deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Abilities refactoring

Browse source
This commit is contained in:
Dmitriy Zaporozhets 2011-12-15 23:57:46 +02:00
parent 7a9fc48080
commit ccc9bed893
7 changed files with 83 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

22
app/controllers/snippets_controller.rb
View file

@ -5,8 +5,18 @@ class SnippetsController < ApplicationController
# Authorize
before_filter :add_project_abilities
# Allow read any snippet
before_filter :authorize_read_snippet!
before_filter :authorize_write_snippet!, :only => [:new, :create, :close, :edit, :update, :sort]
# Allow write(create) snippet
before_filter :authorize_write_snippet!, :only => [:new, :create]
# Allow modify snippet
before_filter :authorize_modify_snippet!, :only => [:edit, :update]
# Allow destroy snippet
before_filter :authorize_admin_snippet!, :only => [:destroy]
respond_to :html
@ -60,4 +70,14 @@ class SnippetsController < ApplicationController
redirect_to project_snippets_path(@project)
end
protected
def authorize_modify_snippet!
can?(current_user, :modify_snippet, @snippet)
end
def authorize_admin_snippet!
can?(current_user, :admin_snippet, @snippet)
end
end