Updated Gallery with authorizations

2013-08-22 16:24:14 +08:00 · 2013-08-22 16:24:14 +08:00 · e75873273c
parent 4c217ec12f
commit e75873273c
4 changed files with 8 additions and 33 deletions
--- a/app/views/admin/default_index/_index.html.erb
+++ b/app/views/admin/default_index/_index.html.erb
@ -32,7 +32,6 @@
    </div>
  <% end %>
 <% end %>
-
 <%= index_table %>

 <%= @index_footer %>
--- a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/album_images_controller.rb
+++ b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/album_images_controller.rb
@ -3,15 +3,8 @@ class Panel::Gallery::BackEnd::AlbumImagesController < OrbitBackendController

 	# before_filter :force_order_for_visitor,:only=>[:index]
 	# before_filter :force_order_for_user#,:except => [:index]
-	before_filter :force_order_for_visitor,:only=>[:index,:show]
-	before_filter :force_order_for_user,:except => [:index,:show]
-	before_filter :for_app_sub_manager,:except => [:index,:show]
+
 	def show
-		if is_manager? || is_admin? || is_sub_manager?
-			@authenticated = true  #turn this value to false for view only
-		else
-			@authenticated = false
-		end
 		@tags = get_tags
 		@image = GalleryImage.find(params[:id])
 		@albumid = @image.gallery_album_id
--- a/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/albums_controller.rb
+++ b/vendor/built_in_modules/gallery/app/controllers/panel/gallery/back_end/albums_controller.rb
@ -1,15 +1,15 @@
 class Panel::Gallery::BackEnd::AlbumsController < OrbitBackendController
+  open_for_visitor :only => [:index, :show]
+  open_for_manager :except => [:index,:show,:update]
+  open_for_sub_manager :except => [:index, :show]

  # before_filter lambda
  
  def index
    @categories = get_categories_for_index
-    @albums = GalleryAlbum.all  
    @tags = get_tags
-    @c = []
-    @ac = @c.inject(@categories,:<<)
-    @album_category = @albums.map { |a| @categories.include?(a.category_id) } 
-
+    category_ids = @categories.collect{|t| t.id}
+    @albums = get_sorted_and_filtered("gallery_album", :category_id.in => category_ids)
  end

  def show
@ -124,19 +124,7 @@ class Panel::Gallery::BackEnd::AlbumsController < OrbitBackendController
                   tag_ids: values.tag_ids,
                   tag_names: tags}
    end
-    if is_manager? || is_admin? || is_sub_manager?
-      @authenticated = true  #turn this value to false for view only
-    else
-      @authenticated = false
-    end
-    if @authenticated
      render :json=>{"images" => @output, "tags" => @album.tag_ids}.to_json
-    else
-      @album.tag_ids.each do |tag|
-        @tag_names << GalleryTag.find(tag)[I18n.locale]
-      end
-      render :json=>{"images" => @output, "tags" => @album.tag_ids, "tag_names" => @tag_names}.to_json
-    end
  end


@ -175,11 +163,6 @@ class Panel::Gallery::BackEnd::AlbumsController < OrbitBackendController
  def update
    @album = GalleryAlbum.find(params[:id])
    @album.update_attributes(params[:gallery_album])
-    if is_manager? || is_admin? || is_sub_manager?
-      @authenticated = true  #turn this value to false for view only
-    else
-      @authenticated = false
-    end
    if params['delete_cover'] == "true"
      @album.update_attributes(:cover=>"default")
    end
--- a/vendor/built_in_modules/gallery/app/models/gallery_image.rb
+++ b/vendor/built_in_modules/gallery/app/models/gallery_image.rb
@ -1,5 +1,5 @@
 class GalleryImage
-	include Mongoid::Document
+  include Mongoid::Document
  include Mongoid::Timestamps
  include OrbitTag::Taggable