From 6cf7a2e21d1d98421cc3324cc53109517fbebc8a Mon Sep 17 00:00:00 2001 From: Vokhmin Alexey V Date: Fri, 17 May 2013 00:07:40 +0400 Subject: [PATCH] #34: added access rights to Hooks only for global admins --- app/controllers/projects/hooks_controller.rb | 2 ++ app/views/projects/base/_sidebar.html.haml | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/app/controllers/projects/hooks_controller.rb b/app/controllers/projects/hooks_controller.rb index f1e12555e..30f47b2d0 100644 --- a/app/controllers/projects/hooks_controller.rb +++ b/app/controllers/projects/hooks_controller.rb @@ -1,6 +1,8 @@ # -*- encoding : utf-8 -*- class Projects::HooksController < Projects::BaseController before_filter :authenticate_user! + # TODO: remove + before_filter lambda { raise CanCan::AccessDenied unless current_user.admin? } load_and_authorize_resource :project load_and_authorize_resource :hook, :through => :project diff --git a/app/views/projects/base/_sidebar.html.haml b/app/views/projects/base/_sidebar.html.haml index 4b5429d7d..5b7fea884 100644 --- a/app/views/projects/base/_sidebar.html.haml +++ b/app/views/projects/base/_sidebar.html.haml @@ -10,8 +10,9 @@ = link_to t("layout.projects.edit"), edit_project_path(@project) %li{:class => (act == :sections && contr == :projects) ? 'active' : ''} = link_to t("layout.projects.sections"), sections_project_path(@project) - %li{:class => (contr == :hooks) ? 'active' : ''} - = link_to t("layout.projects.hooks"), project_hooks_path(@project) + - if current_user.admin? # TODO: remove + %li{:class => (contr == :hooks) ? 'active' : ''} + = link_to t("layout.projects.hooks"), project_hooks_path(@project) - if can? :manage_collaborators, @project %li{:class => (act == :index && contr == :collaborators) ? 'active' : ''} = link_to t("layout.projects.edit_collaborators"), project_collaborators_path(@project)