From 42722d03a051d2ba118b4ec17928b3e72f896532 Mon Sep 17 00:00:00 2001
From: Logan Fick <logaldeveloper@protonmail.com>
Date: Sat, 11 Nov 2017 20:45:25 -0500
Subject: Made having a confirmed email required to manage info pages.

---
 app/controllers/info_controller.rb |  2 +-
 app/views/info/edit.html.erb       | 18 ++++++++++++++----
 app/views/info/new.html.erb        | 16 +++++++++++++---
 3 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/app/controllers/info_controller.rb b/app/controllers/info_controller.rb
index 7834d2a..86605d7 100644
--- a/app/controllers/info_controller.rb
+++ b/app/controllers/info_controller.rb
@@ -62,7 +62,7 @@ class InfoController < ApplicationController
   end
 
   def auth
-    unless mod?
+    unless mod? && current_user.confirmed?
       flash[:alert] = "You are not allowed to edit info pages!"
       redirect_to @info ? @info : info_index_path
     end
diff --git a/app/views/info/edit.html.erb b/app/views/info/edit.html.erb
index 0f90c74..7443e3f 100644
--- a/app/views/info/edit.html.erb
+++ b/app/views/info/edit.html.erb
@@ -1,10 +1,20 @@
 <% title "Edit Info: #{@info.title}" %>
 
+<%
+  def can_edit?
+    mod? && current_user.confirmed?
+  end
+%>
+
 <h1>Edit Info</h1>
 <%= form_for @info do |f|%>
-  <%= f.text_field :title%>
-  <%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content} %>
-  <p><%= f.submit "Update Info", class: "btn blue left" %></p>
+  <%= f.text_field :title, disabled: !can_edit? %>
+  <%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content, options: {disabled: !can_edit?}} %>
+  <p><%= f.submit "Update Info", class: "btn blue left", disabled: !can_edit? %></p>
 <% end %>
-<p><%= button_to "Delete Info", @info, method: "delete", data: {confirm: "Are you sure you want to delete this info page?"}, class: "btn red right" %></p>
+<p><%= button_to "Delete Info", @info, method: "delete", data: {confirm: "Are you sure you want to delete this info page?"}, class: "btn red right", disabled: !can_edit? %></p>
 <div class="clear"></div>
+
+<% if !current_user.confirmed? %>
+  <span class='red-alert'>You must confirm your email before you can edit info pages.</span>
+<% end %>
diff --git a/app/views/info/new.html.erb b/app/views/info/new.html.erb
index 55abdb7..dc50720 100644
--- a/app/views/info/new.html.erb
+++ b/app/views/info/new.html.erb
@@ -1,9 +1,19 @@
 <% title "New Info" %>
 
+<%
+  def can_create?
+    mod? && current_user.confirmed?
+  end
+%>
+
 <h1>New Info</h1>
 <%= form_for @info, url: info_index_path do |f|%>
-  <%= f.text_field :title, placeholder: "Title" %>
-  <%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content} %>
-  <p><%= f.submit "Create Info", class: "btn blue left" %></p>
+  <%= f.text_field :title, placeholder: "Title", disabled: !can_create? %>
+  <%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content, options: {disabled: !can_create?}} %>
+  <p><%= f.submit "Create Info", class: "btn blue left", disabled: !can_create? %></p>
   <div class="clear"></div>
+
+  <% if !current_user.confirmed? %>
+    <span class='red-alert'>You must confirm your email before you can create new info pages.</span>
+  <% end %>
 <% end %>
-- 
cgit v1.2.3