Abilities refactoring
This commit is contained in:
Dmitriy Zaporozhets
parent
7a9fc48080
commit
ccc9bed893
7 changed files with 83 additions and 8 deletions
|
|
@ -6,8 +6,18 @@ class IssuesController < ApplicationController
|
|||
|
||||
# Authorize
|
||||
before_filter :add_project_abilities
|
||||
|
||||
# Allow read any issue
|
||||
before_filter :authorize_read_issue!
|
||||
before_filter :authorize_write_issue!, :only => [:new, :create, :close, :edit, :update, :sort]
|
||||
|
||||
# Allow write(create) issue
|
||||
before_filter :authorize_write_issue!, :only => [:new, :create]
|
||||
|
||||
# Allow modify issue
|
||||
before_filter :authorize_modify_issue!, :only => [:close, :edit, :update, :sort]
|
||||
|
||||
# Allow destroy issue
|
||||
before_filter :authorize_admin_issue!, :only => [:destroy]
|
||||
|
||||
respond_to :js, :html
|
||||
|
||||
|
|
@ -115,4 +125,13 @@ class IssuesController < ApplicationController
|
|||
def issue
|
||||
@issue ||= @project.issues.find(params[:id])
|
||||
end
|
||||
|
||||
def authorize_modify_issue!
|
||||
can?(current_user, :modify_issue, @issue) ||
|
||||
@issue.assignee == current_user
|
||||
end
|
||||
|
||||
def authorize_admin_issue!
|
||||
can?(current_user, :admin_issue, @issue)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue