From 38758160fe42d7b37c96f4e8daf6a752f9c7a190 Mon Sep 17 00:00:00 2001 From: manson Date: Thu, 31 Jul 2014 20:42:42 +0800 Subject: [PATCH] Add authorization --- app/controllers/admin/page_contents_controller.rb | 8 ++++++-- app/views/admin/page_contents/index.html.erb | 4 +++- lib/page_content/engine.rb | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/app/controllers/admin/page_contents_controller.rb b/app/controllers/admin/page_contents_controller.rb index 5278afd..8465347 100644 --- a/app/controllers/admin/page_contents_controller.rb +++ b/app/controllers/admin/page_contents_controller.rb @@ -9,8 +9,12 @@ class Admin::PageContentsController < OrbitAdminController end def new - @page = Page.find(params[:page_id]) - @page_content = PageContext.new + if can_edit_or_delete?(nil) + @page = Page.find(params[:page_id]) + @page_content = PageContext.new + else + render_401 + end end def create diff --git a/app/views/admin/page_contents/index.html.erb b/app/views/admin/page_contents/index.html.erb index 35528b0..97a3c8b 100644 --- a/app/views/admin/page_contents/index.html.erb +++ b/app/views/admin/page_contents/index.html.erb @@ -13,7 +13,9 @@ <%= page.name %>
diff --git a/lib/page_content/engine.rb b/lib/page_content/engine.rb index 5858ae3..ee111c3 100644 --- a/lib/page_content/engine.rb +++ b/lib/page_content/engine.rb @@ -9,7 +9,7 @@ module PageContent side_bar do head_label_i18n 'page_content.page', icon_class: "icons-newspaper" - available_for [:admin,:manager,:sub_manager] + available_for "users" active_for_controllers (['admin/page_contents']) head_link_path "admin_page_contents_path" end