diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index 47d40b7..ce0dfe9 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -22,8 +22,11 @@ class CommentsController < ApplicationController end end def new + @comment = Comment.new @comment.commentable=params[:commentable_type].constantize.find(params[:commentable_id]) unless params[:commentable_type].nil? or params[:commentable_id].nil? + authorize! :comment, @comment.commentable + respond_to do |format| format.js end @@ -40,6 +43,7 @@ class CommentsController < ApplicationController params_new= params[:comment].select {|i| !["commentable_id", "commentable_type"].include?(i)} c = params[:comment][:commentable_type].constantize.find(params[:comment][:commentable_id]) unless params[:comment][:commentable_type].nil? or params[:comment][:commentable_id].nil? + authorize! :comment, c @comment = Comment.build_for(c, current_user,"", params_new) diff --git a/app/models/ability.rb b/app/models/ability.rb index f462373..ca1e523 100755 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -17,10 +17,12 @@ class Ability #--------------------------------------------------- - can :index, Comment + can [:index,:hide], Comment can :show, Comment + if loggedin can [:create,:new], Comment + can [:comment], Comment end # can :manage, Comment diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 5d71753..da12d98 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -1,24 +1,23 @@
-<% if (!comment.anonym) %> - <%= image_tag comment.thumb_url %> -<% end %> + <% if (!comment.anonym) %> + <%= image_tag comment.thumb_url %> + <% end %>
<%= (!comment.anonym) ? comment.user.try(:email) : "Anonym" %> (<%= I18n.l(comment.created_at) %>) - <%= link_to ffi1_icon("remove9"), comment_path(comment), method: :delete, data: { confirm: 'Are you sure?' }, remote: true %>: + <%= link_to ffi1_icon("remove9"), comment_path(comment), method: :delete, data: { confirm: 'Are you sure?' }, remote: true if can? :destroy, comment %>:

<%= comment.text %> - <% if can?(:comment, comment.commentable) %> -
<%= link_to "comment" , new_comment_path( commentable_type: "Comment", commentable_id: comment.id), remote:true %> + <% if can?(:comment, comment.commentable) && can?(:new, Comment) %> +
<%= link_to "comment" , new_comment_path( commentable_type: "Comment", commentable_id: comment.id), remote:true %> <% end %>

-
"> -
-
- -<%= render partial:"comments/comments", object: comment.children.order(:created_at).reverse_order if comment.children.size >0 %> -
+
"> +
+
+ <%= render partial:"comments/comments", object: comment.children.order(:created_at).reverse_order if comment.children.size >0 %> +
diff --git a/app/views/comments/_comments_block.html.erb b/app/views/comments/_comments_block.html.erb index 861328d..4fa2086 100644 --- a/app/views/comments/_comments_block.html.erb +++ b/app/views/comments/_comments_block.html.erb @@ -1,7 +1,9 @@ +<%= link_to "Comments:.."+ comments_block.comments.count().to_s, comments_path(commentable_type: comments_block.class.to_s.gsub("::","_"), commentable_id: comments_block.id), remote:true, id: Comment.switchshowid_for( comments_block) %> <%# load the comments in the comments block %> +

<%= link_to "Comment" , new_comment_path( commentable_type: comments_block.class.to_s.gsub("::","_"), commentable_id: comments_block.id), remote:true if can? :comment, comments_block %> <%# This is the button to add a new comment %> -<%= link_to "comments:.."+ comments_block.comments.count().to_s, comments_path(commentable_type: comments_block.class.to_s.gsub("::","_"), commentable_id: comments_block.id), remote:true, id: Comment.switchshowid_for( comments_block) %> <%# load the comments in the comments block %>

">
+

<% unless comments_block.comments.roots.empty? %>