Fix for authorization

Dashboard and page authorisation
This commit is contained in:
chris 2013-08-23 12:08:33 +08:00
parent 399dfad392
commit 45e987d6f5
3 changed files with 4 additions and 12 deletions

View File

@ -1,10 +1,6 @@
class Admin::DashboardsController < OrbitBackendController class Admin::DashboardsController < OrbitBackendController
#before_filter :set_current_user open_for_visitor
#before_filter :authenticate_user!, :except => [:index]
# before_filter :is_admin?
#prepend_before_filter :set_public
layout "basic_back_end" layout "basic_back_end"

View File

@ -202,6 +202,8 @@ module OrbitCoreLib
module InstanceMethods module InstanceMethods
protected protected
def can_use def can_use
setup_vars
set_current_user
if @user_type if @user_type
@user_type.each do |user_type| @user_type.each do |user_type|
open = false open = false
@ -220,14 +222,10 @@ module OrbitCoreLib
visitor ||= true visitor ||= true
end end
check_backend_openness if visitor check_backend_openness if visitor
setup_vars
set_current_user
authenticate_user! unless visitor authenticate_user! unless visitor
redirect_to root_url unless open redirect_to root_url unless open
end end
else else
setup_vars
set_current_user
authenticate_user! authenticate_user!
check_user_can_use check_user_can_use
end end

View File

@ -1,8 +1,6 @@
class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController class Panel::PageContent::BackEnd::PageContextsController < OrbitBackendController
prepend_before_filter :set_public, :only => [:index] open_for_visitor :only => [:index]
#before_filter :is_admin?
def index def index
@page_contexts = (params.has_key?:sort)? get_sorted_and_filtered("page_contexts", {:archived => false}) : get_sorted_page_from_structure @page_contexts = (params.has_key?:sort)? get_sorted_and_filtered("page_contexts", {:archived => false}) : get_sorted_page_from_structure