t#30558:fix auth filter

[pettanr/pettanr.git] / app / controllers / pictures_controller.rb

diff --git a/app/controllers/pictures_controller.rb b/app/controllers/pictures_controller.rb
index 12fc5f6..b8ab99d 100644 (file)
--- a/app/controllers/pictures_controller.rb
+++ b/app/controllers/pictures_controller.rb
@@ -2,14 +2,16 @@ class PicturesController < ApplicationController
   layout 'test' if MagicNumber['test_layout']
   if MagicNumber['run_mode'] == 0
     before_filter :authenticate_user, :only => []
+    before_filter :authenticate_author, :only => []
   else
     before_filter :authenticate_user, :only => []
     before_filter :authenticate_resource_reader, :only => [:show, :credit, :search]
+    before_filter :authenticate_author, :only => []
   end
   before_filter :authenticate_admin!, :only => [:list, :browse]
   
   def show
-    @picture = Picture.show(params[:id], [@author, @admin, @demand_user])
+    @picture = Picture.show(params[:id], [@user, @admin, @demand_user])
 
     respond_to do |format|
       opt = {:type => @picture.mime_type, :disposition=>"inline"}
@@ -22,7 +24,7 @@ class PicturesController < ApplicationController
   end
   
   def credit
-    @picture = Picture.show(params[:id], [@author, @admin, @demand_user])
+    @picture = Picture.show(params[:id], [@user, @admin, @demand_user])
 
     respond_to do |format|
       format.html { render :layout => false } # show.html.erb