team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

we are going to fix this by automatically generating data for ppl that register HOWEVER, just in case that fails for some reason, I have applied a filter that ensures if some data is not associated with a person they cannot navigate to all aspects of the application. This is a preventive measure

Browse Source
This commit is contained in:
Ken Johnson
2013-05-31 19:02:00 -04:00
parent c63275b3b3
commit 6199beb780
8 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/admin_controller.rb
+2
View File
@@ -1,5 +1,7 @@
class AdminController < ApplicationController
skip_before_filter :has_info
def dashboard
end
app/controllers/application_controller.rb
+15 -1
View File
@@ -1,6 +1,6 @@
class ApplicationController < ActionController::Base
before_filter :authenticated
before_filter :authenticated, :has_info
helper_method :current_user, :is_admin?
# Our security guy keep talking about sea-surfing, cool story bro.
@@ -27,4 +27,18 @@ class ApplicationController < ActionController::Base
end
end
def has_info
redirect = false
if current_user
begin
if !(current_user.retirement || current_user.paid_time_off.schedule || current_user.paid_time_off || current_user.work_info || current_user.performance)
redirect = true
end
rescue
redirect = true
end
end
redirect_to home_dashboard_index_path if redirect
end
end
app/controllers/dashboard_controller.rb
+2
View File
@@ -1,5 +1,7 @@
class DashboardController < ApplicationController
skip_before_filter :has_info
def home
@user = current_user
end
app/controllers/sessions_controller.rb
+1
View File
@@ -1,5 +1,6 @@
class SessionsController < ApplicationController
skip_before_filter :has_info
skip_before_filter :authenticated, :only => [:new, :create]
def new
app/controllers/tutorials_controller.rb
+1
View File
@@ -1,5 +1,6 @@
class TutorialsController < ApplicationController
skip_before_filter :has_info
skip_before_filter :authenticated
def index
app/controllers/users_controller.rb
+1
View File
@@ -1,5 +1,6 @@
class UsersController < ApplicationController
skip_before_filter :has_info
skip_before_filter :authenticated, :only => [:new, :create]
def new
app/views/dashboard/home.html.erb
+2
View File
@@ -4,7 +4,9 @@
<div class="row-fluid">
<div class="span12"> <!--begin span12 -->
<% if @user.paid_time_off %>
<%= render :partial => "layouts/dashboard/dashboard_stats"%>
<% end %>
</div> <!-- end span12 -->
</div>
</div>
app/views/users/account_settings.html.erb
+1 -1
View File
@@ -5,7 +5,7 @@
<div class="widget">
<div class="widget-header">
<div class="title">
<span class="fs1" aria-hidden="true" data-icon="&#xe023;"></span> Profile Settings
<span class="fs1" aria-hidden="true" data-icon="&#xe090;"></span> Profile Settings
<span class="mini-title">
Edit your account details
</span>