[myexperiment-hackers] [2491] trunk: added ability to manage content type entries

[noreply]

Revision

2491

Author

dgc

Date

2010-08-04 10:54:22 -0400 (Wed, 04 Aug 2010)

Log Message

added ability to manage content type entries

Modified Paths

• trunk/app/controllers/content_types_controller.rb
• trunk/app/views/content_types/show.rhtml
• trunk/lib/authorization.rb

Diff

Modified: trunk/app/controllers/content_types_controller.rb (2490 => 2491)

--- trunk/app/controllers/content_types_controller.rb	2010-08-02 16:03:46 UTC (rev 2490)
+++ trunk/app/controllers/content_types_controller.rb	2010-08-04 14:54:22 UTC (rev 2491)
@@ -5,7 +5,7 @@
 
 class ContentTypesController < ApplicationController
 
-  before_filter :find_content_type, : [ :show ]
+  before_filter :find_content_type, : [ :show, :edit, :update ]
 
   # GET /content_types
   def index
@@ -43,6 +43,30 @@
     end
   end
 
+  # GET /content_types/1
+  def edit
+  end
+
+  # PUT /content_types/1
+  def update
+
+    if !Authorization.check(:action ="" 'edit', :object => @content_type, :user => current_user)
+      error("You do not have the authorisation to edit.", "is unauthorised")
+      return
+    end
+
+    @content_type.title       = params[:content_type][:title]
+    @content_type.description = params[:content_type][:description]
+
+    if @content_type.valid?
+      @content_type.save
+      redirect_to :action ="" 'show'
+    else
+      flash[:error] = "Failed to update Content Type."
+      render :action ="" :edit
+    end
+  end
+
   private
 
   def find_content_type

Modified: trunk/app/views/content_types/show.rhtml (2490 => 2491)

--- trunk/app/views/content_types/show.rhtml	2010-08-02 16:03:46 UTC (rev 2490)
+++ trunk/app/views/content_types/show.rhtml	2010-08-04 14:54:22 UTC (rev 2491)
@@ -2,6 +2,9 @@
 
 <ul class="sectionIcons">
   <li><%= icon('workflow', content_types_path, nil, nil, 'All Types')%></li>
+  <% if Authorization.check(:action ="" 'edit', :object => @content_type, :user => current_user) %>
+		<li><%= icon('manage', edit_content_type_path(@content_type), nil, nil, 'Manage Content Type Entry')%></li>
+	<% end -%>
 </ul>
 
 <h1><%= visible_name(@content_type.category) -%> Type: <%= h @content_type.title %></h1>

Modified: trunk/lib/authorization.rb (2490 => 2491)

--- trunk/lib/authorization.rb	2010-08-02 16:03:46 UTC (rev 2490)
+++ trunk/lib/authorization.rb	2010-08-04 14:54:22 UTC (rev 2491)
@@ -442,6 +442,23 @@
         # "action_name" used to work with original action name, rather than classification made inside the module
         is_authorized = Authorization.job_authorized?(thing_instance, action_name, user)
       
+      when "ContentType"
+
+        case action
+
+          when "view"
+            # anyone can view content types
+            is_authorized = true
+     
+          when "edit"
+            # the owner of the content type can edit
+            is_authorized = !user.nil? && thing_instance.user_id == user_id
+
+          when "destroy"
+            # noone can destroy them yet - they just fade away from view
+            is_authorized = false
+        end
+
       else
         # don't recognise the kind of "thing" that is being authorized, so
         # we don't specifically know that it needs to be blocked;
@@ -507,6 +524,8 @@
         when "Runner"
           # the line below doesn't have a typo - "runners" should really be searched in "TavernaEnactor" model
           found_instance = TavernaEnactor.find(thing_id)
+        when "ContentType"
+          found_instance = ContentType.find(thing_id)
       end
     rescue ActiveRecord::RecordNotFound
       # do nothing; makes sure that app won't crash when the required object is not found;