guest user

This commit is contained in:
Matthew K. Fu JuYuan 2012-08-23 16:05:14 +08:00
parent 9333503545
commit 01d278d688
26 changed files with 159 additions and 72 deletions

View File

@ -11,7 +11,7 @@ gem 'exception_notification' # Send error trace
gem 'execjs'
gem 'jquery-rails'
gem 'jquery-ui-rails'
gem "pry", "~> 0.9.10"
gem 'kaminari', :git => 'git://github.com/amatsuda/kaminari.git'
gem 'mini_magick'

View File

@ -66,6 +66,7 @@ GEM
carrierwave (>= 0.5.6)
mongoid (~> 2.1)
chronic (0.6.7)
coderay (1.0.7)
coffee-rails (3.1.1)
coffee-script (>= 2.2.0)
railties (~> 3.1.0)
@ -114,6 +115,7 @@ GEM
i18n (>= 0.4.0)
mime-types (~> 1.16)
treetop (~> 1.4.8)
method_source (0.8)
mime-types (1.17.2)
mini_magick (3.4)
subexec (~> 0.2.1)
@ -140,6 +142,10 @@ GEM
color (>= 1.4.0)
transaction-simple (~> 1.3)
polyglot (0.3.3)
pry (0.9.10)
coderay (~> 1.0.5)
method_source (~> 0.8)
slop (~> 3.3.1)
rack (1.3.6)
rack-cache (1.2)
rack (>= 0.4)
@ -234,6 +240,7 @@ GEM
rack (~> 1.3, >= 1.3.6)
rack-protection (~> 1.2)
tilt (~> 1.3, >= 1.3.3)
slop (3.3.2)
spork (0.9.0)
spork (0.9.0-x86-mingw32)
win32-process
@ -295,6 +302,7 @@ DEPENDENCIES
mongoid-encryptor
mongoid-tree
nokogiri
pry (~> 0.9.10)
radius
rails (>= 3.1.0, < 3.2.0)
rake

View File

@ -1,8 +1,10 @@
class Admin::AdBannersController < OrbitBackendController
layout "new_admin"
before_filter :authenticate_user!
before_filter :force_order_for_visitor,:only=>[:index]
#before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
before_filter :for_app_manager,:except => [:index,:show,:update,:realtime_preview]
before_filter :for_app_sub_manager
def rename
@ad_banner = AdBanner.find(params[:id])

View File

@ -1,7 +1,7 @@
class Admin::DashboardsController < ApplicationController
class Admin::DashboardsController < OrbitBackendController
layout "new_admin"
before_filter :authenticate_user!
#before_filter :set_current_user
#before_filter :authenticate_user!, :except => [:index]
# before_filter :is_admin?
def index

View File

@ -1,9 +1,13 @@
class Admin::TagsController < ApplicationController
class Admin::TagsController < OrbitBackendController
before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
layout 'new_admin'
before_filter :authenticate_user!
before_filter :is_admin?
before_filter :set_module_app
# layout 'new_admin'
# before_filter :authenticate_user!
# before_filter :is_admin?
# before_filter :set_module_app
def index
get_tags

View File

@ -9,7 +9,7 @@ class ApplicationController < ActionController::Base
before_filter :set_locale, :set_site
def set_current_user
User.current = current_user
User.current = current_or_guest_user
end
def front_end_available(module_app_title='')
@ -50,11 +50,26 @@ class ApplicationController < ActionController::Base
# Check if the current_user is admin
def is_admin?
current_user.admin? ? true : auth_failed_in_backend
current_or_guest_user.admin? ? true : auth_failed_in_backend
end
def is_manager?
@module_app.managing_users.include?(current_user) || is_admin?
@module_app.is_manager?(current_or_guest_user) || is_admin?
end
# Check if the current_user is admin
def is_member?
if (current_user rescue false)
return true
end
return false
end
def is_guest?
if session[:guest_user_id]
return true
end
return false
end
def for_admin_only
@ -76,7 +91,7 @@ class ApplicationController < ActionController::Base
end
def for_app_sub_manager
if (@module_app.sub_managing_users.include?(current_user) || is_manager?)
if (@module_app.sub_managing_users.include?(current_or_guest_user) || is_manager?)
true
else
flash[:error] = t("admin.access.denied.app.not_sub_manager")
@ -85,7 +100,7 @@ class ApplicationController < ActionController::Base
end
def for_app_user
if (@module_app.app_auth.auth_users.include?(current_user) || for_app_sub_manager )
if (@module_app.app_auth.auth_users.include?(current_or_guest_user) || for_app_sub_manager )
true
else
flash[:error] = t("admin.access.denied.app.not_authed_user")
@ -95,7 +110,7 @@ class ApplicationController < ActionController::Base
def check_object_premission(obj,title)
flash[:error] = t("admin.access.denied.object")
auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_user) || is_manager? || is_admin? )
auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) || is_manager? || is_admin? )
end
# Render the page
@ -177,5 +192,16 @@ class ApplicationController < ActionController::Base
[shift_out] + a
end
end
# called (once) when the user logs in, insert any code your application needs
# to hand off from guest_user to current_user.
def logging_in
# For example:
# guest_comments = guest_user.comments.all
# guest_comments.each do |comment|
# comment.user_id = current_user.id
# comment.save
# end
end
end

View File

@ -1,12 +1,12 @@
class OrbitBackendController< ApplicationController
before_filter :force_order,:except => [:public]
before_filter :setup_vars
before_filter :set_current_user
#before_filter :setup_vars
#before_filter :set_current_user
# before_filter {|c| c.front_end_available(@app_title)}
# before_filter :check_user_can_use
include OrbitCoreLib::PermissionUnility
include AdminHelper
include ApplicationHelper
layout 'new_admin'
@ -18,8 +18,16 @@ class OrbitBackendController< ApplicationController
end
private
def force_order
def force_order_for_visitor
setup_vars
set_current_user
end
def force_order_for_user
setup_vars
set_current_user
authenticate_user!
check_user_can_use
end

View File

@ -7,15 +7,15 @@ module AdminHelper
# Check if the current_user is manager in current module app
def is_manager?
@module_app.is_manager?(current_user) || is_admin?
@module_app.is_manager?(current_or_guest_user) || is_admin?
end
# Check if the current_user is sub manager in current module app
def is_sub_manager?
@module_app.is_sub_manager?(current_user)|| is_admin?
@module_app.is_sub_manager?(current_or_guest_user)|| is_admin?
end
def is_admin?
current_user.admin?
current_or_guest_user.admin?
end
end

View File

@ -2,6 +2,37 @@ module ApplicationHelper
FLASH_NOTICE_KEYS = [:error, :notice, :warning]
def create_guest_user
u = User.create(:name => "guest", :email => "guest_#{Time.now.to_i}#{rand(99)}@example.com")
u.admin = false
u.save(:validate => false)
u
end
# if user is logged in, return current_user, else return guest_user
def current_or_guest_user
if current_user
if session[:guest_user_id]
logging_in
guest_user.destroy
session[:guest_user_id] = nil
end
current_user
else
guest_user
end
end
# find guest_user object associated with the current session,
# creating one as needed
def guest_user
User.find(session[:guest_user_id].nil? ? session[:guest_user_id] = create_guest_user.id : session[:guest_user_id])
end
def colorize_in_use_locale(locale)
@site_in_use_locales.include?(locale)? 'green' : 'red'
end
@ -200,10 +231,6 @@ module ApplicationHelper
display_visitors(created_at: {'$gte' => Date.today.beginning_of_year, '$lte' => Date.today.end_of_year})
end
def at_least_module_manager
is_manager? || is_admin?
end
def display_date_time(object)
object.strftime("%Y-%m-%d %H:%M")
end

View File

@ -12,7 +12,7 @@ class Site
field :private_key, :type => Binary
field :public_key, :type => Binary
field :title_always_on, :type => Boolean, :default => false
field :dashbroad_allow_visitor, :type => Boolean, :default => false
field :mail_settings, :type => Hash
field :school

View File

@ -9,9 +9,9 @@
<%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.announcement'), panel_announcement_back_end_bulletins_path %>
<%= content_tag :ul, :class => ("nav nav-list " + (visible_for_controllers('bulletins', '/panel/announcement/back_end/tags', 'bulletin_categorys', 'approvals')||active_for_ob_auths_object("BulletinCategory"))) do -%>
<%= content_tag :li, link_to(t('announcement.all_articles'), panel_announcement_back_end_bulletins_path), :class => active_for_action('bulletins', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_announcement_back_end_bulletin_path), :class => active_for_action('bulletins', 'new') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_announcement_back_end_bulletin_categorys_path), :class =>( active_for_action('bulletin_categorys', 'index') || active_for_ob_auths_object("BulletinCategory") ) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_announcement_back_end_tags_path), :class => active_for_action('/panel/announcement/back_end/tags', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_announcement_back_end_bulletin_path), :class => active_for_action('bulletins', 'new') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_announcement_back_end_bulletin_categorys_path), :class =>( active_for_action('bulletin_categorys', 'index') || active_for_ob_auths_object("BulletinCategory") )if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_announcement_back_end_tags_path), :class => active_for_action('/panel/announcement/back_end/tags', 'index')if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_announcement_back_end_approval_setting_path), :class => active_for_action('approvals', 'setting') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "Announcement"}))), :class => active_for_app_auth('Announcement') if (is_admin? rescue nil) %>
@ -23,9 +23,9 @@
<%= link_to content_tag(:i, nil, :class => 'icons-announcement') + t('admin.news'), panel_news_back_end_news_bulletins_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('news_bulletins', '/panel/news/back_end/tags', 'news_bulletin_categorys', 'news_approvals')) do -%>
<%= content_tag :li, link_to(t('announcement.all_articles'), panel_news_back_end_news_bulletins_path), :class => active_for_action('news_bulletins', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_news_back_end_news_bulletin_path), :class => active_for_action('news_bulletins', 'new') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_news_back_end_news_bulletin_categorys_path), :class => active_for_action('news_bulletin_categorys', 'index') || active_for_ob_auths_object("NewsBulletinCategory") %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_news_back_end_tags_path), :class => active_for_action('/panel/news/back_end/tags', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_news_back_end_news_bulletin_path), :class => active_for_action('news_bulletins', 'new') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_news_back_end_news_bulletin_categorys_path), :class => active_for_action('news_bulletin_categorys', 'index') || active_for_ob_auths_object("NewsBulletinCategory") if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_news_back_end_tags_path), :class => active_for_action('/panel/news/back_end/tags', 'index') if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('announcement.bulletin.approval_setting'), panel_news_back_end_approval_setting_path), :class => active_for_action('news_approvals', 'setting') if (is_manager? rescue nil) %>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {key: "news"}))), :class => active_for_app_auth('news') if (is_admin? rescue nil) %>
<% end -%>
@ -60,9 +60,9 @@
<%= link_to content_tag(:i, nil, :class => 'icons-link') + t('admin.link'), panel_web_resource_back_end_web_links_path %>
<%= content_tag :ul, :class => ("nav nav-list " + visible_for_controllers('web_links', '/panel/web_resource/back_end/tags', 'web_link_categorys')) do -%>
<%= content_tag :li, link_to(t('admin.all_articles'), panel_web_resource_back_end_web_links_path), :class => active_for_action('web_links', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path), :class => active_for_action('web_links', 'new') %>
<%= content_tag :li, link_to(t('announcement.categories'), panel_web_resource_back_end_web_link_categorys_path), :class => (active_for_action('web_link_categorys', 'index') || active_for_ob_auths_object("WebLinkCategory")) %>
<%= content_tag :li, link_to(t('announcement.tags'), panel_web_resource_back_end_tags_path), :class => active_for_action('/panel/web_resource/back_end/tags', 'index') %>
<%= content_tag :li, link_to(t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path), :class => active_for_action('web_links', 'new') if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('announcement.categories'), panel_web_resource_back_end_web_link_categorys_path), :class => (active_for_action('web_link_categorys', 'index') || active_for_ob_auths_object("WebLinkCategory")) if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('announcement.tags'), panel_web_resource_back_end_tags_path), :class => active_for_action('/panel/web_resource/back_end/tags', 'index') if (is_manager? rescue nil)%>
<%= content_tag :li, link_to(t('admin.module.authorization'),admin_module_app_manager_auth_proc_path(ModuleApp.first(conditions: {title: "web_resource"}))), :class => active_for_app_auth('web_resource') if (is_admin? rescue nil) %>
<% end -%>
<% end -%>

View File

@ -9,8 +9,7 @@ defaults: &defaults
development:
<<: *defaults
# database: prototype_r4_development
database: demo_site_development
database: desktop
test:
<<: *defaults
database: prototype_r4_test

View File

@ -79,19 +79,18 @@ module OrbitCoreLib
module PermissionUnility
private
def check_permission(type = :use)
setup_vars
permission_grant = current_user.admin?? true : false
permission_grant = current_or_guest_user.admin?? true : false
module_app = @module_app.nil?? find_module_app_by_token(params[:token]) : @module_app
unless permission_grant
permission_grant = case type
when :use
users_ary = module_app.app_auth.auth_users rescue nil
users_ary = [] if users_ary.nil?
(users_ary.include?(current_user) || module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user))
(users_ary.include?(current_or_guest_user) || module_app.is_manager?(current_or_guest_user) || module_app.is_sub_manager?(current_or_guest_user))
when :manager
module_app.is_manager?(current_user)
module_app.is_manager?(current_or_guest_user)
when :sub_manager
module_app.is_manager?(current_user) || module_app.is_sub_manager?(current_user)
module_app.is_manager?(current_or_guest_user) || module_app.is_sub_manager?(current_or_guest_user)
end
end
permission_grant

View File

@ -1,9 +1,13 @@
class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
before_filter :authenticate_user!
#before_filter :authenticate_user!, :except => [:index]
# before_filter :for_admin_only,:only => [:]
# before_filter :for_app_manager,:only => [:index,:show,]
before_filter :force_order_for_visitor,:only=>[:index,:show,:get_sorted_and_filtered_bulletins]
before_filter :force_order_for_user,:except => [:index,:show,:get_sorted_and_filtered_bulletins]
before_filter :for_app_sub_manager,:except => [:index,:show,:get_sorted_and_filtered_bulletins]
def index
# @bulletins = Bulletin.all
# @bulletins = Bulletin.desc("postdate desc")

View File

@ -1,6 +1,6 @@
<tr id="<%= dom_id bulletin %>" class="with_action">
<td>
<% if (bulletin.create_user_id == current_user.id) || is_manager? %>
<% if (bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<%= check_box_tag 'to_delete[]', bulletin.id, false, :class => "checkbox_in_list" %>
<% end -%>
</td>
@ -34,9 +34,9 @@
<div class="quick-edit">
<ul class="nav nav-pills hide">
<% if (bulletin.create_user_id == current_user.id) || is_manager? %>
<% if (bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<% if current_user.admin? || (!bulletin.is_rejected? && !bulletin.is_checked?) %>
<% if current_or_guest_user.admin? || (!bulletin.is_rejected? && !bulletin.is_checked?) %>
<li><%= link_to t('bulletin.edit'), edit_panel_announcement_back_end_bulletin_path(bulletin) %></li>
<li class="dropdown">
<a href="#" data-toggle="dropdown" class="dropdown-toggle"><%= t(:quick_edit) %><b class="caret"></b></a>

View File

@ -2,8 +2,8 @@
<%= link_to t(:top), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_top'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_top')}" %>
<%= link_to t(:hot), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hot'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hot')}" %>
<%= link_to t(:hidden), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hidden'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hidden')}" %>
<%= link_to t(:pending), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" %>
<%= link_to t(:passed), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" %>
<%= link_to t(:rejected), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" %>
<%= link_to t(:pending), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" if(is_manager?)%>
<%= link_to t(:passed), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" if(is_manager?)%>
<%= link_to t(:rejected), panel_announcement_back_end_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" if(is_manager?)%>
</div>
<%= render :partial => 'clear_filters', :locals => {:type => 'status'} %>

View File

@ -6,7 +6,7 @@
<% end %>
<div class="form-actions form-fixed pagination-right">
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_announcement_back_end_bulletin_path, :class => 'btn btn-primary pull-right' %>
<%= link_to(content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_announcement_back_end_bulletin_path, :class => 'btn btn-primary pull-right' )if (is_manager? rescue nil)%>
<div id="bulletin_pagination" class="paginationFixed">
<%= paginate @bulletins, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil, :sort_options => params[:sort_options]} %>
</div>

View File

@ -1,6 +1,8 @@
class Panel::News::BackEnd::NewsBulletinCategorysController < OrbitBackendController
before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
before_filter :for_app_manager,:except => [:index]
def index

View File

@ -1,9 +1,10 @@
class Panel::News::BackEnd::NewsBulletinsController < OrbitBackendController
before_filter :authenticate_user!
class Panel::News::BackEnd::NewsBulletinsController < OrbitBackendController
#before_filter :authenticate_user!
# before_filter :for_admin_only,:only => [:]
# before_filter :for_app_manager,:only => [:index,:show,]
before_filter :force_order_for_visitor,:only=>[:index,:show,:get_sorted_and_filtered_news_bulletins]
before_filter :force_order_for_user,:except => [:index,:show,:get_sorted_and_filtered_news_bulletins]
before_filter :for_app_sub_manager,:except => [:index,:show,:get_sorted_and_filtered_news_bulletins]
def index

View File

@ -2,8 +2,8 @@
<%= link_to t(:top), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_top'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_top')}" %>
<%= link_to t(:hot), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hot'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hot')}" %>
<%= link_to t(:hidden), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_hidden'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_hidden')}" %>
<%= link_to t(:pending), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" %>
<%= link_to t(:passed), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" %>
<%= link_to t(:rejected), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" %>
<%= link_to t(:pending), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_pending'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_pending')}" if(is_manager?) %>
<%= link_to t(:passed), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_checked'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_checked')}" if(is_manager?)%>
<%= link_to t(:rejected), panel_news_back_end_news_bulletins_path(:filter => @filter, :new_filter => {:type => 'status', :id => 'is_rejected'}, :sort => params[:sort], :direction => params[:direction], :sort_options => params[:sort_options]), :class => "btn js_history#{is_filter_active?('status', 'is_rejected')}" if(is_manager?)%>
</div>
<%= render :partial => 'clear_filters', :locals => {:type => 'status'} %>

View File

@ -1,6 +1,6 @@
<tr id="<%= dom_id news_bulletin %>" class="with_action">
<td>
<% if (news_bulletin.create_user_id == current_user.id) || is_manager? %>
<% if (news_bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<%= check_box_tag 'to_delete[]', news_bulletin.id, false, :class => "checkbox_in_list" %>
<% end -%>
</td>
@ -34,9 +34,9 @@
<div class="quick-edit">
<ul class="nav nav-pills hide">
<% if (news_bulletin.create_user_id == current_user.id) || is_manager? %>
<% if (news_bulletin.create_user_id == current_or_guest_user.id) || is_manager? %>
<% if current_user.admin? || (!news_bulletin.is_rejected? && !news_bulletin.is_checked?) %>
<% if current_or_guest_user.admin? || (!news_bulletin.is_rejected? && !news_bulletin.is_checked?) %>
<li><%= link_to t('news_bulletin.edit'), edit_panel_news_back_end_news_bulletin_path(news_bulletin) %></li>
<li class="dropdown">
<a href="#" data-toggle="dropdown" class="dropdown-toggle"><%= t(:quick_edit) %><b class="caret"></b></a>

View File

@ -6,7 +6,7 @@
<% end %>
<div class="form-actions form-fixed pagination-right">
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_news_back_end_news_bulletin_path, :class => 'btn btn-primary' %>
<%= link_to(content_tag(:i, nil, :class => 'icon-plus icon-white') + t('admin.add'), new_panel_news_back_end_news_bulletin_path, :class => 'btn btn-primary' )if (is_manager? rescue nil)%>
<div id="news_bulletin_pagination" class="paginationFixed">
<%= paginate @news_bulletins, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil, :sort_options => params[:sort_options]} %>
</div>

View File

@ -1,7 +1,10 @@
class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController
before_filter :for_app_manager,:except => [:index,:edit,:update,:view,:show]
before_filter :for_app_sub_manager,:only => [:edit,:update,:view,:show]
:authenticate_user!
before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_manager,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
#before_filter :is_admin?
def index

View File

@ -1,6 +1,10 @@
class Panel::WebResource::BackEnd::WebLinksController < OrbitBackendController
before_filter :authenticate_user!
#before_filter :authenticate_user!
# before_filter :for_app_manager,:except => [:index,:show]
before_filter :force_order_for_visitor,:only=>[:index]
before_filter :force_order_for_user,:except => [:index]
before_filter :for_app_sub_manager,:except => [:index]
def index

View File

@ -1,6 +1,6 @@
<tr id="<%= dom_id web_link %>" class="with_action">
<td>
<% if (web_link.create_user_id == current_user.id) || is_manager? %>
<% if (web_link.create_user_id == current_or_guest_user.id) || is_manager? %>
<%= check_box_tag 'to_delete[]', web_link.id, false, :class => "checkbox_in_list" %>
<% end -%>
</td>

View File

@ -17,7 +17,7 @@
<% end %>
<div class="form-actions form-fixed pagination-right">
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path, :class => 'btn btn-primary pull-right' %>
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_panel_web_resource_back_end_web_link_path, :class => 'btn btn-primary pull-right' if (is_manager? rescue nil) %>
<div id="web_link_pagination" class="paginationFixed">
<%= paginate @web_links, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil} %>
</div>