Revision 355bce36
Added by Ohad Levy over 10 years ago
app/helpers/application_helper.rb | ||
---|---|---|
# Return true if user is authorized for controller/action, otherwise false
|
||
# +controller+ : String or symbol for the controller
|
||
# +action+ : String or symbol for the action
|
||
def authorized_for(controller, action)
|
||
User.current.allowed_to?({:controller => controller.to_s.gsub(/::/, "_").underscore, :action => action}) rescue false
|
||
def authorized_for(controller, action, id = nil)
|
||
User.current.allowed_to?({:controller => controller, :action => action, :id => id}) rescue false
|
||
end
|
||
|
||
# Display a link if user is authorized, otherwise a string
|
||
... | ... | |
# :auth_action : String or Symbol representing the action to be used for authorization checks
|
||
# +html_options+ : Hash containing html options for the link or span
|
||
def link_to_if_authorized(name, options = {}, html_options = {})
|
||
auth_action = options.delete :auth_action
|
||
enable_link = authorized_for(options[:controller] || params[:controller], auth_action || options[:action])
|
||
if enable_link
|
||
auth_options = {
|
||
:controller => options[:controller] || params[:controller],
|
||
:action => options.delete(:auth_action) || options[:action],
|
||
:id => options[:id]
|
||
}
|
||
if User.current.allowed_to?(auth_options)
|
||
link_to name, options, html_options
|
||
else
|
||
link_to_function name, nil, html_options.merge!(:class => "#{html_options[:class]} disabled", :disabled => true)
|
Also available in: Unified diff
fixes #3930 - refactoring of edit_self implementation.