From 96eead47b788630afe928b3e3f7b74b72be5c8ce Mon Sep 17 00:00:00 2001 From: Martin Lensment Date: Fri, 26 Sep 2014 10:29:34 +0300 Subject: [PATCH] Fix cancan form submit --- app/controllers/application_controller.rb | 6 ++++++ app/controllers/client/domains_controller.rb | 18 ++++++++++++++---- app/models/ability.rb | 4 ++-- app/views/layouts/client.haml | 9 +++++---- 4 files changed, 27 insertions(+), 10 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index c49d86893..2a47b86ea 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,6 +3,12 @@ class ApplicationController < ActionController::Base # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception + before_filter do + resource = controller_name.singularize.to_sym + method = "#{resource}_params" + params[resource] &&= send(method) if respond_to?(method, true) + end + def after_sign_in_path_for(resource) if resource.admin? (session[:user_return_to].nil?) ? admin_root_path : session[:user_return_to].to_s diff --git a/app/controllers/client/domains_controller.rb b/app/controllers/client/domains_controller.rb index 11386fd27..43fc3fa02 100644 --- a/app/controllers/client/domains_controller.rb +++ b/app/controllers/client/domains_controller.rb @@ -1,7 +1,7 @@ class Client::DomainsController < ClientController - load_and_authorize_resource - before_action :set_domain, only: [:show, :edit, :update, :destroy] - before_action :verify_deletion, only: [:destroy] + load_and_authorize_resource + before_action :set_domain, only: [:show, :edit, :update, :destroy] + before_action :verify_deletion, only: [:destroy] def index @q = Domain.search(params[:q]) if current_user.admin? @@ -46,6 +46,16 @@ class Client::DomainsController < ClientController end end + def destroy + if @domain.destroy + flash[:notice] = I18n.t('shared.domain_deleted') + redirect_to client_domains_path + else + flash[:alert] = I18n.t('shared.failed_to_delete_domain') + redirect_to [:client, @domain] + end + end + private def domain_params @@ -74,6 +84,6 @@ class Client::DomainsController < ClientController def verify_deletion return if @domain.can_be_deleted? flash[:alert] = I18n.t('shared.domain_status_prohibits_deleting') - redirect_to [:admin, @domain] + redirect_to [:client, @domain] end end diff --git a/app/models/ability.rb b/app/models/ability.rb index 1074c02cf..8b2accfca 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -3,10 +3,10 @@ class Ability def initialize(user) - # user ||= EppUser.last + user ||= User.new if user.admin? can :manage, Domain - else + elsif user.persisted? can :manage, Domain, registrar_id: user.registrar.id can :read, DomainTransfer, transfer_to_id: user.registrar.id can :approve_as_client, DomainTransfer, transfer_from_id: user.registrar.id, status: DomainTransfer::PENDING diff --git a/app/views/layouts/client.haml b/app/views/layouts/client.haml index c6449a370..72baf4318 100644 --- a/app/views/layouts/client.haml +++ b/app/views/layouts/client.haml @@ -9,7 +9,7 @@ = stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true = javascript_include_tag 'application', 'data-turbolinks-track' => true %link{href: "../../favicon.ico", rel: "icon"}/ - %title EPP Client + %title= t('shared.eedirekt') %body / Static navbar .navbar.navbar-inverse.navbar-static-top{role: "navigation"} @@ -20,7 +20,7 @@ %span.icon-bar %span.icon-bar %span.icon-bar - = link_to 'EPP Client', client_domains_path, class: 'navbar-brand' + = link_to t('shared.eedirekt'), client_domains_path, class: 'navbar-brand' .navbar-collapse.collapse %ul.nav.navbar-nav %li.dropdown.active @@ -44,8 +44,9 @@ = link_to t('shared.check'), '#' %li = link_to t('shared.register'), '#' - %li - = link_to 'Admin', '/' + - if current_user.admin? + %li + = link_to 'Admin', admin_root_path %ul.nav.navbar-nav.navbar-right %li= link_to t('shared.log_out'), '/logout' / /.nav-collapse