diff options
| author |   Alex Legler <a3li@gentoo.org> | 2011-10-24 20:54:00 +0200 |
|---|---|---|
| committer | Alex Legler <a3li@gentoo.org> | 2011-10-24 20:54:00 +0200 |
| commit | d0bfdd23c6314c71ac32bfb47bf4f5c53273d54f (patch) | |
| tree | 16d6b3e70349e095861a88fc1d3002fea6ca9361 | |
| parent | Spell-check the title (diff) | |
| download | glsamaker-d0bfdd23c6314c71ac32bfb47bf4f5c53273d54f.tar.gz glsamaker-d0bfdd23c6314c71ac32bfb47bf4f5c53273d54f.tar.bz2 glsamaker-d0bfdd23c6314c71ac32bfb47bf4f5c53273d54f.zip | |
Don't show the CVETool to contributors
| -rw-r--r-- | app/controllers/cve_controller.rb | 10 | ||||
| -rw-r--r-- | app/views/cve/info.html.erb | 2 | ||||
| -rw-r--r-- | app/views/layouts/application.html.erb | 2 |
3 files changed, 13 insertions, 1 deletions
diff --git a/app/controllers/cve_controller.rb b/app/controllers/cve_controller.rb index ba5ea39..0a47dd3 100644 --- a/app/controllers/cve_controller.rb +++ b/app/controllers/cve_controller.rb @@ -2,6 +2,8 @@ class CveController < ApplicationController include ApplicationHelper include CveHelper + before_filter :check_access, :except => [:info, :general_info, :references, :packages, :comments, :changes] + def index @pageID = 'cve' end @@ -290,4 +292,12 @@ class CveController < ApplicationController render :text => e.message, :status => 500 end + protected + def check_access + if current_user.access < 2 + deny_access "User has no access to the CVEtool" + return false + end + end + end diff --git a/app/views/cve/info.html.erb b/app/views/cve/info.html.erb index ac692ef..33a9383 100644 --- a/app/views/cve/info.html.erb +++ b/app/views/cve/info.html.erb @@ -27,7 +27,7 @@ uki({ view: 'VSplitPane', rect: '500 600', anchors: 'left top right bottom', top { view: 'Button', rect: '135 4 70 20', text: 'Packages', anchors: 'bottom left', id: 'packages' }, { view: 'Button', rect: '210 4 80 20', text: 'Comments', anchors: 'bottom left', id: 'comments' }, { view: 'Button', rect: '295 4 60 20', text: 'Changes', anchors: 'bottom left', id: 'changes' }, - { view: 'Button', rect: '430 4 60 20', text: 'Actions', anchors: 'bottom right', id: 'actions' }, + <% if current_user.access >= 2 %>{ view: 'Button', rect: '430 4 60 20', text: 'Actions', anchors: 'bottom right', id: 'actions' },<% end %> ] } ]} }).attachTo(window, '500 600'); diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index de00f3c..8ae5101 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -57,12 +57,14 @@ <li><%= link_to "Drafts", drafts_glsas_path, :class => 'drafts' %></li> <li><%= link_to "Archive", archive_glsas_path, :class => 'archive' %></li> + <% if current_user.access >= 2 %> <li style="margin-right: 2em;"> </li> <li><a href="/cve/list" class="cve">CVETool</a></li> <% if Module.constants.include? "Secunia" %> <li style="margin-right: 2em;"> </li> <li><a href="/" class="secunia">Secunia Advisories</a></li> <% end %> + <% end %> </ul> </div> |