seminar2/app/controllers/admin/seminar_review_results_cont...

54 lines
1.8 KiB
Ruby
Raw Normal View History

# encoding: utf-8
class Admin::SeminarReviewResultsController < OrbitAdminController
include Admin::SeminarsHelper
before_action ->(module_app = @app_title) { set_variables module_app }
before_action :set_seminar,:check_permission_for_seminar
def initialize
super
@app_title = "seminar"
end
def set_seminar
@seminar_signup_contribute = SeminarSignupContribute.find(params[:id]) rescue nil
@seminar_review_result = @seminar_signup_contribute.seminar_review_result rescue nil
@seminar_review_result = SeminarReviewResult.new if @seminar_review_result.nil?
@seminar = @seminar_signup_contribute.seminar_signup.seminar_main rescue nil
end
def check_manager_for_seminar
OrbitHelper.set_params(params,current_user)
access_level = OrbitHelper.user_access_level?
if (access_level.nil? || access_level == "user")
if (@seminar.organizer_id != current_user.member_profile_id rescue true)
render_401
end
end
end
def check_permission_for_seminar
OrbitHelper.set_params(params,current_user)
access_level = OrbitHelper.user_access_level?
if (access_level.nil? || access_level == "user")
unless (@seminar.reviewer_ids.include?(current_user.member_profile_id.to_s) rescue false) || (@seminar.organizer_id == current_user.member_profile_id rescue false)
render_401
else
@user_authenticated_categories = ['all']
end
end
end
def edit
OrbitHelper.set_params(params,current_user)
@form_index = 0
params[:controller] = "admin/seminars"
params[:action] = "edit_seminar_review"
end
def update
@seminar_signup_contribute.update_attributes(seminar_signup_contribute_params)
redirect_to params[:referer_url]
end
private
def seminar_signup_contribute_params
params.require(:seminar_signup_contribute).permit!
end
end