diff --git a/app/controllers/announcements_controller.rb b/app/controllers/announcements_controller.rb --- a/app/controllers/announcements_controller.rb +++ b/app/controllers/announcements_controller.rb @@ -1,7 +1,6 @@ class AnnouncementsController < ApplicationController - before_filter :authenticate - before_filter { |controller| controller.authorization_by_roles(['admin'])} + before_filter :admin_authorization in_place_edit_for :announcement, :published diff --git a/app/controllers/application.rb b/app/controllers/application.rb --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -7,6 +7,12 @@ SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' + def admin_authorization + return false unless authenticate + user = User.find(session[:user_id], :include => ['roles']) + redirect_to :controller => 'main', :action => 'login' unless user.admin? + end + def authorization_by_roles(allowed_roles) return false unless authenticate user = User.find(session[:user_id]) @@ -18,13 +24,14 @@ end protected + def authenticate unless session[:user_id] redirect_to :controller => 'main', :action => 'login' return false end - Configuration.reload + #Configuration.reload # check if run in single user mode if (Configuration[SINGLE_USER_MODE_CONF_KEY]) user = User.find(session[:user_id]) diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb --- a/app/controllers/login_controller.rb +++ b/app/controllers/login_controller.rb @@ -10,6 +10,11 @@ if user = User.authenticate(params[:login], params[:password]) session[:user_id] = user.id redirect_to :controller => 'main', :action => 'list' + if user.admin? + session[:admin] = true + else + session[:admin] = false + end else flash[:notice] = 'Wrong password' redirect_to :controller => 'main', :action => 'login' diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb --- a/app/controllers/messages_controller.rb +++ b/app/controllers/messages_controller.rb @@ -5,9 +5,7 @@ verify :method => :post, :only => ['create'], :redirect_to => { :action => 'list' } - before_filter :only => ['console','show'] do |controller| - controller.authorization_by_roles(['admin']) - end + before_filter :admin_authorization, :only => ['console','show','reply'] def list @user = User.find(session[:user_id]) diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -5,7 +5,7 @@ menu_items = '' user = User.find(session[:user_id]) - if (user!=nil) and (user.admin?) + if (user!=nil) and (session[:admin]) # admin menu menu_items << "Administrative task: " append_to menu_items, '[Announcements]', 'announcements', 'index' diff --git a/app/views/configurations/index.html.haml b/app/views/configurations/index.html.haml --- a/app/views/configurations/index.html.haml +++ b/app/views/configurations/index.html.haml @@ -20,7 +20,11 @@ = in_place_editor_field :configuration, :value, {}, :rows=>1 %br/ -= link_to '[Reload configuration]', :action => 'reload' +Your config is saved, but it does not automatically take effect. %br/ -Your config is saved, but it does not automatically take effect. -You must reload. +If you have one mongrel process running, you can += link_to '[click]', :action => 'reload' +here to reload. +%br/ +If you have more than one process running, you should restart +them manually.