added non approved users can view profile and not rest of system

2014-10-20 18:50:36 +08:00 · 2014-10-20 18:50:36 +08:00 · 9c19a4a2fd
parent 6473abeb44
commit 9c19a4a2fd
11 changed files with 32 additions and 19 deletions
--- a/app/controllers/admin/dashboards_controller.rb
+++ b/app/controllers/admin/dashboards_controller.rb
@ -8,6 +8,7 @@ class Admin::DashboardsController < ApplicationController
    @module_app_contents, @module_app_contents_total = get_module_app_count(apps)
    @recent_updated = get_recently_updated(apps)
    @most_visited = get_most_visited(apps)
+    render_401 and return if !current_user.is_approved? rescue false
  end

  def get_cpu_usage
--- a/app/controllers/admin/members_controller.rb
+++ b/app/controllers/admin/members_controller.rb
@ -29,7 +29,9 @@ class Admin::MembersController < OrbitMemberController
      @filter = {@new_filter[:type] => [@new_filter[:id].to_s]}
    end

-        if @filter.blank? and @mq.blank?
+    render_401 and return if current_user.nil? || !current_user.is_approved?
+
+    if @filter.blank? and @mq.blank?

      render case params[:at]
        when 'summary'
@ -72,7 +74,7 @@ class Admin::MembersController < OrbitMemberController
      end

    end
-
+  
  end

  def show
@ -92,6 +94,7 @@ class Admin::MembersController < OrbitMemberController
    end

    get_info_and_roles
+    render_401 and return if current_user.nil? || (@member.id.to_s != current_user.member_profile.id.to_s && !current_user.is_approved?)
  end


--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -134,7 +134,9 @@ class ApplicationController < ActionController::Base
      
      redirect_to new_session_path if @current_user.nil?
      return true
-    else
+    elsif current_site.backend_openness_on
+      return true
+    elsif
      session[:login_referer] = request.url
      redirect_to new_session_path
      return false
--- a/app/controllers/orbit_admin_controller.rb
+++ b/app/controllers/orbit_admin_controller.rb
@ -77,7 +77,7 @@ class OrbitAdminController < ApplicationController
  end

  def load_authorized_categories
-    @user_authenticated_categories = current_user.is_admin? ? ["all"] : current_user.approved_categories.collect{|c| c.id}
+    @user_authenticated_categories = current_user.is_admin? ? ["all"] : current_user.approved_categories.collect{|c| c.id} rescue []
  end


--- a/app/controllers/orbit_member_controller.rb
+++ b/app/controllers/orbit_member_controller.rb
@ -6,14 +6,14 @@ class OrbitMemberController < ApplicationController

  def check_aceess_rights
  	@user_has_privileges = false
-  	if current_user.is_admin?
+    if (current_user.is_admin? rescue false)
  		@user_has_privileges = true
  	else
  		visited_user = MemberProfile.find_by(:uid => params[:id].split("-").last).user.id rescue nil
-              visited_user = MemberProfile.find_by(:uid => params[:member_id].split("-").last).user.id  if visited_user.nil? rescue nil
+      visited_user = MemberProfile.find_by(:uid => params[:member_id].split("-").last).user.id  if visited_user.nil? rescue nil
  		visited_user = MemberProfile.find_by(:uid => params[:uid]).user.id if visited_user.nil? rescue nil
  		visited_user = MemberProfile.find(params[:member_profile_id]).user.id if visited_user.nil? rescue nil
-	  	if current_user.id == visited_user
+	  	if (current_user.id == visited_user rescue false)
 	  		@user_has_privileges = true
 	  	else
 	  		@user_has_privileges = false
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -10,7 +10,7 @@ class SessionsController < ApplicationController
  def create
    user = User.find_by(user_name: params[:user_name]) rescue nil
    if (user && user.authenticate(params[:password]) && user.is_confirmed?.eql?(true))
-      if user.is_approved? || user.is_admin?
+      # if user.is_approved? || user.is_admin?
        session[:user_id] = user.id
        session[:login_referer] = nil
        if params[:referer_url]
@ -18,10 +18,10 @@ class SessionsController < ApplicationController
        else
          redirect_to admin_dashboards_path
        end
-      else
-        flash.now.alert = "User not approved."
-        render "new"
-      end
+      # else
+      #   flash.now.alert = "User not approved."
+      #   render "new"
+      # end
    else
      flash.now.alert = "Invalid username or password"
      render "new"
--- a/app/helpers/orbit_backend_helper.rb
+++ b/app/helpers/orbit_backend_helper.rb
@ -141,7 +141,7 @@ module OrbitBackendHelper
    if @user_authenticated_categories.first == "all"
      return true
    else
-      @user_authenticated_categories.include?obj.category_id rescue current_user.is_manager?(@module_app)
+      @user_authenticated_categories.include?obj.category_id rescue (current_user.is_manager?(@module_app) rescue false)
    end
  end

--- a/app/views/admin/dashboards/index.html.erb
+++ b/app/views/admin/dashboards/index.html.erb
@ -5,7 +5,7 @@
 <section id="main-wrap">
  <div class="wrap-inner initial">
  <div class="row-fluid">
-      <% if current_user.is_admin? %>
+      <% if (current_user.is_admin? rescue false) %>
      <div class="box span7">
        <div id='server_loading'>
          <%= render 'server_loading' %>
--- a/lib/orbit_app/helper/context_link_renderer.rb
+++ b/lib/orbit_app/helper/context_link_renderer.rb
@ -6,6 +6,7 @@ module ContextLinkRenderer
    @belong_module_app = belong_module_app
    @request = request
    @params = params
+    @site = Site.first
    @current_user = current_user
    @available_for = available_for
    if can_display?
@ -15,7 +16,9 @@ module ContextLinkRenderer

  def can_display?
  	status = "users"
-  	if @current_user.is_admin?
+    if @site.backend_openness_on && @current_user.nil?
+      status = "users"
+  	elsif @current_user.is_admin?
  		status = "admin"
  	elsif @current_user.is_manager?(@belong_module_app)
  		status = "managers"
--- a/lib/orbit_app/helper/side_bar_renderer.rb
+++ b/lib/orbit_app/helper/side_bar_renderer.rb
@ -8,6 +8,7 @@ module SideBarRenderer
    @current_module_app = current_module_app
    @request = request
    @params = params
+    @site = Site.first
    @current_user = user
    @app_available_for = af
    if display?
@ -27,6 +28,7 @@ module SideBarRenderer
    @current_module_app = current_module_app
    @request = request
    @params = params
+    @site = Site.first
    @current_user = user
    @app_available_for = available_for
    if display?
@ -44,7 +46,9 @@ module SideBarRenderer

   def display? #控制sidebar 要不要算圖
    status = "users"
-    if @current_user.is_admin?
+    if @site.backend_openness_on && @current_user.nil?
+      status = "users"
+    elsif @current_user.is_admin?
      status = "admin"
    elsif @current_user.is_manager?(@belong_module_app)
      status = "managers"
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@ -57,7 +57,7 @@ module  OrbitCoreLib
        end
        @module_authorized_users ||= Authorization.module_authorized_users(@module_app.id).pluck(:user_id) rescue nil
        
-        if current_user.nil?
+        if current_user.nil? && !current_site.backend_openness_on
          redirect_to new_session_path 
          return
        end
@ -65,7 +65,7 @@ module  OrbitCoreLib
        if !@module_app.nil?
          check_user_can_use
        else
-          if !current_user.is_admin?
+          if current_user.nil? || !current_user.is_admin?
            render "public/401"
          end
        end
@ -89,7 +89,7 @@ module  OrbitCoreLib
      end

       def allow?(af)
-          if !current_user.nil?
+          if !current_user.nil? && current_user.is_approved?
            status = "users"
            if current_user.is_admin?
              status = "admin"