Commit c1e933f5e24da62e4e793e96e770f2d724cbea51
Committed by
Gust
Gust
1 parent
2adffb01
Exists in
master
and in
5 other branches
Disable non admin user to edit institution sisp field
(institution_fields) Signed-off-by: Arthur Del Esposte <arthurmde@gmail.com> Signed-off-by: Fabio Teixeira <fabio1079@gmail.com>
Showing
2 changed files
with
36 additions
and
16 deletions
Show diff stats
lib/mpog_software_plugin.rb
| @@ -16,11 +16,6 @@ class MpogSoftwarePlugin < Noosfero::Plugin | @@ -16,11 +16,6 @@ class MpogSoftwarePlugin < Noosfero::Plugin | ||
| 16 | _("Add Public Software and MPOG features.") | 16 | _("Add Public Software and MPOG features.") |
| 17 | end | 17 | end |
| 18 | 18 | ||
| 19 | - def show_sisp_field current_user | ||
| 20 | - @show_sisp_field = current_user.login == "adminuser" | ||
| 21 | - @show_sisp_field | ||
| 22 | - end | ||
| 23 | - | ||
| 24 | def signup_extra_contents | 19 | def signup_extra_contents |
| 25 | institutions = Institution.all | 20 | institutions = Institution.all |
| 26 | 21 | ||
| @@ -65,13 +60,13 @@ class MpogSoftwarePlugin < Noosfero::Plugin | @@ -65,13 +60,13 @@ class MpogSoftwarePlugin < Noosfero::Plugin | ||
| 65 | end | 60 | end |
| 66 | end | 61 | end |
| 67 | 62 | ||
| 68 | - def profile_editor_extras show_sisp_field=true | ||
| 69 | - @show_sisp_field = show_sisp_field | 63 | + def profile_editor_extras |
| 70 | if context.profile.person? | 64 | if context.profile.person? |
| 71 | expanded_template('person_editor_extras.html.erb') | 65 | expanded_template('person_editor_extras.html.erb') |
| 72 | elsif context.profile.respond_to? :software_info and !context.profile.software_info.nil? | 66 | elsif context.profile.respond_to? :software_info and !context.profile.software_info.nil? |
| 73 | expanded_template('software_editor_extras.html.erb') | 67 | expanded_template('software_editor_extras.html.erb') |
| 74 | elsif context.profile.respond_to? :institution and !context.profile.institution.nil? | 68 | elsif context.profile.respond_to? :institution and !context.profile.institution.nil? |
| 69 | + @show_sisp_field = show_sisp_field | ||
| 75 | expanded_template('institution_editor_extras.html.erb') | 70 | expanded_template('institution_editor_extras.html.erb') |
| 76 | end | 71 | end |
| 77 | end | 72 | end |
| @@ -115,6 +110,26 @@ class MpogSoftwarePlugin < Noosfero::Plugin | @@ -115,6 +110,26 @@ class MpogSoftwarePlugin < Noosfero::Plugin | ||
| 115 | end | 110 | end |
| 116 | end | 111 | end |
| 117 | 112 | ||
| 113 | + def profile_editor_controller_filters | ||
| 114 | + block = proc do | ||
| 115 | + if request.post? && params[:institution] | ||
| 116 | + is_admin = environment.admins.include?(current_user.person) | ||
| 117 | + | ||
| 118 | + unless is_admin | ||
| 119 | + institution = profile.institution | ||
| 120 | + params[:institution][:sisp] = institution.sisp if params[:institution][:sisp] != institution.sisp | ||
| 121 | + end | ||
| 122 | + end | ||
| 123 | + end | ||
| 124 | + | ||
| 125 | + [{ | ||
| 126 | + :type => "before_filter", | ||
| 127 | + :method_name => "validate_institution_sisp_field_access", | ||
| 128 | + :options => { :only=>:edit }, | ||
| 129 | + :block => block | ||
| 130 | + }] | ||
| 131 | + end | ||
| 132 | + | ||
| 118 | def profile_tabs | 133 | def profile_tabs |
| 119 | if context.profile.person? | 134 | if context.profile.person? |
| 120 | { :title => _("Mpog"), | 135 | { :title => _("Mpog"), |
| @@ -418,4 +433,9 @@ class MpogSoftwarePlugin < Noosfero::Plugin | @@ -418,4 +433,9 @@ class MpogSoftwarePlugin < Noosfero::Plugin | ||
| 418 | user.institutions << community.institution | 433 | user.institutions << community.institution |
| 419 | end | 434 | end |
| 420 | end | 435 | end |
| 436 | + | ||
| 437 | + def show_sisp_field | ||
| 438 | + current_person = User.find(context.session[:user]).person | ||
| 439 | + context.environment.admins.include?(current_person) | ||
| 440 | + end | ||
| 421 | end | 441 | end |
views/institution_editor_extras.html.erb
| @@ -36,13 +36,13 @@ | @@ -36,13 +36,13 @@ | ||
| 36 | </div> | 36 | </div> |
| 37 | </span> | 37 | </span> |
| 38 | 38 | ||
| 39 | -<% if @show_sisp_field %> | ||
| 40 | - <span class= 'public-institutions-fields'> | ||
| 41 | - <div class="formfieldline"> | ||
| 42 | - <%= _("SISP?") %> | ||
| 43 | - <%= labelled_radio_button(_('Yes'), 'institution[sisp]', 'true', context.profile.institution.sisp)%> | ||
| 44 | - <%= labelled_radio_button(_('No'), 'institution[sisp]', 'false', !context.profile.institution.sisp)%> | ||
| 45 | - </div> | ||
| 46 | -</span> | ||
| 47 | -<% end %> | 39 | + <% if @show_sisp_field %> |
| 40 | + <span class= 'public-institutions-fields'> | ||
| 41 | + <div class="formfieldline"> | ||
| 42 | + <%= _("SISP?") %> | ||
| 43 | + <%= labelled_radio_button(_('Yes'), 'institution[sisp]', 'true', context.profile.institution.sisp)%> | ||
| 44 | + <%= labelled_radio_button(_('No'), 'institution[sisp]', 'false', !context.profile.institution.sisp)%> | ||
| 45 | + </div> | ||
| 46 | + </span> | ||
| 47 | + <% end %> | ||
| 48 | <% end %> | 48 | <% end %> |