Skip to content
Browse files

protected_categories admin preference. closes gh-168

  • Loading branch information...
1 parent 47b8e6f commit 98442aa7cb699b2d82b50278360aaf4e2da9029d @herestomwiththeweather herestomwiththeweather committed
View
32 app/controllers/categories_controller.rb
@@ -1,7 +1,5 @@
class CategoriesController < ApplicationController
-
before_filter :login_required, :except => :index
- before_filter :authorize_change, :only => [:update, :destroy]
cache_sweeper :category_sweeper, :only => [:create, :update, :destroy]
# GET /categories
@@ -54,11 +52,13 @@ def create
@category = Category.new(params[:category])
respond_to do |format|
- if @category.save
+ if can?(:create, @category) && @category.save
flash[:success] = t('success_category_created')
format.html { redirect_to(@category) }
format.xml { render :xml => @category, :status => :created, :location => @category }
else
+ @category = Category.new
+ @all_categories = Category.find(:all, :order => "parent_id, name").sort_by { |a| a.long_name }
format.html { render :action => "new" }
format.xml { render :xml => @category.errors, :status => :unprocessable_entity }
end
@@ -71,11 +71,13 @@ def update
@category = Category.find(params[:id])
respond_to do |format|
- if @category.update_attributes(params[:category])
+ if can?(:update, @category) && @category.update_attributes(params[:category])
flash[:notice] = t('notice_category_updated')
format.html { redirect_to(@category) }
format.xml { head :ok }
else
+ @category = Category.find(params[:id])
+ @all_categories = Category.find(:all, :order => "parent_id, name").sort_by { |a| a.long_name }
format.html { render :action => "edit" }
format.xml { render :xml => @category.errors, :status => :unprocessable_entity }
end
@@ -86,20 +88,18 @@ def update
# DELETE /categories/1.xml
def destroy
@category = Category.find(params[:id])
- @category.destroy
respond_to do |format|
- format.html { redirect_to(categories_url) }
- format.xml { head :ok }
+ if can?(:destroy, @category)
+ @category.destroy
+ format.html { redirect_to(categories_url) }
+ format.xml { head :ok }
+ else
+ @top_level_categories = Category.find(:all, :conditions => "parent_id is NULL").sort_by {|a| a.name}
+ @categories = Category.find(:all).sort_by { |a| a.long_name }
+ format.html { render :action => "index" }
+ format.xml { render :xml => @category.errors, :status => :unprocessable_entity }
+ end
end
end
-
- private
-
- def authorize_change
- authorized = current_person.admin?
- flash[:error] = t('error_category_authorization')
- redirect_to home_url unless authorized
- end
-
end
View
1 app/controllers/people_controller.rb
@@ -126,6 +126,7 @@ def verify_email
def edit
logger.info "XXX id: #{params[:id]}"
+ @category = Category.new
@all_categories = Category.find(:all, :order => "parent_id, name").sort_by { |a| a.long_name }
@all_neighborhoods = Neighborhood.find(:all, :order => "parent_id, name").sort_by { |a| a.long_name }
respond_to do |format|
View
8 app/models/ability.rb
@@ -1,4 +1,5 @@
class Ability
+ extend PreferencesHelper
include CanCan::Ability
def initialize(person, access_token = nil)
@@ -48,8 +49,11 @@ def initialize(person, access_token = nil)
end
# adding category,neighborhood to rails_admin
- can [:read,:create], Category
- can [:update], Category do |category|
+ can :read, Category
+ can :create, Category do |category|
+ person.admin? || !(Ability.global_prefs.protected_categories?)
+ end
+ can [:update,:destroy], Category do |category|
person.admin?
end
View
1 app/models/preference.rb
@@ -39,6 +39,7 @@ class Preference < ActiveRecord::Base
:practice, :steps, :questions, :contact,
:registration_intro,
:agreement,
+ :protected_categories,
:zipcode_browsing,
:blog_feed_url,
:googlemap_api_key,
View
1 config/initializers/rails_admin.rb
@@ -154,6 +154,7 @@ class SendBroadcastEmail < RailsAdmin::Config::Actions::Base
field :gmail
field :email_notifications
field :email_verifications
+ field :protected_categories
field :zipcode_browsing
field :whitelist
field :registration_intro
View
5 db/migrate/20121005163824_add_protected_categories_to_preferences.rb
@@ -0,0 +1,5 @@
+class AddProtectedCategoriesToPreferences < ActiveRecord::Migration
+ def change
+ add_column :preferences, :protected_categories, :boolean, :default => false
+ end
+end
View
3 db/schema.rb
@@ -11,7 +11,7 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20121003190616) do
+ActiveRecord::Schema.define(:version => 20121005163824) do
create_table "accounts", :force => true do |t|
t.string "name"
@@ -521,6 +521,7 @@
t.integer "topic_refresh_seconds", :default => 30, :null => false
t.boolean "groups", :default => true, :null => false
t.string "alt_signup_link"
+ t.boolean "protected_categories", :default => false
end
create_table "rails_admin_histories", :force => true do |t|

0 comments on commit 98442aa

Please sign in to comment.
Something went wrong with that request. Please try again.