From 4fd2a0c0aefd432ecb2d177d4c9c1714ef04bc2e Mon Sep 17 00:00:00 2001
From: Evandro Junior <evandrojr@gmail.com>
Date: Thu, 15 May 2014 11:57:52 -0300
Subject: [PATCH] Fixed permissions

---
 controllers/email_article_plugin_myprofile_controller.rb |  9 ++++++---
 lib/email_article_plugin.rb                              | 11 ++++-------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/controllers/email_article_plugin_myprofile_controller.rb b/controllers/email_article_plugin_myprofile_controller.rb
index c606668..b246b33 100644
--- a/controllers/email_article_plugin_myprofile_controller.rb
+++ b/controllers/email_article_plugin_myprofile_controller.rb
@@ -1,14 +1,17 @@
 class EmailArticlePluginMyprofileController < MyProfileController
 
   needs_profile
+  
 #  before_filter :check_access_to_profile, :except => [:join, :join_not_logged, :index, :add]
 #  before_filter :store_location, :only => [:join, :join_not_logged, :report_abuse, :send_mail]
 #  before_filter :login_required, :only => [:add, :join, :join_not_logged, :leave, :unblock, :leave_scrap, :remove_scrap, :remove_activity, :view_more_activities, :view_more_network_activities, :report_abuse, :register_report, :leave_comment_on_activity, :send_mail]
 
   def send_email
-    article = Article.find(params[:id])
-    EmailArticlePluginMyprofileController::Sender.deliver_mail(article)
-    render :text=>'ok'
+    if user.is_admin?(profile)
+      article = Article.find(params[:id])
+      EmailArticlePluginMyprofileController::Sender.deliver_mail(article)
+      render :text=>'ok'
+    end
   end
 
   class Sender < ActionMailer::Base
diff --git a/lib/email_article_plugin.rb b/lib/email_article_plugin.rb
index 9fae3a0..fb7a29b 100644
--- a/lib/email_article_plugin.rb
+++ b/lib/email_article_plugin.rb
@@ -12,7 +12,8 @@ class EmailArticlePlugin < Noosfero::Plugin
     label = _("Send article to members")
     htmlclass = _("button with-text icon-menu-mail")
     title = _("Email article to all community members")
-      lambda {
+    lambda {
+      if user.is_admin?(profile) and @page.kind_of?(TextArticle)      
         link_to_remote(
             label,
             {
@@ -25,11 +26,7 @@ class EmailArticlePlugin < Noosfero::Plugin
             :class => htmlclass,
             :title => title
          )
-      }
+      end   
+    }
   end
-
-  def stylesheet?
-    true
-  end
-
 end
--
libgit2 0.21.2