Merge pull request #165 from warpc/150-acl-collaborators

[Fix #150] Disable edit and update action for non-admin collaborators in projects.

app/controllers/collaborators_controller.rb

@@ -6,7 +6,8 @@ class CollaboratorsController < ApplicationController
   before_filter :find_users
   before_filter :find_groups
 
-  load_and_authorize_resource :project
+  load_resource :project
+  before_filter :authorize_collaborators
 
   def index
     redirect_to edit_project_collaborators_path(@project)
@@ -130,4 +131,8 @@ class CollaboratorsController < ApplicationController
     def find_groups
       @groups = @project.groups#Group.all
     end
+
+    def authorize_collaborators
+      authorize! :update, @project
+    end
 end