commit
3d5b45ab96
|
@ -2,7 +2,7 @@ class ApplicationController < ActionController::Base
|
||||||
# Prevent CSRF attacks by raising an exception.
|
# Prevent CSRF attacks by raising an exception.
|
||||||
# For APIs, you may want to use :null_session instead.
|
# For APIs, you may want to use :null_session instead.
|
||||||
protect_from_forgery with: :exception
|
protect_from_forgery with: :exception
|
||||||
helper_method :current_user, :is_logined?, :current_user_is_admin?, :get_categories_options, :current_user_can_star?,
|
helper_method :current_user, :is_logined?, :current_user_is_admin?, :current_user_is_author?, :get_categories_options, :current_user_can_star?,
|
||||||
:current_user_can_edit_comment?, :markdown_parser
|
:current_user_can_edit_comment?, :markdown_parser
|
||||||
|
|
||||||
rescue_from Exception, with: :error_500 unless Rails.env.development?
|
rescue_from Exception, with: :error_500 unless Rails.env.development?
|
||||||
|
@ -23,6 +23,10 @@ class ApplicationController < ActionController::Base
|
||||||
@current_user && @current_user.admin
|
@current_user && @current_user.admin
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def current_user_is_author?(article)
|
||||||
|
@current_user.id == article.user_id
|
||||||
|
end
|
||||||
|
|
||||||
def current_user_can_star?(article)
|
def current_user_can_star?(article)
|
||||||
return false unless @current_user
|
return false unless @current_user
|
||||||
!article.article_stars.find_by(user_id: @current_user.id).present?
|
!article.article_stars.find_by(user_id: @current_user.id).present?
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
class ArticlesController < ApplicationController
|
class ArticlesController < ApplicationController
|
||||||
before_filter :check_current_user_is_admin, only: [:new, :create, :edit, :update]
|
# before_filter :check_current_user_is_admin, only: [:new, :create, :edit, :update]
|
||||||
before_filter :article, only: [:show, :edit, :update, :destroy, :star]
|
before_filter :article, only: [:show, :edit, :update, :destroy, :star]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
- if @article.source.empty?
|
- if @article.source.empty?
|
||||||
[原创]
|
[原创]
|
||||||
= @article.title
|
= @article.title
|
||||||
- if current_user_is_admin?
|
-if current_user_is_author?(@article) || current_user_is_admin?
|
||||||
= link_to edit_article_path(@article) do
|
= link_to edit_article_path(@article) do
|
||||||
%span.icon.icon-edit
|
%span.icon.icon-edit
|
||||||
= link_to article_path(@article), method: 'delete', "data-confirm"=> "确定删除吗?" do
|
= link_to article_path(@article), method: 'delete', "data-confirm"=> "确定删除吗?" do
|
||||||
|
|
|
@ -33,9 +33,8 @@
|
||||||
= gravatar_image_tag @current_user.email, size: 100, alt: @current_user.nickname, gravatar: {default: 'https://secure.gravatar.com/avatar/08f077ea061585744ee080824f5a8e65.png?r=PG&d=identicon&s=64'}
|
= gravatar_image_tag @current_user.email, size: 100, alt: @current_user.nickname, gravatar: {default: 'https://secure.gravatar.com/avatar/08f077ea061585744ee080824f5a8e65.png?r=PG&d=identicon&s=64'}
|
||||||
%li
|
%li
|
||||||
= link_to '设置', set_blogs_path
|
= link_to '设置', set_blogs_path
|
||||||
- if current_user_is_admin?
|
%li
|
||||||
%li
|
= link_to '写博客', new_article_path
|
||||||
= link_to '写博客', new_article_path
|
|
||||||
%li
|
%li
|
||||||
= link_to '退出', logout_path
|
= link_to '退出', logout_path
|
||||||
.navbar-header.navbar-avatar
|
.navbar-header.navbar-avatar
|
||||||
|
|
Loading…
Reference in New Issue