Free order_article resource from finance namespace; also unlock for role_orders

2013-12-31 11:41:14 +01:00 · 2013-12-31 11:41:14 +01:00 · baa5f16cfc
commit baa5f16cfc
parent 9ed906f425
18 changed files with 40 additions and 35 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -47,6 +47,7 @@ class ApplicationController < ActionController::Base
      when "article_meta" then current_user.role_article_meta?
      when "suppliers"  then current_user.role_suppliers?
      when "orders" then current_user.role_orders?
+      when "finance_or_orders" then (current_user.role_finance? || current_user.role_orders?)
      when "any" then true        # no role required
      else false                  # any unknown role will always fail
      end
@ -78,6 +79,10 @@ class ApplicationController < ActionController::Base
    authenticate('orders')
  end

+  def authenticate_finance_or_orders
+    authenticate('finance_or_orders')
+  end
+
  # checks if the current_user is member of given group.
  # if fails the user will redirected to startpage
  def authenticate_membership_or_admin(group_id = params[:id])