Sha256: ffa27f387fab90f0b2b479728888748b8b9d798c864612557a41b40353892124
Contents?: true
Size: 801 Bytes
Versions: 2
Compression:
Stored size: 801 Bytes
Contents
PageControllerExtensions = Proc.new do
only_allow_access_to :new, :edit, :create, :update, :remove, :destroy,
:if => :user_is_in_page_group,
:denied_url => :back,
:denied_message => "You must have group privileges to perform this action."
def user_is_in_page_group
return true if current_user.admin? || current_user.designer_or_developer?
page = Page.find(params[:id] || params[:page_id] || params[:parent_id] || params[:page][:parent_id])
until page.nil? do
return true if page.group_owners.include? current_user
page = page.parent
end
return false
end
before_filter :disallow_group_edits
def disallow_group_edits
if params[:page] && !current_user.admin?
params[:page].delete(:group_id.to_s)
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| radiant-page_group_permissions-extension-1.0.1 | lib/controller_extensions.rb |
| radiant-page_group_permissions-extension-1.0.0 | lib/controller_extensions.rb |