Download as
Browse Code »

Commit e6be3b0cac4eae5221f6ab3458566b2dff31834e

Authored by Arthur Esposte
1 parent 05dce99b
Exists in master and in 5 other branches fix_search_by_software_highlight_block, r4, refactor_software_info_365, stable, update_translations

Disable non admin user to edit institution sisp field 

(institution_fields)

Signed-off-by: Arthur Del Esposte <arthurmde@gmail.com>
Signed-off-by: Fabio Teixeira <fabio1079@gmail.com>
Showing 2 changed files with 36 additions and 16 deletions   Show diff stats
lib/mpog_software_plugin.rb
  Diff comments   View file @e6be3b0
... ... @@ -16,11 +16,6 @@ class MpogSoftwarePlugin &lt; Noosfero::Plugin
16 16 _("Add Public Software and MPOG features.")
17 17 end
18 18  
19   - def show_sisp_field current_user
20   - @show_sisp_field = current_user.login == "adminuser"
21   - @show_sisp_field
22   - end
23   -
24 19 def signup_extra_contents
25 20 institutions = Institution.all
26 21  
... ... @@ -65,13 +60,13 @@ class MpogSoftwarePlugin &lt; Noosfero::Plugin
65 60 end
66 61 end
67 62  
68   - def profile_editor_extras show_sisp_field=true
69   - @show_sisp_field = show_sisp_field
  63 + def profile_editor_extras
70 64 if context.profile.person?
71 65 expanded_template('person_editor_extras.html.erb')
72 66 elsif context.profile.respond_to? :software_info and !context.profile.software_info.nil?
73 67 expanded_template('software_editor_extras.html.erb')
74 68 elsif context.profile.respond_to? :institution and !context.profile.institution.nil?
  69 + @show_sisp_field = show_sisp_field
75 70 expanded_template('institution_editor_extras.html.erb')
76 71 end
77 72 end
... ... @@ -115,6 +110,26 @@ class MpogSoftwarePlugin &lt; Noosfero::Plugin
115 110 end
116 111 end
117 112  
  113 + def profile_editor_controller_filters
  114 + block = proc do
  115 + if request.post? && params[:institution]
  116 + is_admin = environment.admins.include?(current_user.person)
  117 +
  118 + unless is_admin
  119 + institution = profile.institution
  120 + params[:institution][:sisp] = institution.sisp if params[:institution][:sisp] != institution.sisp
  121 + end
  122 + end
  123 + end
  124 +
  125 + [{
  126 + :type => "before_filter",
  127 + :method_name => "validate_institution_sisp_field_access",
  128 + :options => { :only=>:edit },
  129 + :block => block
  130 + }]
  131 + end
  132 +
118 133 def profile_tabs
119 134 if context.profile.person?
120 135 { :title => _("Mpog"),
... ... @@ -387,4 +402,9 @@ class MpogSoftwarePlugin &lt; Noosfero::Plugin
387 402 user.institutions << community.institution
388 403 end
389 404 end
  405 +
  406 + def show_sisp_field
  407 + current_person = User.find(context.session[:user]).person
  408 + context.environment.admins.include?(current_person)
  409 + end
390 410 end
... ...
views/institution_editor_extras.html.erb
  Diff comments   View file @e6be3b0
... ... @@ -36,13 +36,13 @@
36 36 </div>
37 37 </span>
38 38  
39   -<% if @show_sisp_field %>
40   - <span class= 'public-institutions-fields'>
41   - <div class="formfieldline">
42   - <%= _("SISP?") %>
43   - <%= labelled_radio_button(_('Yes'), 'institution[sisp]', 'true', context.profile.institution.sisp)%>
44   - <%= labelled_radio_button(_('No'), 'institution[sisp]', 'false', !context.profile.institution.sisp)%>
45   - </div>
46   -</span>
47   -<% end %>
  39 + <% if @show_sisp_field %>
  40 + <span class= 'public-institutions-fields'>
  41 + <div class="formfieldline">
  42 + <%= _("SISP?") %>
  43 + <%= labelled_radio_button(_('Yes'), 'institution[sisp]', 'true', context.profile.institution.sisp)%>
  44 + <%= labelled_radio_button(_('No'), 'institution[sisp]', 'false', !context.profile.institution.sisp)%>
  45 + </div>
  46 + </span>
  47 + <% end %>
48 48 <% end %>
... ...