Fix cancan form submit

2025-05-16 17:37:17 +02:00 · 2014-09-26 10:29:34 +03:00 · 2014-09-26 10:29:34 +03:00 · 96eead47b7
commit 96eead47b7
parent 028ca94d49
4 changed files with 27 additions and 10 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -3,6 +3,12 @@ class ApplicationController < ActionController::Base
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

+  before_filter do
+    resource = controller_name.singularize.to_sym
+    method = "#{resource}_params"
+    params[resource] &&= send(method) if respond_to?(method, true)
+  end
+
  def after_sign_in_path_for(resource)
    if resource.admin?
      (session[:user_return_to].nil?) ? admin_root_path : session[:user_return_to].to_s
--- a/app/controllers/client/domains_controller.rb
+++ b/app/controllers/client/domains_controller.rb
@ -1,7 +1,7 @@
 class Client::DomainsController < ClientController
-    load_and_authorize_resource
-    before_action :set_domain, only: [:show, :edit, :update, :destroy]
-    before_action :verify_deletion, only: [:destroy]
+  load_and_authorize_resource
+  before_action :set_domain, only: [:show, :edit, :update, :destroy]
+  before_action :verify_deletion, only: [:destroy]

  def index
    @q = Domain.search(params[:q]) if current_user.admin?
@ -46,6 +46,16 @@ class Client::DomainsController < ClientController
    end
  end

+  def destroy
+    if @domain.destroy
+      flash[:notice] = I18n.t('shared.domain_deleted')
+      redirect_to client_domains_path
+    else
+      flash[:alert] = I18n.t('shared.failed_to_delete_domain')
+      redirect_to [:client, @domain]
+    end
+  end
+
  private

  def domain_params
@ -74,6 +84,6 @@ class Client::DomainsController < ClientController
  def verify_deletion
    return if @domain.can_be_deleted?
    flash[:alert] = I18n.t('shared.domain_status_prohibits_deleting')
-    redirect_to [:admin, @domain]
+    redirect_to [:client, @domain]
  end
 end
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@ -3,10 +3,10 @@ class Ability

  def initialize(user)

-    # user ||= EppUser.last
+    user ||= User.new
    if user.admin?
      can :manage, Domain
-    else
+    elsif user.persisted?
      can :manage, Domain, registrar_id: user.registrar.id
      can :read, DomainTransfer, transfer_to_id: user.registrar.id
      can :approve_as_client, DomainTransfer, transfer_from_id: user.registrar.id, status: DomainTransfer::PENDING
--- a/app/views/layouts/client.haml
+++ b/app/views/layouts/client.haml
@ -9,7 +9,7 @@
    = stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true
    = javascript_include_tag 'application', 'data-turbolinks-track' => true
    %link{href: "../../favicon.ico", rel: "icon"}/
-    %title EPP Client
+    %title= t('shared.eedirekt')
  %body
    / Static navbar
    .navbar.navbar-inverse.navbar-static-top{role: "navigation"}
@ -20,7 +20,7 @@
            %span.icon-bar
            %span.icon-bar
            %span.icon-bar
-          = link_to 'EPP Client', client_domains_path, class: 'navbar-brand'
+          = link_to t('shared.eedirekt'), client_domains_path, class: 'navbar-brand'
        .navbar-collapse.collapse
          %ul.nav.navbar-nav
            %li.dropdown.active
@ -44,8 +44,9 @@
                  = link_to t('shared.check'), '#'
                %li
                  = link_to t('shared.register'), '#'
-            %li
-              = link_to 'Admin', '/'
+            - if current_user.admin?
+              %li
+                = link_to 'Admin', admin_root_path
          %ul.nav.navbar-nav.navbar-right
            %li= link_to t('shared.log_out'), '/logout'
        / /.nav-collapse