update login redirect to referer url and fix check_user_can_use method

2014-08-15 10:29:17 +08:00 · 2014-08-15 10:29:17 +08:00 · 3435a7bfd3
parent fb8d36fc35
commit 3435a7bfd3
4 changed files with 23 additions and 17 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -12,9 +12,9 @@ class SessionsController < ApplicationController
    if (user && user.authenticate(params[:password]) && user.is_confirmed?.eql?(true))
      if user.is_approved? || user.is_admin?
        session[:user_id] = user.id
-        if session[:login_referer]
-          redirect_to session[:login_referer]
-          session[:login_referer] = nil
+        session[:login_referer] = nil
+        if params[:referer_url]
+          redirect_to params[:referer_url]
        else
          redirect_to admin_dashboards_path
        end
--- a/app/views/orbit_bar/index.html.erb
+++ b/app/views/orbit_bar/index.html.erb
@ -13,6 +13,7 @@
        </div>
        <div class="login-body">
          <%= form_tag "/sessions?locale=#{locale.to_s}", method: "post", :class => "container" do |f| %>
+            <input type="hidden" name="referer_url" value="<%= request.original_url %>">
            <div class="prepend">
              <span class="add"><i class="icon-user"></i></span>
              <input class="input" id="user_user_id" name="user_name" placeholder="<%= t("users.user_id") %>" size="30" type="text">
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@ -28,6 +28,7 @@
            <label class="checkbox">  
              <%= check_box_tag :remember_me %><small><%= label_tag :remember_me %></small>
            </label>
+            <input type="hidden" name="referer_url" value="<%= session[:login_referer] %>">
            <button class="btn btn-primary" name="button" type="submit"><%= t(:login) %></button>
          <% end %>
        </div>
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@ -78,27 +78,31 @@ module  OrbitCoreLib
        end
        if !permissions.empty?
          if !allow?(permissions["available_for"] || ["admin"])
-            render "public/401" , layout: "back_end"
+            render "public/401" , layout: "back_end" if !current_user.nil?
          end
        end
      end

       def allow?(af)
-          status = "users"
-          if current_user.is_admin?
-            status = "admin"
-          elsif current_user.is_manager?(@module_app)
-            status = "managers"
-          elsif current_user.is_manager_with_role?(@module_app)
-            status = "managers"
-          elsif current_user.is_sub_manager?(@module_app)
-            status = "sub_managers"
-          elsif current_user.is_sub_manager_with_role?(@module_app)
-            status = "sub_managers"
-          elsif current_user.is_normal_user?
+          if !current_user.nil?
            status = "users"
+            if current_user.is_admin?
+              status = "admin"
+            elsif current_user.is_manager?(@module_app)
+              status = "managers"
+            elsif current_user.is_manager_with_role?(@module_app)
+              status = "managers"
+            elsif current_user.is_sub_manager?(@module_app)
+              status = "sub_managers"
+            elsif current_user.is_sub_manager_with_role?(@module_app)
+              status = "sub_managers"
+            elsif current_user.is_normal_user?
+              status = "users"
+            end
+            return af.include?status
+          else
+            return false
          end
-          return af.include?status
      end
    end
  end