From 9e17db376a1fb704dd186f669e3ae6e9b28e81d5 Mon Sep 17 00:00:00 2001
From: huang <huang.jingquan@163.com>
Date: Fri, 27 May 2016 14:44:28 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A7=A3=E5=86=B3=E7=BB=84=E7=BB=87=E4=B8=80?=
 =?UTF-8?q?=E7=BA=A7=E7=9B=AE=E5=BD=95=E4=BA=8C=E7=BA=A7=E7=9B=AE=E5=BD=95?=
 =?UTF-8?q?=E5=8C=BF=E5=90=8D=E7=94=A8=E6=88=B7=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/org_document_comments_controller.rb | 8 ++++++++
 app/controllers/sub_document_comments_controller.rb | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/app/controllers/org_document_comments_controller.rb b/app/controllers/org_document_comments_controller.rb
index 82062d3dd..d7e38f370 100644
--- a/app/controllers/org_document_comments_controller.rb
+++ b/app/controllers/org_document_comments_controller.rb
@@ -1,5 +1,6 @@
 class OrgDocumentCommentsController < ApplicationController
   before_filter :find_organization, :only => [:new, :create, :show, :index]
+  before_filter :authorize_allowed, :only => [:create, :add_reply]
   helper :attachments,:organizations
   layout 'base_org'
 
@@ -101,6 +102,13 @@ class OrgDocumentCommentsController < ApplicationController
     @organization = Organization.find(params[:organization_id])
   end
 
+  def authorize_allowed
+    unless User.current.logged?
+      redirect_to signin_url
+      return
+    end
+  end
+
   def destroy
     @org_document_comment = OrgDocumentComment.find(params[:id])
     @org_sub_id = @org_document_comment.org_subfield_id
diff --git a/app/controllers/sub_document_comments_controller.rb b/app/controllers/sub_document_comments_controller.rb
index cdf153a20..80c14f004 100644
--- a/app/controllers/sub_document_comments_controller.rb
+++ b/app/controllers/sub_document_comments_controller.rb
@@ -1,6 +1,7 @@
 class SubDocumentCommentsController < ApplicationController
   before_filter :find_subdomain_and_subfield, :only => [:new, :create, :show, :index, :destroy, :edit]
   before_filter :find_subfield_content, :only => [:show, :index]
+  before_filter :authorize_allowed, :only => [:create, :add_reply]
   helper :attachments,:organizations
   layout 'base_sub_domain'
 
@@ -207,4 +208,11 @@ class SubDocumentCommentsController < ApplicationController
   def find_subfield_content
     @subfield_content = @organization.org_subfields.order("priority")
   end
+
+  def authorize_allowed
+    unless User.current.logged?
+      redirect_to signin_url
+      return
+    end
+  end
 end