From 942d8d953aabcf8a71ee85ea7c5cf92285b31b52 Mon Sep 17 00:00:00 2001
From: Kevin Quinn <kevin@kevin-laptop.(none)>
Date: Sun, 17 Jul 2011 22:37:29 -0400
Subject: [PATCH] authenticate user on edit and destroy, if current user for
 those methods in index page, lot of work to do, but thats necessary for now

---
 app/controllers/stories_controller.rb | 2 +-
 app/views/stories/index.html.erb      | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/app/controllers/stories_controller.rb b/app/controllers/stories_controller.rb
index 66568b8..787cb48 100644
--- a/app/controllers/stories_controller.rb
+++ b/app/controllers/stories_controller.rb
@@ -1,6 +1,6 @@
 class StoriesController < ApplicationController
   
-  before_filter :authenticate_user!, :only => [:rate]
+  before_filter :authenticate_user!, :only => [:rate, :edit, :destroy]
   
   # GET /stories
   # GET /stories.xml
diff --git a/app/views/stories/index.html.erb b/app/views/stories/index.html.erb
index f63e0d3..3e19dab 100644
--- a/app/views/stories/index.html.erb
+++ b/app/views/stories/index.html.erb
@@ -17,11 +17,12 @@
     <td><%= story.title %></td>
     <td><%= story.content %></td>
     <td><%= story.address %></td>
-    <td><%= story.geocoded? %></td>
     <td><%= story.value %></td>
     <td><%= link_to 'Show', story %></td>
-    <td><%= link_to 'Edit', edit_story_path(story) %></td>
-    <td><%= link_to 'Destroy', story, :confirm => 'Are you sure?', :method => :delete %></td>
+    <% if current_user %>
+      <td><%= link_to 'Edit', edit_story_path(story) %></td>
+      <td><%= link_to 'Destroy', story, :confirm => 'Are you sure?', :method => :delete %></td>
+    <% end %>
   </tr>
 <% end %>
 </table>