optimization for authorization

2014-11-13 21:50:08 +08:00 · 2014-11-13 21:50:08 +08:00 · 1a3b7d43d1
parent 6192cff3a1
commit 1a3b7d43d1
2 changed files with 2 additions and 1 deletions
--- a/app/controllers/orbit_admin_controller.rb
+++ b/app/controllers/orbit_admin_controller.rb
@ -78,6 +78,7 @@ class OrbitAdminController < ApplicationController

  def load_authorized_categories
    @user_authenticated_categories = current_user.is_admin? ? ["all"] : current_user.approved_categories.collect{|c| c.id} rescue []
+    @current_user_is_sub_manager = current_user.is_sub_manager?(@module_app) rescue false
  end


--- a/app/helpers/orbit_backend_helper.rb
+++ b/app/helpers/orbit_backend_helper.rb
@ -141,7 +141,7 @@ module OrbitBackendHelper
    create_user = obj.create_user_id.to_s rescue nil
    if @user_authenticated_categories.first == "all"
      return true
-    elsif current_user.is_sub_manager?(@module_app) && !create_user.nil?
+    elsif @current_user_is_sub_manager && !create_user.nil?
        create_user == current_user.id.to_s 
    else
      @user_authenticated_categories.include?obj.category_id rescue (current_user.is_manager?(@module_app) rescue false)