diff options
author | Logan Fick <logaldeveloper@protonmail.com> | 2017-11-19 15:33:02 -0500 |
---|---|---|
committer | Logan Fick <logaldeveloper@protonmail.com> | 2017-11-19 15:33:02 -0500 |
commit | 40337f9e68873fcd54773f109deaf09cb454dd54 (patch) | |
tree | 24d408af1dbb6816ff7d044ecd0e4adc851cf1a1 | |
parent | 42722d03a051d2ba118b4ec17928b3e72f896532 (diff) |
Made having a confirmed email required to manage blog posts.permission-and-message-improvements
-rw-r--r-- | app/controllers/blogposts_controller.rb | 2 | ||||
-rw-r--r-- | app/views/blogposts/edit.html.erb | 20 | ||||
-rw-r--r-- | app/views/blogposts/new.html.erb | 16 |
3 files changed, 29 insertions, 9 deletions
diff --git a/app/controllers/blogposts_controller.rb b/app/controllers/blogposts_controller.rb index 1ff310d..72fa68f 100644 --- a/app/controllers/blogposts_controller.rb +++ b/app/controllers/blogposts_controller.rb @@ -69,7 +69,7 @@ class BlogpostsController < ApplicationController end def auth - unless mod? + unless mod? && current_user.confirmed? flash[:alert] = "You are not allowed to edit posts!" redirect_to @post ? @post : blogposts_path end diff --git a/app/views/blogposts/edit.html.erb b/app/views/blogposts/edit.html.erb index 25da324..94bbc9f 100644 --- a/app/views/blogposts/edit.html.erb +++ b/app/views/blogposts/edit.html.erb @@ -1,10 +1,20 @@ <% title "Edit News: #{@post.title}" %> +<% + def can_edit? + mod? && current_user.confirmed? + end +%> + <h1>Edit post</h1> <%= form_for @post do |f|%> - <%= f.text_field :title %> - <%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content} %> - <p><%= f.submit "Update Post", class: "btn blue left" %></p> + <%= f.text_field :title, disabled: !can_edit? %> + <%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content, options: {disabled: !can_edit?}} %> + <p><%= f.submit "Update Post", class: "btn blue left", disabled: !can_edit? %></p> +<% end %> +<p><%= button_to "Delete post", @post, method: "delete", data: {confirm: "Delete post & comments forever?"}, class: "btn red right", disabled: !can_edit? %></p> +<div class="clear"></div> + +<% if !current_user.confirmed? %> + <span class='red-alert'>You must confirm your email before you can edit blog posts.</span> <% end %> -<p><%= button_to "Delete post", @post, method: "delete", data: {confirm: "Delete post & comments forever?"}, class: "btn red right" %></p> -<div class="clear"></div>
\ No newline at end of file diff --git a/app/views/blogposts/new.html.erb b/app/views/blogposts/new.html.erb index b923002..64a69c4 100644 --- a/app/views/blogposts/new.html.erb +++ b/app/views/blogposts/new.html.erb @@ -1,9 +1,19 @@ <% title "New Blog Post" %> +<% + def can_create? + admin? && current_user.confirmed? + end +%> + <h1>New Post</h1> <%= form_for @post do |f|%> - <%= f.text_field :title, placeholder: "Title" %> - <%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content} %> - <p><%= f.submit "Create Post", class: "btn blue left" %></p> + <%= f.text_field :title, placeholder: "Title", disabled: !can_create? %> + <%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content, options: {disabled: !can_create?}} %> + <p><%= f.submit "Create Post", class: "btn blue left", disabled: !can_create? %></p> <div class="clear"></div> + + <% if !current_user.confirmed? %> + <span class='red-alert'>You must confirm your email before you can create new blog posts.</span> + <% end %> <% end %> |