Permalink
Browse files

Permission updates and issue with category id

  • Loading branch information...
gbprz committed Nov 3, 2015
1 parent 3b7d5d9 commit e3447d40ba6b086b1437abbe59f868c1d5751d4f
@@ -14,5 +14,11 @@ def permitted_categories
@permitted_categories = upload_permitted_categories
end
=end
+
+ def user_admin?
+ if current_user.nil? or !current_user.is_admin
+ redirect_to "/"
+ end
+ end
end
@@ -1,6 +1,6 @@
class CategoriesController < ApplicationController
- before_filter :admin?, except: [:index, :show, :create_subcategory]
+ before_filter :user_admin?, except: [:index, :show, :create_subcategory]
# GET /categories
def index
@@ -15,7 +15,7 @@ def index
# GET /categories/:id
def show
# Get category and its subcategories
- @category = Category.find params[:id]
+ @category = Category.find params[:category_id]
@subcategories = @category.children.sort_by {|c| c.name}
@groups = Group.order(:name).all.map {|group| [group.name, group.id]}
@@ -61,7 +61,7 @@ def create
def create_subcategory
# Get parent category the new subcategory will be under
- @parent_category = Category.find_by_id(params[:id])
+ @parent_category = Category.find_by_id(params[:category_id])
# Check hidden field value for invalid parent category
if @parent_category.nil?
@@ -86,21 +86,21 @@ def create_subcategory
end
def edit
- @category = Category.find_by_id(params[:id])
+ @category = Category.find_by_id(params[:category_id])
# Get categories and groups for selection dropdowns
@categories = Category.all.map {|cat| [cat.name, cat.id]}
@categories.delete([@category.name, @category.id])
@groups = Group.all.map {|group| [group.name, group.id]}
end
def update
- @category = Category.find_by_id(params[:id])
+ @category = Category.find_by_id(params[:category_id])
@category.update_attributes(category_params)
redirect_to edit_category_path(@category)
end
def destroy
- @category = Category.find_by_id(params[:id]).destroy
+ @category = Category.find_by_id(params[:category_id]).destroy
redirect_to manage_categories_path
end
@@ -109,7 +109,7 @@ def manage
end
def subcategories
- @subcategories = Category.find(params[:id]).children.sort_by{|c| c.name}
+ @subcategories = Category.find(params[:category_id]).children.sort_by{|c| c.name}
@subcategories = @subcategories.map{|c| c.subcategories_json}
render json: @subcategories
end
@@ -1,6 +1,6 @@
class GroupsController < ApplicationController
- before_filter :admin?, except: [:show]
+ before_filter :user_admin?, except: [:show]
def index
@groups = Group.all.page(params[:page])
@@ -2,6 +2,7 @@ class SessionsController < ApplicationController
def new
cas_hash = request.env["omniauth.auth"]
+ cas_hash[:uid].downcase!
if User.find_by_username(cas_hash[:uid]).nil?
user = User.new(username: cas_hash[:uid], email: cas_hash[:uid] + "@rpi.edu", is_admin: 0, full_name: cas_hash[:uid])
@@ -1,6 +1,6 @@
class UsersController < ApplicationController
- before_filter :admin?, except: [:show, :edit, :manage_groups]
+ before_filter :user_admin?, except: [:show, :edit, :manage_groups]
def index
@users = User.order("username ASC").all.page(params[:page])
@@ -32,7 +32,7 @@
<p>
<%= render partial: "categories/subcategory_form", locals: {
category: Category.new,
- category_url: create_subcategory_category_path(params[:id]),
+ category_url: create_subcategory_category_path(params[:category_id]),
title: "New Subcategory" }
%>
</p>
@@ -50,7 +50,7 @@
<p>
<%= render partial: "categories/subcategory_form", locals: {
category: @category,
- category_url: category_path(params[:id]),
+ category_url: category_path(params[:category_id]),
title: "Edit Subcategory" }
%>
</p>
@@ -21,7 +21,7 @@
<div class="category-tree-scroll">
<!-- Upload -->
<div class="upload-container">
- <%= link_to new_document_path(category_id: params[:id]) do %>
+ <%= link_to new_document_path(category_id: params[:category_id]) do %>
<paper-button class="upload" role="button">
<i class="fa fa-file"> Upload </i>
</paper-button>
View
@@ -36,7 +36,7 @@
end
end
- resources :categories do
+ resources :categories, param: :category_id do
member do
get :subcategories
post :create_subcategory

0 comments on commit e3447d4

Please sign in to comment.