From 4dc08d9dbc9fcc4113346c774621ceb04dc5dd92 Mon Sep 17 00:00:00 2001 From: f Date: Sat, 16 Feb 2019 15:17:18 -0300 Subject: [PATCH] lxs invitadxs no ven el indice de sitios --- app/controllers/posts_controller.rb | 2 +- app/policies/site_policy.rb | 4 ++-- app/views/layouts/_breadcrumb.haml | 3 +++ config/application.rb | 1 + 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/app/controllers/posts_controller.rb b/app/controllers/posts_controller.rb index 865e8c04..e8611abf 100644 --- a/app/controllers/posts_controller.rb +++ b/app/controllers/posts_controller.rb @@ -3,8 +3,8 @@ class PostsController < ApplicationController before_action :authenticate! def index + authorize Post @site = find_site - authorize @site @lang = find_lang(@site) @category = session[:category] = params.dig(:category) @posts = policy_scope(@site.posts_for(@lang), policy_scope_class: PostPolicy::Scope) diff --git a/app/policies/site_policy.rb b/app/policies/site_policy.rb index d334055d..3050f307 100644 --- a/app/policies/site_policy.rb +++ b/app/policies/site_policy.rb @@ -6,9 +6,9 @@ class SitePolicy < SuttyPolicy @site = site end - # Todxs lxs usuarixs pueden ver el índice + # Solo las usuarias def index? - true + usuaria? end # Todxs lxs usuarixs pueden ver el sitio diff --git a/app/views/layouts/_breadcrumb.haml b/app/views/layouts/_breadcrumb.haml index 4862d69c..4027da57 100644 --- a/app/views/layouts/_breadcrumb.haml +++ b/app/views/layouts/_breadcrumb.haml @@ -2,6 +2,9 @@ %ol.breadcrumb %li.breadcrumb-item= render 'login/logout' - crumbs.compact.each do |crumb| + - if current_user.is_a? Invitadx + - if /\/sites/ =~ crumb + - next - if crumb == crumbs.last %li.breadcrumb-item.active{'aria-current': 'page'}= crumb - else diff --git a/config/application.rb b/config/application.rb index cf327a3a..e3c36b1b 100644 --- a/config/application.rb +++ b/config/application.rb @@ -24,5 +24,6 @@ module Sutty # Settings in config/environments/* take precedence over those specified here. # Application configuration should go into files in config/initializers # -- all .rb files in that directory are automatically loaded. + config.action_dispatch.rescue_responses['Pundit::NotAuthorizedError'] = :forbidden end end