forked from saurabh/orbit4-5
34 lines
1.0 KiB
Ruby
34 lines
1.0 KiB
Ruby
class OrbitMemberController < ApplicationController
|
|
include OrbitBackendHelper
|
|
|
|
before_action :authenticate_user, :check_aceess_rights, :set_module_app
|
|
layout "member"
|
|
|
|
def check_aceess_rights
|
|
@user_has_privileges = false
|
|
if current_user.is_admin?
|
|
@user_has_privileges = true
|
|
else
|
|
visited_user = MemberProfile.find_by(:uid => params[:id].split("-").last).user.id rescue nil
|
|
visited_user = MemberProfile.find_by(:uid => params[:member_id].split("-").last).user.id if visited_user.nil? rescue nil
|
|
visited_user = MemberProfile.find_by(:uid => params[:uid]).user.id if visited_user.nil? rescue nil
|
|
visited_user = MemberProfile.find(params[:member_profile_id]).user.id if visited_user.nil? rescue nil
|
|
if current_user.id == visited_user
|
|
@user_has_privileges = true
|
|
else
|
|
@user_has_privileges = false
|
|
end
|
|
end
|
|
end
|
|
|
|
def set_module_app
|
|
@module_app = ModuleApp.find_by_key("member")
|
|
end
|
|
|
|
def allow_admin_only
|
|
if !current_user.is_admin?
|
|
render_401
|
|
end
|
|
end
|
|
end
|