allow/deny user to create group/team

2013-01-25 11:30:49 +02:00 · 2013-01-25 11:30:49 +02:00 · 00e4a479d3
commit 00e4a479d3
parent 585a53c415
4 changed files with 32 additions and 10 deletions
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@ -6,6 +6,7 @@ class GroupsController < ApplicationController

  # Authorize
  before_filter :authorize_read_group!, except: [:new, :create]
+  before_filter :authorize_create_group!, only: [:new, :create]

  # Load group projects
  before_filter :projects, except: [:new, :create]
@ -103,4 +104,8 @@ class GroupsController < ApplicationController
      return render_404
    end
  end
+
+  def authorize_create_group!
+    can?(current_user, :create_group, nil)
+  end
 end