forked from saurabh/personal-journal
add authorization
This commit is contained in:
parent
c503d45791
commit
e9e29da1fc
|
@ -1,4 +1,5 @@
|
||||||
class Admin::JournalLevelsController < ApplicationController
|
class Admin::JournalLevelsController < OrbitMemberController
|
||||||
|
before_action :allow_admin_only
|
||||||
before_action :set_journal_level, only: [:edit, :update, :destroy]
|
before_action :set_journal_level, only: [:edit, :update, :destroy]
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
class Admin::JournalPaperAuthorTypesController < ApplicationController
|
class Admin::JournalPaperAuthorTypesController < OrbitMemberController
|
||||||
|
before_action :allow_admin_only
|
||||||
before_action :set_journal_paper_author_type, only: [:edit, :update, :destroy]
|
before_action :set_journal_paper_author_type, only: [:edit, :update, :destroy]
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
class Admin::JournalPaperTypesController < ApplicationController
|
class Admin::JournalPaperTypesController < OrbitMemberController
|
||||||
|
before_action :allow_admin_only
|
||||||
before_action :set_journal_paper_type, only: [:edit, :update, :destroy]
|
before_action :set_journal_paper_type, only: [:edit, :update, :destroy]
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
|
|
|
@ -8,6 +8,8 @@ class Admin::JournalPapersController < OrbitMemberController
|
||||||
before_action :find_journal_paper, only: [:destroy]
|
before_action :find_journal_paper, only: [:destroy]
|
||||||
before_action :set_plugin
|
before_action :set_plugin
|
||||||
|
|
||||||
|
before_action :need_access_right
|
||||||
|
before_action :allow_admin_only, :only => [:index, :writing_journal_setting]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@writing_journals = JournalPaper.order_by(:year=>'desc').page(params[:page]).per(10)
|
@writing_journals = JournalPaper.order_by(:year=>'desc').page(params[:page]).per(10)
|
||||||
|
@ -39,7 +41,7 @@ class Admin::JournalPapersController < OrbitMemberController
|
||||||
@journal_paper = JournalPaper.new(journal_paper_attributes)
|
@journal_paper = JournalPaper.new(journal_paper_attributes)
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
if @journal_paper.save
|
if @journal_paper.save
|
||||||
format.html { redirect_to admin_journal_papers_path }
|
format.html { redirect_to params['referer_url'] }
|
||||||
format.json { render action: 'show', status: :created, location: @journal_paper }
|
format.json { render action: 'show', status: :created, location: @journal_paper }
|
||||||
else
|
else
|
||||||
format.html { render action: 'new' }
|
format.html { render action: 'new' }
|
||||||
|
@ -53,7 +55,7 @@ class Admin::JournalPapersController < OrbitMemberController
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
if @journal_paper.update_attributes(journal_paper_attributes)
|
if @journal_paper.update_attributes(journal_paper_attributes)
|
||||||
format.html { redirect_to admin_journal_papers_path }
|
format.html { redirect_to params['referer_url'] }
|
||||||
# format.js { render 'toggle_enable' }
|
# format.js { render 'toggle_enable' }
|
||||||
format.json { head :no_content }
|
format.json { head :no_content }
|
||||||
else
|
else
|
||||||
|
|
|
@ -24,6 +24,8 @@ class JournalPapersController < ApplicationController
|
||||||
def show
|
def show
|
||||||
params = OrbitHelper.params
|
params = OrbitHelper.params
|
||||||
journal_paper = JournalPaper.find_by(uid: params[:uid])
|
journal_paper = JournalPaper.find_by(uid: params[:uid])
|
||||||
|
field_to_show = ["year", "language", "vol_no", "issue_no", "form_to_start", "form_to_end", "total_pages", "isbn", "publication_date", "url", "note", "journal_title", "paper_title", "updated_at", "created_at", "uid", "journal_level_ids", "journal_paper_author_type_ids", "member_profile_id"]
|
||||||
|
|
||||||
publication_date = journal_paper.publication_date.to_date.strftime("%Y/%m/%d") rescue nil
|
publication_date = journal_paper.publication_date.to_date.strftime("%Y/%m/%d") rescue nil
|
||||||
files = journal_paper.journal_paper_files.map{|file| { "file_url" => file.journal_file.url, "file_title" => (file.title.blank? ? File.basename(file.file.path) : file.title) } } rescue []
|
files = journal_paper.journal_paper_files.map{|file| { "file_url" => file.journal_file.url, "file_title" => (file.title.blank? ? File.basename(file.file.path) : file.title) } } rescue []
|
||||||
{
|
{
|
||||||
|
|
|
@ -309,6 +309,7 @@
|
||||||
|
|
||||||
<!-- Form Actions -->
|
<!-- Form Actions -->
|
||||||
<div class="form-actions">
|
<div class="form-actions">
|
||||||
|
<input type="hidden" name="referer_url" value="<%= request.referer %>">
|
||||||
<%= f.submit t('submit'), class: 'btn btn-primary' %>
|
<%= f.submit t('submit'), class: 'btn btn-primary' %>
|
||||||
<%= link_to t('cancel'), get_go_back, :class=>"btn" %>
|
<%= link_to t('cancel'), get_go_back, :class=>"btn" %>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -14,7 +14,6 @@
|
||||||
<div class="bottomnav clearfix">
|
<div class="bottomnav clearfix">
|
||||||
<div class="action pull-right">
|
<div class="action pull-right">
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-cog icon-white') + t('setting'), admin_writing_journal_setting_path, :class => 'btn btn-primary pull-right' %>
|
<%= link_to content_tag(:i, nil, :class => 'icon-cog icon-white') + t('setting'), admin_writing_journal_setting_path, :class => 'btn btn-primary pull-right' %>
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-plus icon-white') + t('announcement.add_new'), new_admin_journal_paper_path, :class => 'btn btn-primary pull-right' %>
|
|
||||||
</div>
|
</div>
|
||||||
<div class="pagination pagination-centered">
|
<div class="pagination pagination-centered">
|
||||||
<%= content_tag :div, paginate(@writing_journals), class: "pagination pagination-centered" %>
|
<%= content_tag :div, paginate(@writing_journals), class: "pagination pagination-centered" %>
|
||||||
|
|
|
@ -23,8 +23,7 @@
|
||||||
@filter = {new_filter[:type] => [new_filter[:id].to_s]}
|
@filter = {new_filter[:type] => [new_filter[:id].to_s]}
|
||||||
end
|
end
|
||||||
|
|
||||||
is_autorized_user = (current_user==@member.user || current_user.is_admin?)
|
if has_access?
|
||||||
if is_autorized_user
|
|
||||||
@writing_journals = JournalPaper.where(member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
@writing_journals = JournalPaper.where(member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
||||||
else
|
else
|
||||||
@writing_journals = JournalPaper.where(is_hidden: false, member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
@writing_journals = JournalPaper.where(is_hidden: false, member_profile_id: @member.id).desc(:year).page(params[:page]).per(10)
|
||||||
|
@ -32,7 +31,7 @@
|
||||||
|
|
||||||
%>
|
%>
|
||||||
|
|
||||||
<% if current_user.is_admin? %>
|
<% if has_access? %>
|
||||||
<div class="list-active">
|
<div class="list-active">
|
||||||
<div class="btn-group">
|
<div class="btn-group">
|
||||||
<%= link_to('Hide', '#', :class => "btn btn-mini list-active-btn disabled", "data-check-action" => "list-be-hide", :rel => data_share_admin_journal_papers_path(member_profile_id: params[:id], disable: 'true') ) %>
|
<%= link_to('Hide', '#', :class => "btn btn-mini list-active-btn disabled", "data-check-action" => "list-be-hide", :rel => data_share_admin_journal_papers_path(member_profile_id: params[:id], disable: 'true') ) %>
|
||||||
|
@ -44,7 +43,7 @@
|
||||||
<table class="table table-condensed table-striped main-list">
|
<table class="table table-condensed table-striped main-list">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<% if current_user.is_admin? %>
|
<% if has_access? %>
|
||||||
<th><input type="checkbox" /></th>
|
<th><input type="checkbox" /></th>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<th class="span1"><%= t('personal_journal.year') %></th>
|
<th class="span1"><%= t('personal_journal.year') %></th>
|
||||||
|
@ -59,7 +58,7 @@
|
||||||
<% @writing_journals.each do |writing_journal| %>
|
<% @writing_journals.each do |writing_journal| %>
|
||||||
|
|
||||||
<tr id="<%= dom_id writing_journal %>" class="<%= writing_journal.is_hidden ? "checkHide" : "" %>">
|
<tr id="<%= dom_id writing_journal %>" class="<%= writing_journal.is_hidden ? "checkHide" : "" %>">
|
||||||
<% if is_admin? %>
|
<% if has_access? %>
|
||||||
<td>
|
<td>
|
||||||
<%= check_box_tag 'to_change[]', writing_journal.id.to_s, false, :class => "list-check" %>
|
<%= check_box_tag 'to_change[]', writing_journal.id.to_s, false, :class => "list-check" %>
|
||||||
</td>
|
</td>
|
||||||
|
@ -69,8 +68,10 @@
|
||||||
<%= link_to writing_journal.create_link, page_for_journal_paper(writing_journal), target: "blank"%>
|
<%= link_to writing_journal.create_link, page_for_journal_paper(writing_journal), target: "blank"%>
|
||||||
<div class="quick-edit">
|
<div class="quick-edit">
|
||||||
<ul class="nav nav-pills hide">
|
<ul class="nav nav-pills hide">
|
||||||
|
<% if has_access? %>
|
||||||
<li><%= link_to t('edit'), edit_admin_journal_paper_path(writing_journal, member_profile_id: @member.id) %></li>
|
<li><%= link_to t('edit'), edit_admin_journal_paper_path(writing_journal, member_profile_id: @member.id) %></li>
|
||||||
<li><%= link_to t(:delete_), admin_journal_paper_path(id: writing_journal.id, member_profile_id: @member.id), method: :delete, remote: true, data: { confirm: t('sure?') } %></li>
|
<li><%= link_to t(:delete_), admin_journal_paper_path(id: writing_journal.id, member_profile_id: @member.id), method: :delete, remote: true, data: { confirm: t('sure?') } %></li>
|
||||||
|
<% end %>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -83,13 +84,13 @@
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
<% if current_user.is_admin? %>
|
<% if has_access? %>
|
||||||
<div class="bottomnav clearfix">
|
<div class="bottomnav clearfix">
|
||||||
|
|
||||||
<div class="action pull-right">
|
<div class="action pull-right">
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-plus') + t('personal_plugins.edit_brief_intro'),admin_journal_paper_intros_path(member_profile_id: @member.id), :class => 'btn btn-primary' %>
|
<%= link_to content_tag(:i, nil, :class => 'icon-edit') +' '+ t('setting'),admin_journal_paper_intros_path(member_profile_id: @member.id), :class => 'btn btn-primary' %>
|
||||||
|
|
||||||
<%= link_to content_tag(:i, nil, :class => 'icon-plus') + t('announcement.add_new'), new_admin_journal_paper_path(member_profile_id: @member.id), :class => 'btn btn-primary' %>
|
<%= link_to content_tag(:i, nil, :class => 'icon-plus') + t('new_'), new_admin_journal_paper_path(member_profile_id: @member.id), :class => 'btn btn-primary' %>
|
||||||
</div>
|
</div>
|
||||||
<div class="pagination pagination-centered">
|
<div class="pagination pagination-centered">
|
||||||
<%= paginate @writing_journals, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil} %>
|
<%= paginate @writing_journals, :params => {:direction => params[:direction], :sort => params[:sort], :filter => @filter, :new_filter => nil} %>
|
||||||
|
|
Loading…
Reference in New Issue