Visiting /edit when not authenticated now sends users to the login page.

2011-09-04 01:15:43 +08:00 · 2011-09-04 01:15:43 +08:00 · 8dbd51734a
commit 8dbd51734a
parent 82b763c1bf
3 changed files with 9 additions and 2 deletions
--- a/app/controllers/admin/rendering_controller.rb
+++ b/app/controllers/admin/rendering_controller.rb
@ -6,10 +6,17 @@ module Admin
    include Locomotive::Render

    before_filter :require_site
+    before_filter :authenticate_admin!, :only => [:edit]
+    before_filter :validate_site_membership, :only => [:edit]

    def show
      render_locomotive_page
    end

+    def edit
+      @editing = true
+      render_locomotive_page
+    end
+
  end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -65,6 +65,6 @@ Rails.application.routes.draw do

  # magic urls
  match '/' => 'admin/rendering#show'
-  match '*path/edit' => 'admin/rendering#show', :defaults => { :editing => true }
+  match '*path/edit' => 'admin/rendering#edit'
  match '*path' => 'admin/rendering#show'
 end
--- a/lib/locomotive/render.rb
+++ b/lib/locomotive/render.rb
@ -111,7 +111,7 @@ module Locomotive
      end

      def editing_page?
-        self.params[:editing] == true && current_admin
+        @editing
      end

      def page_status