require 'rails_connector/cms_accessible' require 'fiona7/editing_env_check' require 'fiona7/access_permission_check' require 'fiona7/in_editable_view' module RailsConnector module CmsAccessible protected # changed to check live and read permissions def ensure_object_is_permitted begin cms_user = rsession && rsession.user? && rsession.user # CM down, user not found, etc ~> no user rescue => e cms_user = false end unless Fiona7::AccessPermissionCheck.new(@obj, request.env, current_user, cms_user).read_permitted? @obj = nil render_obj_error(403, "forbidden") return false end return true end # allow unreleased objects in editing mode def ensure_object_is_active return true if Fiona7::EditingEnvCheck.new(request.env).rtc_selected? unless @obj.active? @valid_from = @obj.valid_from @valid_until = @obj.valid_until @obj = nil render_obj_error(410, "gone") return false end return true end include Fiona7::InEditableView def self.included(base) base.__send__(:helper_method, :is_permitted) base.__send__(:helper_method, :scrivito_in_editable_view?) base.__send__(:helper_method, :fiona7_in_editable_view?) end end end