t#30558:fix auth filter

[pettanr/pettanr.git] / app / controllers / authors_controller.rb

diff --git a/app/controllers/authors_controller.rb b/app/controllers/authors_controller.rb
index d5d0b5c..5e8632e 100644 (file)
--- a/app/controllers/authors_controller.rb
+++ b/app/controllers/authors_controller.rb
@@ -2,9 +2,11 @@ class AuthorsController < ApplicationController
   layout 'test' if MagicNumber['test_layout']
   if MagicNumber['run_mode'] == 0
     before_filter :authenticate_user, :only => [:new, :create, :edit, :update]
+    before_filter :authenticate_author, :only => [:edit, :update]
   else
     before_filter :authenticate_reader, :only => [:index, :show]
     before_filter :authenticate_user, :only => [:new, :create, :edit, :update]
+    before_filter :authenticate_author, :only => [:edit, :update]
   end
   before_filter :authenticate_admin!, :only => [:list, :browse]
 
@@ -20,7 +22,7 @@ class AuthorsController < ApplicationController
   end
 
   def show
-    @au = Author.show(params[:id], [@author, @admin])
+    @au = Author.show(params[:id], [@user, @admin])
 
     respond_to do |format|
       format.html