ref: master
plugins/work_assignment/controllers/work_assignment_plugin_myprofile_controller.rb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
class WorkAssignmentPluginMyprofileController < MyProfileController helper ArticleHelper helper CmsHelper before_filter :protect_if, only: [:edit_visibility] def edit_visibility unless params[:article_id].blank? folder = environment.articles.find_by_id params[:article_id] @back_to = url_for(folder.parent.url) unless params[:article].blank? folder.published = params[:article][:published] unless params[:q].nil? folder.article_privacy_exceptions = params[:q].split(/,/).map{|n| environment.people.find n.to_i} end folder.save! redirect_to @back_to end end end def search_article_privacy_exceptions arg = params[:q].downcase result = profile.members.where('LOWER(name) LIKE ?', "%#{arg}%") render :text => prepare_to_token_input(result).to_json end def toggle_read work = profile.articles.find params[:id] if work.work_assignment_read_by_ids.include? user.id work.work_assignment_read_by_ids.delete user.id else work.work_assignment_read_by_ids += [user.id] end work.save! render nothing: true end def destroy work = profile.articles.find params[:id] work.destroy render nothing: true end protected def protect_if article = environment.articles.find_by id: params[:article_id] render_access_denied unless (user && !article.nil? && (user.is_member_of? article.profile) && article.parent.allow_visibility_edition && article.folder? && (article.author == user || user.has_permission?('view_private_content', profile))) end end |