alex
/
orbit4-5
forked from saurabh/orbit4-5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed authorizations

This commit is contained in:
Harry Bomrah 2014-11-13 19:50:19 +08:00
parent 26192b8757
commit 58bea99430
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/helpers/orbit_backend_helper.rb
View File

@ -138,8 +138,11 @@ module OrbitBackendHelper
end end
def can_edit_or_delete?(obj) def can_edit_or_delete?(obj)
create_user = obj.create_user_id.to_s rescue nil
if @user_authenticated_categories.first == "all" if @user_authenticated_categories.first == "all"
return true return true
elsif current_user.is_sub_manager?(@module_app) && !create_user.nil?
create_user == current_user.id.to_s
else else
@user_authenticated_categories.include?obj.category_id rescue (current_user.is_manager?(@module_app) rescue false) @user_authenticated_categories.include?obj.category_id rescue (current_user.is_manager?(@module_app) rescue false)
end end