Fix page_parts_controller @widget_types and authorization for pages_controller

2014-05-29 12:08:56 +08:00 · 2014-05-29 12:08:56 +08:00 · 01e02e4703
parent 8ced18ad01
commit 01e02e4703
2 changed files with 9 additions and 0 deletions
--- a/app/controllers/page_parts_controller.rb
+++ b/app/controllers/page_parts_controller.rb
@ -35,6 +35,7 @@ class PagePartsController < ApplicationController
      @widget_types = []
      module_name = @subpart.module
      Dir.glob("#{Rails.root}/app/templates/#{@key}/modules/#{module_name.downcase}/*").each do |w|
+        next if File.ftype(w).eql?("directory")
        w = File.basename(w, ".*") 
        w = File.basename(w, ".*")
        @widget_types << w.gsub("_","") if w != "index" && w != "show"
@ -83,6 +84,7 @@ class PagePartsController < ApplicationController
    @select_number = part.sub_parts.count rescue 0
    @widget_types = []
    Dir.glob("#{Rails.root}/app/templates/#{@key}/modules/#{module_name.downcase}/*").each do |w|
+      next if File.ftype(w).eql?("directory")
      w = File.basename(w, ".*") 
      w = File.basename(w, ".*")
      @widget_types << w.gsub("_","") if w != "index" && w != "show"
--- a/app/controllers/pages_controller.rb
+++ b/app/controllers/pages_controller.rb
@ -6,6 +6,7 @@ class PagesController < ApplicationController
  layout :get_layout
  include PagesHelper
  before_filter :check_frontend_open, :only => [:home,:show]
+  before_filter :check_authorization, :except => [:home,:show]
  
  def index
  	@pages = Page.all
@ -285,4 +286,10 @@ class PagesController < ApplicationController
    end
  end

+  def check_authorization
+    if current_user.blank? or !current_user.is_admin?
+      redirect_to '/admin/dashboards'  
+    end
+  end
+
 end