Commit 4d6a766f51ba0564eab793e554d89c7061090760
1 parent
cafedbe4
Exists in
master
and in
22 other branches
ActionItem177: applied access control on the admin controllers and added a new m…
…igration to add new permissions to the system roles git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@1519 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
4 changed files
with
26 additions
and
1 deletions
Show diff stats
app/controllers/admin/edit_template_controller.rb
| 1 | class EditTemplateController < AdminController | 1 | class EditTemplateController < AdminController |
| 2 | 2 | ||
| 3 | + protect 'edit_environment_design', :environment | ||
| 4 | + | ||
| 3 | #FIXME | 5 | #FIXME |
| 4 | #design_editor :holder => 'environment', :autosave => true, :block_types => :block_types | 6 | #design_editor :holder => 'environment', :autosave => true, :block_types => :block_types |
| 5 | 7 |
app/controllers/admin/environment_design_controller.rb
| 1 | class EnvironmentDesignController < BoxOrganizerController | 1 | class EnvironmentDesignController < BoxOrganizerController |
| 2 | 2 | ||
| 3 | + protect 'edit_environment_design' | ||
| 4 | + | ||
| 3 | def available_blocks | 5 | def available_blocks |
| 4 | @available_blocks ||= [ LoginBlock, EnvironmentStatisticsBlock, RecentDocumentsBlock, ProfileListBlock ] | 6 | @available_blocks ||= [ LoginBlock, EnvironmentStatisticsBlock, RecentDocumentsBlock, ProfileListBlock ] |
| 5 | end | 7 | end |
app/controllers/admin/region_validators_controller.rb
| @@ -2,7 +2,7 @@ class RegionValidatorsController < ApplicationController | @@ -2,7 +2,7 @@ class RegionValidatorsController < ApplicationController | ||
| 2 | 2 | ||
| 3 | before_filter :load_region_and_search, :except => 'index' | 3 | before_filter :load_region_and_search, :except => 'index' |
| 4 | 4 | ||
| 5 | -# protect 'manage_environment_validators', :environment | 5 | + protect 'manage_environment_validators', :environment |
| 6 | 6 | ||
| 7 | def index | 7 | def index |
| 8 | @regions = Region.top_level_for(environment) | 8 | @regions = Region.top_level_for(environment) |
| @@ -0,0 +1,21 @@ | @@ -0,0 +1,21 @@ | ||
| 1 | +class NewPermissions < ActiveRecord::Migration | ||
| 2 | + def self.up | ||
| 3 | + admin = Role.find_by_key('profile_admin') | ||
| 4 | + admin.permissions += ['manage_friends', 'validate_enterprise', 'peform_task'] | ||
| 5 | + admin.save | ||
| 6 | + | ||
| 7 | + moderator = Role.find_by_key('profile_moderator') | ||
| 8 | + moderator.permissions += ['manage_friends', 'peform_task'] | ||
| 9 | + moderator.save | ||
| 10 | + end | ||
| 11 | + | ||
| 12 | + def self.down | ||
| 13 | + admin = Role.find_by_key('profile_admin') | ||
| 14 | + admin.permissions -= ['manage_friends', 'validate_enterprise', 'peform_task'] | ||
| 15 | + admin.save | ||
| 16 | + | ||
| 17 | + moderator = Role.find_by_key('profile_moderator') | ||
| 18 | + moderator.permissions -= ['manage_friends', 'peform_task'] | ||
| 19 | + moderator.save | ||
| 20 | + end | ||
| 21 | +end |