deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Abilities extended. Resources security improved

Browse source
This commit is contained in:
Dmitriy Zaporozhets 2012-02-22 00:31:18 +02:00
parent af82b6773b
commit 8c40aab120
16 changed files with 51 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/controllers/issues_controller.rb
View file

@ -126,12 +126,11 @@ class IssuesController < ApplicationController
end
def authorize_modify_issue!
can?(current_user, :modify_issue, @issue) ||
@issue.assignee == current_user
return render_404 unless can?(current_user, :modify_issue, @issue)
end
def authorize_admin_issue!
can?(current_user, :admin_issue, @issue)
return render_404 unless can?(current_user, :admin_issue, @issue)
end
def module_enabled