From e9e29da1fc17a1148e5ba7f098d8aec024c2cd64 Mon Sep 17 00:00:00 2001 From: manson Date: Fri, 1 Aug 2014 12:23:53 +0800 Subject: [PATCH] add authorization --- .../admin/journal_levels_controller.rb | 3 ++- .../journal_paper_author_types_controller.rb | 3 ++- .../admin/journal_paper_types_controller.rb | 4 ++-- .../admin/journal_papers_controller.rb | 6 ++++-- app/controllers/journal_papers_controller.rb | 6 ++++-- app/views/admin/journal_papers/_form.html.erb | 1 + app/views/admin/journal_papers/index.html.erb | 1 - .../plugin/journal_paper/_profile.html.erb | 21 ++++++++++--------- 8 files changed, 26 insertions(+), 19 deletions(-) diff --git a/app/controllers/admin/journal_levels_controller.rb b/app/controllers/admin/journal_levels_controller.rb index af60876..6ddd63c 100644 --- a/app/controllers/admin/journal_levels_controller.rb +++ b/app/controllers/admin/journal_levels_controller.rb @@ -1,4 +1,5 @@ -class Admin::JournalLevelsController < ApplicationController +class Admin::JournalLevelsController < OrbitMemberController + before_action :allow_admin_only before_action :set_journal_level, only: [:edit, :update, :destroy] def initialize diff --git a/app/controllers/admin/journal_paper_author_types_controller.rb b/app/controllers/admin/journal_paper_author_types_controller.rb index b6bd815..6aa7110 100644 --- a/app/controllers/admin/journal_paper_author_types_controller.rb +++ b/app/controllers/admin/journal_paper_author_types_controller.rb @@ -1,4 +1,5 @@ -class Admin::JournalPaperAuthorTypesController < ApplicationController +class Admin::JournalPaperAuthorTypesController < OrbitMemberController + before_action :allow_admin_only before_action :set_journal_paper_author_type, only: [:edit, :update, :destroy] def initialize diff --git a/app/controllers/admin/journal_paper_types_controller.rb b/app/controllers/admin/journal_paper_types_controller.rb index a9471d9..b7144a6 100644 --- a/app/controllers/admin/journal_paper_types_controller.rb +++ b/app/controllers/admin/journal_paper_types_controller.rb @@ -1,5 +1,5 @@ -class Admin::JournalPaperTypesController < ApplicationController - +class Admin::JournalPaperTypesController < OrbitMemberController + before_action :allow_admin_only before_action :set_journal_paper_type, only: [:edit, :update, :destroy] def initialize diff --git a/app/controllers/admin/journal_papers_controller.rb b/app/controllers/admin/journal_papers_controller.rb index 2b47643..9f21bfb 100644 --- a/app/controllers/admin/journal_papers_controller.rb +++ b/app/controllers/admin/journal_papers_controller.rb @@ -8,6 +8,8 @@ class Admin::JournalPapersController < OrbitMemberController before_action :find_journal_paper, only: [:destroy] before_action :set_plugin + before_action :need_access_right + before_action :allow_admin_only, :only => [:index, :writing_journal_setting] def index @writing_journals = JournalPaper.order_by(:year=>'desc').page(params[:page]).per(10) @@ -39,7 +41,7 @@ class Admin::JournalPapersController < OrbitMemberController @journal_paper = JournalPaper.new(journal_paper_attributes) respond_to do |format| if @journal_paper.save - format.html { redirect_to admin_journal_papers_path } + format.html { redirect_to params['referer_url'] } format.json { render action: 'show', status: :created, location: @journal_paper } else format.html { render action: 'new' } @@ -53,7 +55,7 @@ class Admin::JournalPapersController < OrbitMemberController respond_to do |format| if @journal_paper.update_attributes(journal_paper_attributes) - format.html { redirect_to admin_journal_papers_path } + format.html { redirect_to params['referer_url'] } # format.js { render 'toggle_enable' } format.json { head :no_content } else diff --git a/app/controllers/journal_papers_controller.rb b/app/controllers/journal_papers_controller.rb index c7aa0ab..c12d904 100644 --- a/app/controllers/journal_papers_controller.rb +++ b/app/controllers/journal_papers_controller.rb @@ -22,8 +22,10 @@ class JournalPapersController < ApplicationController end def show - params = OrbitHelper.params - journal_paper = JournalPaper.find_by(uid: params[:uid]) + params = OrbitHelper.params + journal_paper = JournalPaper.find_by(uid: params[:uid]) + field_to_show = ["year", "language", "vol_no", "issue_no", "form_to_start", "form_to_end", "total_pages", "isbn", "publication_date", "url", "note", "journal_title", "paper_title", "updated_at", "created_at", "uid", "journal_level_ids", "journal_paper_author_type_ids", "member_profile_id"] + publication_date = journal_paper.publication_date.to_date.strftime("%Y/%m/%d") rescue nil files = journal_paper.journal_paper_files.map{|file| { "file_url" => file.journal_file.url, "file_title" => (file.title.blank? ? File.basename(file.file.path) : file.title) } } rescue [] { diff --git a/app/views/admin/journal_papers/_form.html.erb b/app/views/admin/journal_papers/_form.html.erb index 7f4f119..793efd0 100644 --- a/app/views/admin/journal_papers/_form.html.erb +++ b/app/views/admin/journal_papers/_form.html.erb @@ -309,6 +309,7 @@
+ <%= f.submit t('submit'), class: 'btn btn-primary' %> <%= link_to t('cancel'), get_go_back, :class=>"btn" %>
diff --git a/app/views/admin/journal_papers/index.html.erb b/app/views/admin/journal_papers/index.html.erb index ca1d9eb..0d05fc8 100644 --- a/app/views/admin/journal_papers/index.html.erb +++ b/app/views/admin/journal_papers/index.html.erb @@ -14,7 +14,6 @@
<%= link_to content_tag(:i, nil, :class => 'icon-cog icon-white') + t('setting'), admin_writing_journal_setting_path, :class => 'btn btn-primary pull-right' %> - <%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_admin_journal_paper_path, :class => 'btn btn-primary pull-right' %>