lotus_admin 1.4.0 → 1.4.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 52d4737f0f995337c89e2dfa7183364fc45e134bdd69ab8333485f9feff7eae4
|
4
|
+
data.tar.gz: 2474b390b2d5c7dbf0f1209dde38b3263a4368c86228b49af0b1efe6d5b2aaae
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a85c4256b0e83f67ed69f340d627e707d3ff5a5fb8fa7f58cf03b209636f1fbd4522c9294e83737130a82e7230a8ab06badec56a96bc91810f5d5fcd08d19162
|
7
|
+
data.tar.gz: 3a0a4f62f9c62775cf14b197fa69facc65c5038ae5bb7598aeaa3902637fa95112f6d7891af405bcc84e7cd3e121f18c11faf1ccb71227a1a1ec29513ed68ee6
|
@@ -25,7 +25,7 @@ module LotusAdmin
|
|
25
25
|
def beginning_of_association_chain
|
26
26
|
chain = super
|
27
27
|
|
28
|
-
if
|
28
|
+
if using_pundit?
|
29
29
|
policy_scope(chain, policy_scope_class: "#{ self.class._policy_class_name }::Scope".constantize)
|
30
30
|
else
|
31
31
|
chain
|
@@ -33,8 +33,11 @@ module LotusAdmin
|
|
33
33
|
end
|
34
34
|
|
35
35
|
def user_not_authorized
|
36
|
-
|
37
|
-
|
36
|
+
redirect_to root_path, alert: "You are not authorized to perform this action."
|
37
|
+
end
|
38
|
+
|
39
|
+
def using_pundit?
|
40
|
+
self.class._policy_class_name.present?
|
38
41
|
end
|
39
42
|
end
|
40
43
|
end
|
@@ -17,11 +17,15 @@ class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
|
17
17
|
|
18
18
|
def new
|
19
19
|
self.resource = build_resource
|
20
|
+
|
21
|
+
authorize(resource) if using_pundit?
|
20
22
|
end
|
21
23
|
|
22
24
|
def create
|
23
25
|
self.resource = build_resource(permitted_params)
|
24
26
|
|
27
|
+
authorize(resource) if using_pundit?
|
28
|
+
|
25
29
|
if resource.save
|
26
30
|
redirect_to [lotus_admin, resource], notice: "Created new #{ resource_class.model_name.human } successfully"
|
27
31
|
else
|
@@ -30,6 +34,8 @@ class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
|
30
34
|
end
|
31
35
|
|
32
36
|
def update
|
37
|
+
authorize(resource) if using_pundit?
|
38
|
+
|
33
39
|
if resource.update(permitted_params)
|
34
40
|
redirect_to [lotus_admin, resource], notice: "Updated new #{ resource_class.model_name.human } successfully"
|
35
41
|
else
|
@@ -38,6 +44,8 @@ class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
|
38
44
|
end
|
39
45
|
|
40
46
|
def index(&block)
|
47
|
+
authorize(resource_class) if using_pundit?
|
48
|
+
|
41
49
|
respond_to do |format|
|
42
50
|
format.html
|
43
51
|
|
@@ -45,7 +53,13 @@ class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
|
45
53
|
end
|
46
54
|
end
|
47
55
|
|
56
|
+
def show
|
57
|
+
authorize(resource) if using_pundit?
|
58
|
+
end
|
59
|
+
|
48
60
|
def destroy
|
61
|
+
authorize(resource) if using_pundit?
|
62
|
+
|
49
63
|
if resource.destroy
|
50
64
|
flash[:notice] = "#{ resource_class.model_name.human } has been removed"
|
51
65
|
else
|
data/lib/lotus_admin/version.rb
CHANGED