Commit e65814561b427161cf3476e101efc3423aae4d30
Committed by
Rodrigo Souto
Rodrigo Souto
1 parent
2249be1c
Exists in
master
and in
29 other branches
Do not redirect gest from restricted pages
ActionItem2540
Showing
3 changed files
with
26 additions
and
19 deletions
Show diff stats
app/controllers/public/content_viewer_controller.rb
| @@ -25,24 +25,26 @@ class ContentViewerController < ApplicationController | @@ -25,24 +25,26 @@ class ContentViewerController < ApplicationController | ||
| 25 | return | 25 | return |
| 26 | end | 26 | end |
| 27 | end | 27 | end |
| 28 | - | ||
| 29 | - # page not found, give error | ||
| 30 | - if @page.nil? | ||
| 31 | - render_not_found(@path) | ||
| 32 | - return | ||
| 33 | - end | ||
| 34 | end | 28 | end |
| 35 | 29 | ||
| 36 | - if !@page.display_to?(user) | ||
| 37 | - if profile.display_info_to?(user) || !profile.visible? | ||
| 38 | - message = _('You are not allowed to view this content. You can contact the owner of this profile to request access then.') | 30 | + if !@page.nil? && !@page.display_to?(user) |
| 31 | + if !profile.public? | ||
| 32 | + private_profile_partial_parameters | ||
| 33 | + render :template => 'profile/_private_profile.rhtml', :status => 403 | ||
| 34 | + else #if !profile.visible? | ||
| 35 | + message = _('You are not allowed to view this content.') | ||
| 36 | + message += ' ' + _('You can contact the owner of this profile to request access then.') | ||
| 39 | render_access_denied(message) | 37 | render_access_denied(message) |
| 40 | - elsif !profile.public? | ||
| 41 | - redirect_to :controller => 'profile', :action => 'index', :profile => profile.identifier | ||
| 42 | end | 38 | end |
| 43 | return | 39 | return |
| 44 | end | 40 | end |
| 45 | 41 | ||
| 42 | + # page not found, give error | ||
| 43 | + if @page.nil? | ||
| 44 | + render_not_found(@path) | ||
| 45 | + return | ||
| 46 | + end | ||
| 47 | + | ||
| 46 | if request.xhr? && params[:toolbar] | 48 | if request.xhr? && params[:toolbar] |
| 47 | render :partial => 'article_toolbar' | 49 | render :partial => 'article_toolbar' |
| 48 | return | 50 | return |
app/controllers/public/profile_controller.rb
| @@ -368,14 +368,7 @@ class ProfileController < PublicController | @@ -368,14 +368,7 @@ class ProfileController < PublicController | ||
| 368 | end | 368 | end |
| 369 | 369 | ||
| 370 | def private_profile | 370 | def private_profile |
| 371 | - if profile.person? | ||
| 372 | - @action = :add_friend | ||
| 373 | - @message = _("The content here is available to %s's friends only.") % profile.short_name | ||
| 374 | - else | ||
| 375 | - @action = :join | ||
| 376 | - @message = _('The contents in this community is available to members only.') | ||
| 377 | - end | ||
| 378 | - @no_design_blocks = true | 371 | + private_profile_partial_parameters |
| 379 | end | 372 | end |
| 380 | 373 | ||
| 381 | def invisible_profile | 374 | def invisible_profile |
app/helpers/application_helper.rb
| @@ -1411,4 +1411,16 @@ module ApplicationHelper | @@ -1411,4 +1411,16 @@ module ApplicationHelper | ||
| 1411 | options[:class] = "comment-footer comment-footer-link comment-footer-hide" | 1411 | options[:class] = "comment-footer comment-footer-link comment-footer-hide" |
| 1412 | expirable_content_reference content, action, text, url, options | 1412 | expirable_content_reference content, action, text, url, options |
| 1413 | end | 1413 | end |
| 1414 | + | ||
| 1415 | + def private_profile_partial_parameters | ||
| 1416 | + if profile.person? | ||
| 1417 | + @action = :add_friend | ||
| 1418 | + @message = _("The content here is available to %s's friends only.") % profile.short_name | ||
| 1419 | + else | ||
| 1420 | + @action = :join | ||
| 1421 | + @message = _('The contents in this community is available to members only.') | ||
| 1422 | + end | ||
| 1423 | + @no_design_blocks = true | ||
| 1424 | + end | ||
| 1425 | + | ||
| 1414 | end | 1426 | end |