Aktivere Rechtemanagement für einige Controller

2013-10-26 12:49:03 +02:00
parent 37ee03676e
commit ff7c1d71bb
16 changed files with 23 additions and 6 deletions
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -1,6 +1,7 @@
 class AttachmentsController < ApplicationController
  # GET /attachments
  # GET /attachments.json
+  load_and_authorize_resource
  def index
    @attachments = Attachment.all

--- a/app/controllers/beispiele_controller.rb
+++ b/app/controllers/beispiele_controller.rb
@@ -1,6 +1,7 @@
 class BeispieleController < ApplicationController
  # GET /beispiele
  # GET /beispiele.json
+  load_and_authorize_resource
  def index
    @beispiele = Beispiel.all

--- a/app/controllers/calentries_controller.rb
+++ b/app/controllers/calentries_controller.rb
@@ -1,6 +1,7 @@
 class CalentriesController < ApplicationController
  # GET /calentries
  # GET /calentries.json
+  load_and_authorize_resource
  def index
    @calentries = Calentry.all

--- a/app/controllers/config_controller.rb
+++ b/app/controllers/config_controller.rb
@@ -1,4 +1,5 @@
 class ConfigController < ApplicationController
+  load_and_authorize_resource
  def index
    
  end
--- a/app/controllers/fetzneditions_controller.rb
+++ b/app/controllers/fetzneditions_controller.rb
@@ -1,6 +1,7 @@
 class FetzneditionsController < ApplicationController
  # GET /fetzneditions
  # GET /fetzneditions.json
+  load_and_authorize_resource
  def index
    @fetzneditions = Fetznedition.all

--- a/app/controllers/fragen_controller.rb
+++ b/app/controllers/fragen_controller.rb
@@ -1,6 +1,7 @@
 class FragenController < ApplicationController
  # GET /fragen
  # GET /fragen.json
+  load_and_authorize_resource
  def index
    @fragen = Frage.all

--- a/app/controllers/gremien_controller.rb
+++ b/app/controllers/gremien_controller.rb
@@ -1,6 +1,7 @@
 class GremienController < ApplicationController
  # GET /gremien
  # GET /gremien.json
+  load_and_authorize_resource
 before_filter {@toolbar_elements=[]}
  def verwalten
    @gremien = Gremium.all
--- a/app/controllers/lecturers_controller.rb
+++ b/app/controllers/lecturers_controller.rb
@@ -1,6 +1,7 @@
 class LecturersController < ApplicationController
  # GET /lecturers
  # GET /lecturers.json
+  load_and_authorize_resource
  def index
    @lecturers = Lecturer.all

--- a/app/controllers/lvas_controller.rb
+++ b/app/controllers/lvas_controller.rb
@@ -1,6 +1,7 @@
 class LvasController < ApplicationController
  # GET /lvas
 before_filter {@toolbar_elements =[]} 
+  load_and_authorize_resource
  def index
    @lvas = Lva.all
    @toolbar_elements=[{:hicon=>'icon-plus-sign',:text =>I18n.t('lva.add'),:path => new_lva_path}]
--- a/app/controllers/memberships_controller.rb
+++ b/app/controllers/memberships_controller.rb
@@ -1,6 +1,7 @@
 class MembershipsController < ApplicationController
  # GET /memberships/new
  # GET /memberships/new.json
+  load_and_authorize_resource
  def new
    @membership = Membership.new
 	@membership.fetprofile=Fetprofile.find(params[:fetprofile_id])
--- a/app/controllers/moduls_controller.rb
+++ b/app/controllers/moduls_controller.rb
@@ -1,6 +1,7 @@
 class ModulsController < ApplicationController
  # GET /moduls
  # GET /moduls.json
+  load_and_authorize_resource
  def index
    @moduls = Modul.all
    if @moduls
--- a/app/controllers/semesters_controller.rb
+++ b/app/controllers/semesters_controller.rb
@@ -1,5 +1,5 @@
 class SemestersController < ApplicationController
-
+  load_and_authorize_resource
  def index
    @semesters = Semester.all
  end
--- a/app/controllers/studien_controller.rb
+++ b/app/controllers/studien_controller.rb
@@ -1,7 +1,7 @@
 class StudienController < ApplicationController
  before_filter {@toolbar_elements =[]} 
  #  before_filter :authorize, :only => :verwalten
-
+  load_and_authorize_resource
  def index
    @studien = Studium.all
    @topbar_elements=[{:hicon=>'icon-list', :text=>I18n.t("studien.allestudien"),:path=>studien_path}]
--- a/app/controllers/themen_controller.rb
+++ b/app/controllers/themen_controller.rb
@@ -1,6 +1,8 @@
 class ThemenController < ApplicationController
  # GET /themen
  # GET /themen.json
+  load_and_authorize_resource
+
  def index
    @themen = Thema.all

--- a/app/controllers/themengruppen_controller.rb
+++ b/app/controllers/themengruppen_controller.rb
@@ -1,6 +1,7 @@
 class ThemengruppenController < ApplicationController
  # GET /themengruppen
  # GET /themengruppen.json
+  load_and_authorize_resource
  def index
    @themengruppen = Themengruppe.all
    @toolbar_elements = [{:icon=>:plus, :hicon=>'icon-plus-sign', :text=>I18n.t('themengruppe.new'), :path=>new_themengruppe_path()}]
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -28,16 +28,19 @@ class Ability
    
    # For Debug allow everything
    # Remove this line in production environment and for testing user management
-    can :manage, :all     
+#    can :manage, :all     
    can :addfetuser, User
    can :addfetadmin, User
    can [:show, :index], Studium
    can [:show, :index], Modulgruppe
    can [:show, :index], Modul
    can [:show, :index], Lva
-
+    can [:show,:index], Gallery
+    can [:show, :index], Themengruppe
+    can [:show, :index], Fetprofile
+    can [:show],Gremium
    # Rechteverwaltung fuer Studien Modul
-    can :read, Modulgruppe
+  
    

    # Rechteverwaltung Kalender 
@@ -45,7 +48,7 @@ class Ability
    can [:showics], Calendar
    can [:show], Calentry
    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
-
+      can :manage,:all
    can :manage, Modulgruppe

    can [:show,:index], Calendar