Download as
Browse Code »

Commit e65814561b427161cf3476e101efc3423aae4d30

Authored by Aurélio A. Heckert
Committed by Rodrigo Souto
1 parent 2249be1c
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Do not redirect gest from restricted pages 

ActionItem2540
Showing 3 changed files with 26 additions and 19 deletions   Show diff stats
app/controllers/public/content_viewer_controller.rb
  Diff comments   View file @e658145
... ... @@ -25,24 +25,26 @@ class ContentViewerController < ApplicationController
25 25 return
26 26 end
27 27 end
28   -
29   - # page not found, give error
30   - if @page.nil?
31   - render_not_found(@path)
32   - return
33   - end
34 28 end
35 29  
36   - if !@page.display_to?(user)
37   - if profile.display_info_to?(user) || !profile.visible?
38   - message = _('You are not allowed to view this content. You can contact the owner of this profile to request access then.')
  30 + if !@page.nil? && !@page.display_to?(user)
  31 + if !profile.public?
  32 + private_profile_partial_parameters
  33 + render :template => 'profile/_private_profile.rhtml', :status => 403
  34 + else #if !profile.visible?
  35 + message = _('You are not allowed to view this content.')
  36 + message += ' ' + _('You can contact the owner of this profile to request access then.')
39 37 render_access_denied(message)
40   - elsif !profile.public?
41   - redirect_to :controller => 'profile', :action => 'index', :profile => profile.identifier
42 38 end
43 39 return
44 40 end
45 41  
  42 + # page not found, give error
  43 + if @page.nil?
  44 + render_not_found(@path)
  45 + return
  46 + end
  47 +
46 48 if request.xhr? && params[:toolbar]
47 49 render :partial => 'article_toolbar'
48 50 return
... ...
app/controllers/public/profile_controller.rb
  Diff comments   View file @e658145
... ... @@ -368,14 +368,7 @@ class ProfileController < PublicController
368 368 end
369 369  
370 370 def private_profile
371   - if profile.person?
372   - @action = :add_friend
373   - @message = _("The content here is available to %s's friends only.") % profile.short_name
374   - else
375   - @action = :join
376   - @message = _('The contents in this community is available to members only.')
377   - end
378   - @no_design_blocks = true
  371 + private_profile_partial_parameters
379 372 end
380 373  
381 374 def invisible_profile
... ...
app/helpers/application_helper.rb
  Diff comments   View file @e658145
... ... @@ -1411,4 +1411,16 @@ module ApplicationHelper
1411 1411 options[:class] = "comment-footer comment-footer-link comment-footer-hide"
1412 1412 expirable_content_reference content, action, text, url, options
1413 1413 end
  1414 +
  1415 + def private_profile_partial_parameters
  1416 + if profile.person?
  1417 + @action = :add_friend
  1418 + @message = _("The content here is available to %s's friends only.") % profile.short_name
  1419 + else
  1420 + @action = :join
  1421 + @message = _('The contents in this community is available to members only.')
  1422 + end
  1423 + @no_design_blocks = true
  1424 + end
  1425 +
1414 1426 end
... ...