From ffb14f9368f89445150ddec422447ce11e6239b3 Mon Sep 17 00:00:00 2001
From: Andrew Kennedy <andrew@jackrussellsoftware.com>
Date: Fri, 13 Jan 2012 21:50:35 -0500
Subject: [PATCH 1/3] restrict add/edit snippets under page tab based on user
 access

---
 app/views/admin/pages/tabs/_snippets.html.erb |  3 +-
 .../pages/tabs/_snippets_content.html.erb     |  2 +-
 .../admin/pages/tabs/_snippets_field.html.erb | 57 ++++++++++---------
 .../pages/tabs/_snippets_list_item.html.erb   | 16 +++---
 4 files changed, 41 insertions(+), 37 deletions(-)

diff --git a/app/views/admin/pages/tabs/_snippets.html.erb b/app/views/admin/pages/tabs/_snippets.html.erb
index 2091670..0a57da7 100644
--- a/app/views/admin/pages/tabs/_snippets.html.erb
+++ b/app/views/admin/pages/tabs/_snippets.html.erb
@@ -1,3 +1,4 @@
+<% user_can_modify_snippets = ::Refinery::Plugins.active.names.include?("snippets") %>
 <div class="wym_skin_refinery page_part" id="page_snippet_picker">
-  <%= render :partial => '/admin/pages/tabs/snippets_content', :locals => {:f => f} %>
+  <%= render :partial => '/admin/pages/tabs/snippets_content', :locals => {:f => f, :user_can_modify_snippets => user_can_modify_snippets} %>
 </div>
\ No newline at end of file
diff --git a/app/views/admin/pages/tabs/_snippets_content.html.erb b/app/views/admin/pages/tabs/_snippets_content.html.erb
index df74592..5aa565c 100644
--- a/app/views/admin/pages/tabs/_snippets_content.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_content.html.erb
@@ -8,7 +8,7 @@
     <% end %>
     </ul>
   </div>
-  <%= render :partial => '/admin/pages/tabs/snippets_field', :collection => @page.parts, :as => :part %>
+  <%= render :partial => '/admin/pages/tabs/snippets_field', :collection => @page.parts, :as => :part, :locals => {:user_can_modify_snippets => user_can_modify_snippets} %>
 <% end %>
 
 <% content_for :stylesheets do %>
diff --git a/app/views/admin/pages/tabs/_snippets_field.html.erb b/app/views/admin/pages/tabs/_snippets_field.html.erb
index 875761c..83d2f85 100644
--- a/app/views/admin/pages/tabs/_snippets_field.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_field.html.erb
@@ -4,42 +4,43 @@
     <% if part.snippets.before.any? %>
       <h2><%= t('.before_body') %></h2>
       <ul>
-        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.before, :as => :snippet, :locals => {:part => part, :before_body => true} %>
+        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.before, :as => :snippet, :locals => {:part => part, :before_body => true, :user_can_modify_snippets => user_can_modify_snippets} %>
       </ul>
     <% end %>
     <% if part.snippets.after.any? %>
       <h2><%= t('.after_body') %></h2>
       <ul>
-        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.after, :as => :snippet, :locals => {:part => part, :before_body => false} %>
-      </ul>
-    <% end %>
-  </div>
-
-  <div class="inactive-snippets">
-    <% inactive_snippets = Snippet.all %>
-    <% if inactive_snippets.length > 0 %>
-      <h2><%= t('.inactive') %></h2>
-      <ul>
-        <% inactive_snippets.each do |snippet| %>
-          <li class='clearfix record <%= cycle('on', 'on-hover') %>' >
-            <span class="title"><%= snippet.title %></span>
-            <div class="actions">
-              <% unless snippet.after?(part) %>
-                <%= link_to t('.add_after_body'), {:controller => 'snippets_page_parts', :action => 'add', :id => @page.id, :snippet_id => snippet.id, :part_id => part.id}, :class => 'add_icon add-snippet' %>
-              <% else %>
-                <span class="add_icon add-snippet"><%= t('.add_after_body') %></span>
-              <% end %>
-              <% unless snippet.before?(part) %>
-                <%= link_to t('.add_before_body'), {:controller => 'snippets_page_parts', :action => 'add', :id => @page.id, :snippet_id => snippet.id, :part_id => part.id, :before_body => 'true'}, :class => 'add_icon add-snippet' %>
-              <% else %>
-                <span class="add_icon add-snippet"><%= t('.add_before_body') %></span>
-              <% end %>
-            </div>
-          </li>
-        <% end %>
+        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.after, :as => :snippet, :locals => {:part => part, :before_body => false, :user_can_modify_snippets => user_can_modify_snippets} %>
       </ul>
     <% end %>
   </div>
+  <% if user_can_modify_snippets %>
+    <div class="inactive-snippets">
+      <% inactive_snippets = Snippet.all %>
+      <% if inactive_snippets.length > 0 %>
+        <h2><%= t('.inactive') %></h2>
+        <ul>
+          <% inactive_snippets.each do |snippet| %>
+            <li class='clearfix record <%= cycle('on', 'on-hover') %>' >
+              <span class="title"><%= snippet.title %></span>
+              <div class="actions">
+                <% unless snippet.after?(part) %>
+                  <%= link_to t('.add_after_body'), {:controller => 'snippets_page_parts', :action => 'add', :id => @page.id, :snippet_id => snippet.id, :part_id => part.id}, :class => 'add_icon add-snippet' %>
+                <% else %>
+                  <span class="add_icon add-snippet"><%= t('.add_after_body') %></span>
+                <% end %>
+                <% unless snippet.before?(part) %>
+                  <%= link_to t('.add_before_body'), {:controller => 'snippets_page_parts', :action => 'add', :id => @page.id, :snippet_id => snippet.id, :part_id => part.id, :before_body => 'true'}, :class => 'add_icon add-snippet' %>
+                <% else %>
+                  <span class="add_icon add-snippet"><%= t('.add_before_body') %></span>
+                <% end %>
+              </div>
+            </li>
+          <% end %>
+        </ul>
+      <% end %>
+    </div>
+  <% end %>
 </div>
 
 
diff --git a/app/views/admin/pages/tabs/_snippets_list_item.html.erb b/app/views/admin/pages/tabs/_snippets_list_item.html.erb
index 44c1dd4..361f0c5 100644
--- a/app/views/admin/pages/tabs/_snippets_list_item.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_list_item.html.erb
@@ -10,11 +10,13 @@
       </span>
     <% end %>
   </span>
-  <span class='actions'>
-    <%= link_to refinery_icon_tag('application_edit.png'), edit_admin_snippet_path(snippet),
-        :title => t('.edit') %>
-    <%= link_to refinery_icon_tag('delete.png'), url_for({:controller => 'snippets_page_parts', :action => 'remove', :id => @page.id, :snippet_id => snippet.id, :part_id => part.id, :before_body => before_body}),
-        :title => t('.remove'),
-        :class => 'remove-snippet' %>
-  </span>
+  <% if user_can_modify_snippets %>
+    <span class='actions'>
+      <%= link_to refinery_icon_tag('application_edit.png'), edit_admin_snippet_path(snippet),
+          :title => t('.edit') %>
+      <%= link_to refinery_icon_tag('delete.png'), url_for({:controller => 'snippets_page_parts', :action => 'remove', :id => @page.id, :snippet_id => snippet.id, :part_id => part.id, :before_body => before_body}),
+          :title => t('.remove'),
+          :class => 'remove-snippet' %>
+    </span>
+  <% end %>
 </li>

From 5aaa9ba2947a8335afb126ad30da82fe6daca74e Mon Sep 17 00:00:00 2001
From: Andrew Kennedy <andrew@jackrussellsoftware.com>
Date: Sat, 14 Jan 2012 01:56:42 -0500
Subject: [PATCH 2/3] just include condition where necessary instead of passing
 through all the view partials

---
 app/views/admin/pages/tabs/_snippets.html.erb           | 3 +--
 app/views/admin/pages/tabs/_snippets_content.html.erb   | 2 +-
 app/views/admin/pages/tabs/_snippets_field.html.erb     | 6 +++---
 app/views/admin/pages/tabs/_snippets_list_item.html.erb | 2 +-
 4 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/app/views/admin/pages/tabs/_snippets.html.erb b/app/views/admin/pages/tabs/_snippets.html.erb
index 0a57da7..2091670 100644
--- a/app/views/admin/pages/tabs/_snippets.html.erb
+++ b/app/views/admin/pages/tabs/_snippets.html.erb
@@ -1,4 +1,3 @@
-<% user_can_modify_snippets = ::Refinery::Plugins.active.names.include?("snippets") %>
 <div class="wym_skin_refinery page_part" id="page_snippet_picker">
-  <%= render :partial => '/admin/pages/tabs/snippets_content', :locals => {:f => f, :user_can_modify_snippets => user_can_modify_snippets} %>
+  <%= render :partial => '/admin/pages/tabs/snippets_content', :locals => {:f => f} %>
 </div>
\ No newline at end of file
diff --git a/app/views/admin/pages/tabs/_snippets_content.html.erb b/app/views/admin/pages/tabs/_snippets_content.html.erb
index 5aa565c..df74592 100644
--- a/app/views/admin/pages/tabs/_snippets_content.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_content.html.erb
@@ -8,7 +8,7 @@
     <% end %>
     </ul>
   </div>
-  <%= render :partial => '/admin/pages/tabs/snippets_field', :collection => @page.parts, :as => :part, :locals => {:user_can_modify_snippets => user_can_modify_snippets} %>
+  <%= render :partial => '/admin/pages/tabs/snippets_field', :collection => @page.parts, :as => :part %>
 <% end %>
 
 <% content_for :stylesheets do %>
diff --git a/app/views/admin/pages/tabs/_snippets_field.html.erb b/app/views/admin/pages/tabs/_snippets_field.html.erb
index 83d2f85..3de4951 100644
--- a/app/views/admin/pages/tabs/_snippets_field.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_field.html.erb
@@ -4,17 +4,17 @@
     <% if part.snippets.before.any? %>
       <h2><%= t('.before_body') %></h2>
       <ul>
-        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.before, :as => :snippet, :locals => {:part => part, :before_body => true, :user_can_modify_snippets => user_can_modify_snippets} %>
+        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.before, :as => :snippet, :locals => {:part => part, :before_body => true} %>
       </ul>
     <% end %>
     <% if part.snippets.after.any? %>
       <h2><%= t('.after_body') %></h2>
       <ul>
-        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.after, :as => :snippet, :locals => {:part => part, :before_body => false, :user_can_modify_snippets => user_can_modify_snippets} %>
+        <%= render :partial => '/admin/pages/tabs/snippets_list_item', :collection => part.snippets.after, :as => :snippet, :locals => {:part => part, :before_body => false} %>
       </ul>
     <% end %>
   </div>
-  <% if user_can_modify_snippets %>
+  <% if ::Refinery::Plugins.active.names.include?("snippets") %> %>
     <div class="inactive-snippets">
       <% inactive_snippets = Snippet.all %>
       <% if inactive_snippets.length > 0 %>
diff --git a/app/views/admin/pages/tabs/_snippets_list_item.html.erb b/app/views/admin/pages/tabs/_snippets_list_item.html.erb
index 361f0c5..c519b8d 100644
--- a/app/views/admin/pages/tabs/_snippets_list_item.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_list_item.html.erb
@@ -10,7 +10,7 @@
       </span>
     <% end %>
   </span>
-  <% if user_can_modify_snippets %>
+  <% if ::Refinery::Plugins.active.names.include?("snippets") %>
     <span class='actions'>
       <%= link_to refinery_icon_tag('application_edit.png'), edit_admin_snippet_path(snippet),
           :title => t('.edit') %>

From ba59633c89cf94a3c7f1ea80c8765c55e7aad5ef Mon Sep 17 00:00:00 2001
From: Andrew Kennedy <andrew@jackrussellsoftware.com>
Date: Sat, 14 Jan 2012 02:01:24 -0500
Subject: [PATCH 3/3] remove stray '%>'

---
 app/views/admin/pages/tabs/_snippets_field.html.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/admin/pages/tabs/_snippets_field.html.erb b/app/views/admin/pages/tabs/_snippets_field.html.erb
index 3de4951..5265adc 100644
--- a/app/views/admin/pages/tabs/_snippets_field.html.erb
+++ b/app/views/admin/pages/tabs/_snippets_field.html.erb
@@ -14,7 +14,7 @@
       </ul>
     <% end %>
   </div>
-  <% if ::Refinery::Plugins.active.names.include?("snippets") %> %>
+  <% if ::Refinery::Plugins.active.names.include?("snippets") %>
     <div class="inactive-snippets">
       <% inactive_snippets = Snippet.all %>
       <% if inactive_snippets.length > 0 %>