alex
/
orbit4-5
forked from saurabh/orbit4-5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

optimization for authorization

This commit is contained in:
Harry Bomrah 2014-11-13 21:50:08 +08:00
parent 6192cff3a1
commit 1a3b7d43d1
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/orbit_admin_controller.rb
View File

@ -78,6 +78,7 @@ class OrbitAdminController < ApplicationController
def load_authorized_categories def load_authorized_categories
@user_authenticated_categories = current_user.is_admin? ? ["all"] : current_user.approved_categories.collect{|c| c.id} rescue [] @user_authenticated_categories = current_user.is_admin? ? ["all"] : current_user.approved_categories.collect{|c| c.id} rescue []
@current_user_is_sub_manager = current_user.is_sub_manager?(@module_app) rescue false
end end

2
app/helpers/orbit_backend_helper.rb
View File

@ -141,7 +141,7 @@ module OrbitBackendHelper
create_user = obj.create_user_id.to_s rescue nil create_user = obj.create_user_id.to_s rescue nil
if @user_authenticated_categories.first == "all" if @user_authenticated_categories.first == "all"
return true return true
elsif current_user.is_sub_manager?(@module_app) && !create_user.nil? elsif @current_user_is_sub_manager && !create_user.nil?
create_user == current_user.id.to_s create_user == current_user.id.to_s
else else
@user_authenticated_categories.include?obj.category_id rescue (current_user.is_manager?(@module_app) rescue false) @user_authenticated_categories.include?obj.category_id rescue (current_user.is_manager?(@module_app) rescue false)