diff --git a/app/controllers/admin/archive_files_controller.rb b/app/controllers/admin/archive_files_controller.rb index 50c6dcb..fa0d9a3 100644 --- a/app/controllers/admin/archive_files_controller.rb +++ b/app/controllers/admin/archive_files_controller.rb @@ -27,9 +27,13 @@ class Admin::ArchiveFilesController < OrbitAdminController end def edit - @archive_file = ArchiveFile.find(params[:id]) - @tags = @module_app.tags - @categories = @module_app.categories + @archive_file = ArchiveFile.find(params[:id]) + if can_edit_or_delete?(@archive_file) + @tags = @module_app.tags + @categories = @module_app.categories + else + render_401 + end end def create diff --git a/app/views/admin/archive_files/_index.html.erb b/app/views/admin/archive_files/_index.html.erb index 40a1cb5..0fff8f6 100644 --- a/app/views/admin/archive_files/_index.html.erb +++ b/app/views/admin/archive_files/_index.html.erb @@ -23,8 +23,10 @@ <%= archive.title %>
diff --git a/lib/archive/engine.rb b/lib/archive/engine.rb index 1b2ecfd..53ce1a9 100644 --- a/lib/archive/engine.rb +++ b/lib/archive/engine.rb @@ -12,33 +12,37 @@ module Archive frontend_enabled side_bar do head_label_i18n 'archive.archive', icon_class: "icons-archive" - available_for [:admin,:manager,:sub_manager] + available_for "users" active_for_controllers (['admin/archive_files']) head_link_path "admin_archive_files_path" context_link 'all', :link_path=>"admin_archive_files_path" , :priority=>1, - :active_for_action=>{'admin/archive_files'=>"index"} + :active_for_action=>{'admin/archive_files'=>"index"}, + :available_for => 'users' context_link 'new_', :link_path=>"new_admin_archive_file_path" , :priority=>2, - :active_for_action=>{'admin/archive_files'=>"new"} + :active_for_action=>{'admin/archive_files'=>"new"}, + :available_for => 'sub_managers' context_link 'categories', :link_path=>"admin_module_app_categories_path" , :link_arg=>"{:module_app_id=>ModuleApp.find_by(:key=>'archive').id}", :priority=>3, :active_for_action=>{'admin/archive_files'=>'categories'}, - :active_for_category => 'Archive' + :active_for_category => 'Archive', + :available_for => 'managers' context_link 'tags', :link_path=>"admin_module_app_tags_path" , :link_arg=>"{:module_app_id=>ModuleApp.find_by(:key=>'archive').id}", :priority=>4, :active_for_action=>{'admin/archive_files'=>'tags'}, - :active_for_tag => 'Archive' + :active_for_tag => 'Archive', + :available_for => 'managers' end end end