From e75873273ce07194b0f34e60a19397343860290f Mon Sep 17 00:00:00 2001 From: saurabhbhatia Date: Thu, 22 Aug 2013 16:24:14 +0800 Subject: [PATCH] Updated Gallery with authorizations --- app/views/admin/default_index/_index.html.erb | 1 - .../back_end/album_images_controller.rb | 9 +----- .../gallery/back_end/albums_controller.rb | 29 ++++--------------- .../gallery/app/models/gallery_image.rb | 2 +- 4 files changed, 8 insertions(+), 33 deletions(-) diff --git a/app/views/admin/default_index/_index.html.erb b/app/views/admin/default_index/_index.html.erb index 1838abb8..dcdaa34c 100644 --- a/app/views/admin/default_index/_index.html.erb +++ b/app/views/admin/default_index/_index.html.erb @@ -32,7 +32,6 @@ <% end %> <% end %> - <%= index_table %> <%= @index_footer %> diff --git a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/album_images_controller.rb b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/album_images_controller.rb index c8504bf4..6775d874 100644 --- a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/album_images_controller.rb +++ b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/album_images_controller.rb @@ -3,15 +3,8 @@ class Panel::Gallery::BackEnd::AlbumImagesController < OrbitBackendController # before_filter :force_order_for_visitor,:only=>[:index] # before_filter :force_order_for_user#,:except => [:index] - before_filter :force_order_for_visitor,:only=>[:index,:show] - before_filter :force_order_for_user,:except => [:index,:show] - before_filter :for_app_sub_manager,:except => [:index,:show] + def show - if is_manager? || is_admin? || is_sub_manager? - @authenticated = true #turn this value to false for view only - else - @authenticated = false - end @tags = get_tags @image = GalleryImage.find(params[:id]) @albumid = @image.gallery_album_id diff --git a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/albums_controller.rb b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/albums_controller.rb index e9efa9ab..5b358f83 100644 --- a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/albums_controller.rb +++ b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/albums_controller.rb @@ -1,15 +1,15 @@ class Panel::Gallery::BackEnd::AlbumsController < OrbitBackendController - + open_for_visitor :only => [:index, :show] + open_for_manager :except => [:index,:show,:update] + open_for_sub_manager :except => [:index, :show] + # before_filter lambda def index @categories = get_categories_for_index - @albums = GalleryAlbum.all @tags = get_tags - @c = [] - @ac = @c.inject(@categories,:<<) - @album_category = @albums.map { |a| @categories.include?(a.category_id) } - + category_ids = @categories.collect{|t| t.id} + @albums = get_sorted_and_filtered("gallery_album", :category_id.in => category_ids) end def show @@ -124,19 +124,7 @@ class Panel::Gallery::BackEnd::AlbumsController < OrbitBackendController tag_ids: values.tag_ids, tag_names: tags} end - if is_manager? || is_admin? || is_sub_manager? - @authenticated = true #turn this value to false for view only - else - @authenticated = false - end - if @authenticated render :json=>{"images" => @output, "tags" => @album.tag_ids}.to_json - else - @album.tag_ids.each do |tag| - @tag_names << GalleryTag.find(tag)[I18n.locale] - end - render :json=>{"images" => @output, "tags" => @album.tag_ids, "tag_names" => @tag_names}.to_json - end end @@ -175,11 +163,6 @@ class Panel::Gallery::BackEnd::AlbumsController < OrbitBackendController def update @album = GalleryAlbum.find(params[:id]) @album.update_attributes(params[:gallery_album]) - if is_manager? || is_admin? || is_sub_manager? - @authenticated = true #turn this value to false for view only - else - @authenticated = false - end if params['delete_cover'] == "true" @album.update_attributes(:cover=>"default") end diff --git a/vendor/built_in_modules/gallery/app/models/gallery_image.rb b/vendor/built_in_modules/gallery/app/models/gallery_image.rb index f1a54d2f..1fda445f 100644 --- a/vendor/built_in_modules/gallery/app/models/gallery_image.rb +++ b/vendor/built_in_modules/gallery/app/models/gallery_image.rb @@ -1,5 +1,5 @@ class GalleryImage - include Mongoid::Document + include Mongoid::Document include Mongoid::Timestamps include OrbitTag::Taggable