qm-acts-as-generic-controller 0.1.6 → 0.1.7
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +1 -1
- data/lib/qm-acts-as-generic-controller-controller.rb +7 -2
- metadata +4 -4
data/Rakefile
CHANGED
|
@@ -9,7 +9,7 @@ begin
|
|
|
9
9
|
gemspec.email = "marcin@saepia.net"
|
|
10
10
|
gemspec.homepage = "http://q.saepia.net"
|
|
11
11
|
gemspec.authors = ["Marcin Lewandowski"]
|
|
12
|
-
gemspec.version = "0.1.
|
|
12
|
+
gemspec.version = "0.1.7"
|
|
13
13
|
gemspec.files = Rake::FileList.new [ "MIT-LICENSE", "Rakefile", "lib/*", "app/views/generic_controller/*" ]
|
|
14
14
|
gemspec.add_dependency "qui-common-helpers", ">= 0.0.8"
|
|
15
15
|
gemspec.add_dependency "qui-index-table", ">= 0.0.8"
|
|
@@ -26,7 +26,7 @@ module QM
|
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
|
|
29
|
-
before_filter :check_generic_privileges
|
|
29
|
+
before_filter :check_generic_privileges, :only => [ :index, :show, :create, :edit, :update, :destroy ]
|
|
30
30
|
before_filter :check_limit_for_user, :only => [ :show, :edit, :update, :destroy ]
|
|
31
31
|
END
|
|
32
32
|
|
|
@@ -156,7 +156,10 @@ module QM
|
|
|
156
156
|
|
|
157
157
|
if defined?(current_user) and current_user.respond_to? :privileged_attributes
|
|
158
158
|
params[singular_variable(true)].keys.each do |key|
|
|
159
|
-
|
|
159
|
+
unless current_user.privileged_attributes(model, :write).include? key
|
|
160
|
+
logger.info "Security warning: Deleting key '#{key}' from params hash, because user #{current_user.login} has not enough privileges to modify that attribute"
|
|
161
|
+
params[singular_variable(true)].delete key
|
|
162
|
+
end
|
|
160
163
|
end
|
|
161
164
|
end
|
|
162
165
|
instance_variable_get(singular_variable).update_attributes params[singular_variable(true)]
|
|
@@ -227,6 +230,8 @@ module QM
|
|
|
227
230
|
:index_any
|
|
228
231
|
when :show
|
|
229
232
|
:show_any
|
|
233
|
+
when :edit
|
|
234
|
+
:update_any
|
|
230
235
|
when :update
|
|
231
236
|
:update_any
|
|
232
237
|
when :create
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: qm-acts-as-generic-controller
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 21
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 1
|
|
9
|
-
-
|
|
10
|
-
version: 0.1.
|
|
9
|
+
- 7
|
|
10
|
+
version: 0.1.7
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Marcin Lewandowski
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2010-11-
|
|
18
|
+
date: 2010-11-10 00:00:00 +01:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies:
|
|
21
21
|
- !ruby/object:Gem::Dependency
|