diff --git a/app/controllers/orbit_backend_controller.rb b/app/controllers/orbit_backend_controller.rb index 12ba78e4..9648f327 100644 --- a/app/controllers/orbit_backend_controller.rb +++ b/app/controllers/orbit_backend_controller.rb @@ -33,6 +33,7 @@ class OrbitBackendController< ApplicationController def get_sorted_and_filtered(object_class, query=nil) objects = get_objects(object_class, query) + object_class = object_class.classify.constantize if !params[:sort].blank? options = params[:sort_options] options = [options] if !options.class.eql?(Array) @@ -87,7 +88,7 @@ class OrbitBackendController< ApplicationController end if value.size > 0 end end - Kaminari.paginate_array(objects).page(params[:page]).per(10) + Kaminari.paginate_array(filter_authorized_objects(objects)).page(params[:page]).per(10) end def get_string_value_from_object(object) @@ -159,13 +160,16 @@ class OrbitBackendController< ApplicationController end def get_objects(object_class, query=nil) - object_class = object_class.classify.constantize if query - objects = object_class.all.where(query).entries + objects = object_class.all.where(query) else - objects = object_class.all.entries + objects = object_class.all end + objects + end + + def filter_authorized_objects(objects) if(!is_admin? || !is_manager?) objects.delete_if{ |object| if object.is_pending == true diff --git a/app/models/item.rb b/app/models/item.rb index cdf0f2fb..8dd5c0b4 100644 --- a/app/models/item.rb +++ b/app/models/item.rb @@ -10,16 +10,18 @@ class Item field :is_published, :type => Boolean, :default => false field :enabled_for, :type => Array, :default => nil field :menu_enabled_for, :type => Array, :default => nil + + has_one :i18n_variable, :as => :language_value, :autosave => true, :dependent => :destroy validates_format_of :name, :with => /^[0-9a-zA-Z\-_]+$/ validates :name, :exclusion => { :in => LIST[:forbidden_item_names] } validates_uniqueness_of :name, :scope => :parent_id validates_presence_of :name - validates_associated :parent, :children + + before_destroy :destroy_children after_rearrange :rebuild_path - has_one :i18n_variable, :as => :language_value, :autosave => true, :dependent => :destroy def self.find_by_name(item_name) Item.first(:conditions => { :name => item_name, :is_published => true })