Permalink
Browse files

Validations, protect ApplicationController, Fix images

  • Loading branch information...
1 parent 8a50dce commit f52d119b73419ae8908751ca6dd9d9b21fd2102e Angelo Grossini committed Mar 2, 2012
Showing with 16 additions and 5 deletions.
  1. +3 −2 app/mailers/membership_mailer.rb
  2. +2 −2 lib/memberships/member.rb
  3. +11 −1 lib/refinerycms-memberships.rb
@@ -40,7 +40,8 @@ def member_email(email, member)
html = extract_images(html)
text = html_to_text(html)
- mail(:to => member.email, :subject => @email.subject) do |format|
+ mail(:from => RefinerySetting.find_or_set("memberships_sender_address", nil),
+ :to => member.email, :subject => @email.subject) do |format|
format.text { render :text => text }
format.html { render :text => html }
end
@@ -90,7 +91,7 @@ def extract_images(html)
image = v[:size] == 'original' ? record.image : record.thumbnail(v[:size].to_sym)
attachments.inline[image.name] = {
:mime_type => image.mime_type,
- :content => File::read(image.tempfile)
+ :content => File::read(image.tempfile.path)
}
v[:nodes].each do | node |
node['src'] = attachments[image.name].url
@@ -10,7 +10,7 @@ def self.per_page
acts_as_indexed :fields => [:first_name, :last_name]
- validates :first_name, :last_name, :title, :street_address, :city, :province, :postal_code, :presence => true
+ validates :first_name, :last_name, :street_address, :city, :province, :postal_code, :presence => true
attr_accessible :membership_level, :first_name, :last_name, :title, :organization,
:street_address, :city, :province, :postal_code, :phone, :fax, :website,
@@ -234,4 +234,4 @@ def remove_member_role
end
end
end
-end
+end
@@ -61,6 +61,16 @@ def self.per_page
#redirect user to the right page after login
ApplicationController.class_eval do
+ def render(*args)
+ Rails.logger.info @page.inspect
+ unless @page.nil? || self.class.name == 'PagesController' || self.class.name =~ /^Admin::/
+ redirect_to login_members_path(:redirect => request.fullpath, :member_login => true) unless @page.user_allowed?(current_user)
+ super *args if @page.user_allowed?(current_user)
+ else
+ super *args
+ end
+ end
+
protected
def after_sign_in_path_for(resource_or_scope)
@@ -129,7 +139,7 @@ def show
end
end
end # PagesController.class_eval
-
+
# show only admins in Users administration
::Admin::UsersController.class_eval do
def index

0 comments on commit f52d119

Please sign in to comment.