Remove unused authorization from controller

2016-04-20 10:57:31 -03:00 · 2016-04-20 10:57:31 -03:00 · eb99e5f5c1
parent 0b91ff287d
commit eb99e5f5c1
3 changed files with 2 additions and 8 deletions
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
@ -1,7 +1,6 @@
 class Projects::ProjectMembersController < Projects::ApplicationController
  # Authorize
  before_action :authorize_admin_project_member!, except: [:leave, :index]
-  before_action :authorize_read_members_list!, only: [:index]

  def index
    @project_members = @project.project_members
@ -113,8 +112,4 @@ class Projects::ProjectMembersController < Projects::ApplicationController
  def member_params
    params.require(:project_member).permit(:user_id, :access_level)
  end
-
-  def authorize_read_members_list!
-    render_403 unless can?(current_user, :read_members_list , @project)
-  end
 end
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@ -144,7 +144,7 @@ module ProjectsHelper
      nav_tabs << :settings
    end

-    if can?(current_user, :read_members_list, project)
+    if can?(current_user, :read_project_member, project)
      nav_tabs << :team
    end

--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@ -189,8 +189,7 @@ class Ability
        :create_project,
        :create_issue,
        :create_note,
-        :upload_file,
-        :read_members_list
+        :upload_file
      ]
    end