Permissions for Project Snippet fixed
This commit is contained in:
Andrew8xx8
parent
033037a059
commit
e3351287b4
3 changed files with 8 additions and 8 deletions
|
|
@ -3,16 +3,16 @@ class Projects::SnippetsController < Projects::ApplicationController
|
||||||
before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw]
|
before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw]
|
||||||
|
|
||||||
# Allow read any snippet
|
# Allow read any snippet
|
||||||
before_filter :authorize_read_snippet!
|
before_filter :authorize_read_project_snippet!
|
||||||
|
|
||||||
# Allow write(create) snippet
|
# Allow write(create) snippet
|
||||||
before_filter :authorize_write_snippet!, only: [:new, :create]
|
before_filter :authorize_write_project_snippet!, only: [:new, :create]
|
||||||
|
|
||||||
# Allow modify snippet
|
# Allow modify snippet
|
||||||
before_filter :authorize_modify_snippet!, only: [:edit, :update]
|
before_filter :authorize_modify_project_snippet!, only: [:edit, :update]
|
||||||
|
|
||||||
# Allow destroy snippet
|
# Allow destroy snippet
|
||||||
before_filter :authorize_admin_snippet!, only: [:destroy]
|
before_filter :authorize_admin_project_snippet!, only: [:destroy]
|
||||||
|
|
||||||
layout 'project_resource'
|
layout 'project_resource'
|
||||||
|
|
||||||
|
|
@ -80,11 +80,11 @@ class Projects::SnippetsController < Projects::ApplicationController
|
||||||
@snippet ||= @project.snippets.find(params[:id])
|
@snippet ||= @project.snippets.find(params[:id])
|
||||||
end
|
end
|
||||||
|
|
||||||
def authorize_modify_snippet!
|
def authorize_modify_project_snippet!
|
||||||
return render_404 unless can?(current_user, :modify_project_snippet, @snippet)
|
return render_404 unless can?(current_user, :modify_project_snippet, @snippet)
|
||||||
end
|
end
|
||||||
|
|
||||||
def authorize_admin_snippet!
|
def authorize_admin_project_snippet!
|
||||||
return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
|
return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
Snippets
|
Snippets
|
||||||
%small share code pastes with others out of git repository
|
%small share code pastes with others out of git repository
|
||||||
|
|
||||||
- if can? current_user, :write_snippet, @project
|
- if can? current_user, :write_project_snippet, @project
|
||||||
= link_to new_project_snippet_path(@project), class: "btn btn-small add_new pull-right", title: "New Snippet" do
|
= link_to new_project_snippet_path(@project), class: "btn btn-small add_new pull-right", title: "New Snippet" do
|
||||||
Add new snippet
|
Add new snippet
|
||||||
%br
|
%br
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
%h3.page_title
|
%h3.page_title
|
||||||
= @snippet.title
|
= @snippet.title
|
||||||
%small= @snippet.file_name
|
%small= @snippet.file_name
|
||||||
- if can?(current_user, :admin_snippet, @project) || @snippet.author == current_user
|
- if can?(current_user, :admin_project_snippet, @project) || @snippet.author == current_user
|
||||||
= link_to "Edit", edit_project_snippet_path(@project, @snippet), class: "btn btn-small pull-right", title: 'Edit Snippet'
|
= link_to "Edit", edit_project_snippet_path(@project, @snippet), class: "btn btn-small pull-right", title: 'Edit Snippet'
|
||||||
|
|
||||||
%br
|
%br
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue