diff --git a/app/controllers/admin/module_apps_controller.rb b/app/controllers/admin/module_apps_controller.rb
index 440f81004..13075a422 100644
--- a/app/controllers/admin/module_apps_controller.rb
+++ b/app/controllers/admin/module_apps_controller.rb
@@ -101,7 +101,7 @@ class Admin::ModuleAppsController < ApplicationController
end
#user is not permited to do that
flash[:notice] = t('admin.app_auth.operation_not_permitted')
- redirect_to :action => "edit" # [TODO] maybe need to redirect to some other page
+ render :nothing => true, :status => 403
end
@@ -113,7 +113,7 @@ class Admin::ModuleAppsController < ApplicationController
end
#user is not permited to do that
flash[:notice] = t('admin.app_auth.operation_not_permitted')
- redirect_to :action => "edit" # [TODO] maybe need to redirect to some other page
+ render :nothing => true, :status => 403
end
end
\ No newline at end of file
diff --git a/app/controllers/admin/object_auths_controller.rb b/app/controllers/admin/object_auths_controller.rb
index a7a8dc419..58219acf2 100644
--- a/app/controllers/admin/object_auths_controller.rb
+++ b/app/controllers/admin/object_auths_controller.rb
@@ -27,8 +27,13 @@ class Admin::ObjectAuthsController < ApplicationController
def create
obj = eval(params[:object_auth][:type]).find params[:object_auth][:obj_id]
- @object_auth=obj.object_auths.create :title=> params[:object_auth][:title]
- redirect_to edit_admin_object_auth_path(@object_auth)
+ @object_auth=obj.object_auths.build :title=> params[:object_auth][:title]
+ if @object_auth.save
+ redirect_to edit_admin_object_auth_path(@object_auth)
+ else
+ flash[:error] = t('admin.object.a_object_must_have_only_one_object_auth_profile_for_each_action')
+ redirect_to (:back)
+ end
end
def create_role
diff --git a/app/models/object_auth.rb b/app/models/object_auth.rb
index f67f99843..8932bb762 100644
--- a/app/models/object_auth.rb
+++ b/app/models/object_auth.rb
@@ -1,5 +1,6 @@
class ObjectAuth < PrototypeAuth
include OrbitCoreLib::ObjectTokenUnility
+ validates_uniqueness_of :obj_authable_type,:scope => :title #{ |c| }
belongs_to :obj_authable, polymorphic: true
# > - Something.find_with_auth(query)
# > - or Something.find(query).auth
diff --git a/app/views/admin/components/_user_role_management.html.erb b/app/views/admin/components/_user_role_management.html.erb
index 99cd72d71..cd9ca8ae7 100644
--- a/app/views/admin/components/_user_role_management.html.erb
+++ b/app/views/admin/components/_user_role_management.html.erb
@@ -1,7 +1,7 @@
All User
<%= form_tag(submit_url) do %>
- <%= check_box_tag 'auth_all',true,auth.all %><%= submit_tag 'Add Role' %>
+ <%= check_box_tag 'auth_all',true,(auth.all rescue true) %><%= submit_tag 'Add Role' %>
<% end %>
diff --git a/lib/tasks/user.rake b/lib/tasks/user.rake
index 31ed7c246..5189ee14f 100644
--- a/lib/tasks/user.rake
+++ b/lib/tasks/user.rake
@@ -5,7 +5,7 @@ namespace :user do
User.all(conditions: {email: /nor/}).destroy_all
username_list = %w{nor1 nor2 nor3 nor4 nor5 nor6 nor7}
- userfirstname_list_en = %w{ One Two Thre For Fiv Six Sen }
+ userfirstname_list_en = %w{ UserOne UserTwo Thre For Fiv Six Sen }
userlastname_list_en = %w{ Aa Bb Cc Dd Ee Ff Gg }
userfirstname_list_ct = %w{ 一一 二二 三三 四四 五五 六六 七七 }
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
index 6f4c1b7b1..53cc5f3d1 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@@ -145,7 +145,12 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
protected
def get_categorys(id = nil)
- @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
+ @bulletin_categorys = []
+ if(is_manager? || is_admin?)
+ @bulletin_categorys = (id ? BulletinCategory.find(id).to_a : BulletinCategory.excludes('disabled' => true))
+ elsif is_sub_manager?
+ @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
+ end
end
def get_sorted_bulletins
diff --git a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
index 1ef3b3007..dd4719589 100644
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/fact_checks_controller.rb
@@ -1,10 +1,18 @@
class Panel::Announcement::BackEnd::FactChecksController < OrbitBackendController
before_filter :authenticate_user!
+ include AdminHelper
layout 'admin'
def index
- @bulletin_categorys_preview = BulletinCategory.authed_for_user(current_user,'preview')
- @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
+ @bulletin_categorys_submit_new = []
+ @bulletin_categorys_check =[]
+ if is_admin? || is_manager?
+ #@bulletin_categorys_submit_new = BulletinCategory.all
+ @bulletin_categorys_check = BulletinCategory.all
+ # elsif is_sub_manager?
+ # @bulletin_categorys_submit_new = BulletinCategory.authed_for_user(current_user,'submit_new')
+ # @bulletin_categorys_check = BulletinCategory.authed_for_user(current_user,'fact_check')
+ end
end
def new
diff --git a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
index d86b17add..7daaf6db0 100644
--- a/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
+++ b/vendor/built_in_modules/announcement/app/models/bulletin_category.rb
@@ -5,7 +5,7 @@ class BulletinCategory
include Mongoid::Timestamps
include OrbitCoreLib::ObjectAuthable
- ObjectAuthTitlesOptions = %W{preview fact_check}
+ ObjectAuthTitlesOptions = %W{submit_new fact_check}
AfterObjectAuthUrl = '/panel/announcement/back_end/bulletin_categorys'
# include Mongoid::MultiParameterAttributes
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
index 87a2993c9..87b30a049 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/index.html.erb
@@ -1,22 +1,17 @@
<% content_for :secondary do %>
-
-
-
-
-
-
- - <%#= link_to t('bulletin_category.new_announcement_class'), new_panel_announcement_back_end_bulletin_category_path, :class => 'seclink1' %>
-
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
<% end -%>
<%= flash_messages %>
+
+
+
+
+
+
<%= t('bulletin_category.list_announcement_class') %>
-
-
-
-
-
+
<%= t('bulletin_category.key') %> |
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
index 5f8d064bc..296afb092 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletin_categorys/new.html.erb
@@ -1,15 +1,15 @@
-
-
-
-
-
<% content_for :secondary do %>
-
- - <%= link_to t('bulletin_category.index'), panel_announcement_back_end_bulletin_categorys_path, :class => 'seclink2' %>
-
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
<% end -%>
<%= flash_messages %>
+
+
+
+
+
+
+
<%= t('bulletin_category.new_announcement_class') %>
<%= form_for @bulletin_category, :url => panel_announcement_back_end_bulletin_categorys_path do |f| %>
<%= render :partial => 'form', :locals => {:f => f} %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
index 345a60a93..56cfd258a 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/edit.html.erb
@@ -4,4 +4,4 @@
<%= render :partial => 'form', :locals => {:f => f} %>
<% end %>
-<%= link_back %>
\ No newline at end of file
+<%= link_back %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
index 26e8926c1..fd2b29b5b 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/index.html.erb
@@ -1,4 +1,4 @@
-]<%= render 'filter' %>
+<%= render 'filter' %>
<%= render 'bulletins' %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
index ab0191ab7..74e1291ab 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/new.html.erb
@@ -1,6 +1,5 @@
-
<%= form_for @bulletin, :url => panel_announcement_back_end_bulletins_path do |f| %>
<%= render :partial => 'form', :locals => {:f => f} %>
<% end %>
-<%= link_back %>
\ No newline at end of file
+<%= link_back %>
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
index f02d91569..7b886e77f 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/bulletins/show.html.erb
@@ -1,10 +1,14 @@
-<% # encoding: utf-8 %>
+<% content_for :secondary do %>
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
+<% end -%>
+
+<%= flash_messages %>
-
-<%= flash_messages %>
+
+
-
diff --git a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
index 0f42ed4b1..6f878b068 100644
--- a/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
+++ b/vendor/built_in_modules/announcement/app/views/panel/announcement/back_end/fact_checks/index.html.erb
@@ -1,16 +1,5 @@
<% content_for :secondary do %>
-
-
-
-
-
-
- - <%= link_to t('bulletin.new_announcement'), new_panel_announcement_back_end_bulletin_path %>
- - <%= link_to t('bulletin.announcement_list'), panel_announcement_back_end_bulletins_path %>
- - <%= link_to t('bulletin.new_announcement_class'), panel_announcement_back_end_bulletin_categorys_path %>
- - <%= link_to t('bulletin.my_announcement_fact_check'), panel_announcement_back_end_fact_checks_path %>
-
-
+<%= render :partial => '/panel/announcement/back_end/announcement_secondary' %>
<% end -%>
<%= flash_messages %>
@@ -42,11 +31,7 @@
<%= t('bulletin.list_announcement') %>
-
-
Preview
- <%= render :partial => "list_table", :collection => @bulletin_categorys_preview,:as => :bulletin_category%>
-
-===================================================================================================================
+
Check Please
<%= render :partial => "list_table", :collection => @bulletin_categorys_check,:as => :bulletin_category%>
diff --git a/vendor/built_in_modules/announcement/config/routes.rb b/vendor/built_in_modules/announcement/config/routes.rb
index b707437e7..78425f33f 100644
--- a/vendor/built_in_modules/announcement/config/routes.rb
+++ b/vendor/built_in_modules/announcement/config/routes.rb
@@ -4,6 +4,7 @@ Rails.application.routes.draw do
namespace :back_end do
match 'public' => "announcements#public",:as => :public
resources :fact_checks
+ match 'list_mine' => "announcements#list_mine"
root :to => "bulletins#index"
resources :bulletins
resources :bulletin_categorys, :controller => 'bulletin_categorys' do