t('edit'), edit_admin_book_path(book, member_profile_id: @member.id) %></li>
|
||||||
<li><%= link_to t(:delete_), admin_book_path(id: book.id, member_profile_id: @member.id), method: :delete, remote: true, data: { confirm: t('sure?') } %></li>
|
<li><%= link_to t(:delete_), admin_book_path(id: book.id, member_profile_id: @member.id), method: :delete, remote: true, data: { confirm: t('sure?') } %></li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
</td>
|
</td>
|
||||||
<td><%= book.authors %></td>
|
<td><%= book.authors %></td>
|
||||||
|
|
@ -83,7 +85,7 @@
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
<% if current_user.is_admin? %>
|
<% if has_access? %>
|
||||||
<div class="bottomnav clearfix">
|
<div class="bottomnav clearfix">
|
||||||
|
|
||||||
<div class="action pull-right">
|
<div class="action pull-right">
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue