summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorsimon <simon@zagal.(none)>2009-02-12 00:02:39 +0100
committerhukl <hukl@eight.local>2009-02-15 20:22:17 +0100
commitf10e79a554bd0666de6390c4bc34b52c8ecd936d (patch)
tree29c19fe5cbfa8ad8d4ee08639ad9689c8268c60c /app
parentb700b1315afa9b77104cf30ca1aff0c4a33b029d (diff)
* removed the auditing observer, we'll do it the old fashioned way
* added permission model * locked down attributes on page model
Diffstat (limited to 'app')
-rw-r--r--app/controllers/nodes_controller.rb1
-rw-r--r--app/controllers/pages_controller.rb1
-rw-r--r--app/models/auditing_observer.rb8
-rw-r--r--app/models/node.rb4
-rw-r--r--app/models/page.rb5
-rw-r--r--app/models/permission.rb10
6 files changed, 16 insertions, 13 deletions
diff --git a/app/controllers/nodes_controller.rb b/app/controllers/nodes_controller.rb
index 4c48bb5..cc1ad5c 100644
--- a/app/controllers/nodes_controller.rb
+++ b/app/controllers/nodes_controller.rb
@@ -1,5 +1,4 @@
1class NodesController < ApplicationController 1class NodesController < ApplicationController
2 include Auditing
3 2
4 layout 'admin' 3 layout 'admin'
5 4
diff --git a/app/controllers/pages_controller.rb b/app/controllers/pages_controller.rb
index 363d1e1..efd3913 100644
--- a/app/controllers/pages_controller.rb
+++ b/app/controllers/pages_controller.rb
@@ -1,5 +1,4 @@
1class PagesController < ApplicationController 1class PagesController < ApplicationController
2 include Auditing
3 2
4 # GET /pages 3 # GET /pages
5 # GET /pages.xml 4 # GET /pages.xml
diff --git a/app/models/auditing_observer.rb b/app/models/auditing_observer.rb
deleted file mode 100644
index acce18c..0000000
--- a/app/models/auditing_observer.rb
+++ /dev/null
@@ -1,8 +0,0 @@
1class AuditingObserver < Auditing::Observer
2 observe :node, :page
3
4 # TODO: Insert super secure auditing here
5 def before_save(record)
6 RAILS_DEFAULT_LOGGER.debug ">>>>>>>>>>>>> #{controller.inspect}"
7 end
8end
diff --git a/app/models/node.rb b/app/models/node.rb
index 05da907..819acac 100644
--- a/app/models/node.rb
+++ b/app/models/node.rb
@@ -1,11 +1,11 @@
1class Node < ActiveRecord::Base 1class Node < ActiveRecord::Base
2 acts_as_nested_set 2 acts_as_nested_set
3 3
4 # Associations
4 has_many :pages, :order => "revision ASC" 5 has_many :pages, :order => "revision ASC"
5 belongs_to :head, :class_name => "Page", :foreign_key => :head_id 6 belongs_to :head, :class_name => "Page", :foreign_key => :head_id
6 7
7 # Callbacks 8 # Callbacks
8
9 after_create :initialize_empty_page 9 after_create :initialize_empty_page
10 10
11 # Class methods 11 # Class methods
diff --git a/app/models/page.rb b/app/models/page.rb
index 5647ef9..aba974a 100644
--- a/app/models/page.rb
+++ b/app/models/page.rb
@@ -9,7 +9,10 @@ class Page < ActiveRecord::Base
9 # Associations 9 # Associations
10 belongs_to :node 10 belongs_to :node
11 belongs_to :user 11 belongs_to :user
12 12
13 # Security
14 attr_accessible :title, :abstract, :body
15
13 # Class Methods 16 # Class Methods
14 17
15 # This method is most likely called from the ContentHelper.render_collection 18 # This method is most likely called from the ContentHelper.render_collection
diff --git a/app/models/permission.rb b/app/models/permission.rb
new file mode 100644
index 0000000..1070b7a
--- /dev/null
+++ b/app/models/permission.rb
@@ -0,0 +1,10 @@
1class Permission < ActiveRecord::Base
2 validates_presence_of :user_id, :node_id, :granted
3
4 # Associations
5 belongs_to :user
6 belongs_to :node
7
8 # Security
9 attr_protected :user_id, :node_id, :granted # Allow no mass assignments
10end