consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't skip authorization check managing cards

Browse Source 
I'm not sure why we were skipping this check.
This commit is contained in:
Javi Martín
2021-01-06 15:11:25 +01:00
parent ded5a8d468
commit 0762c66855
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/admin/site_customization/cards_controller.rb
View File

@@ -1,5 +1,4 @@
class Admin::SiteCustomization::CardsController < Admin::SiteCustomization::BaseController class Admin::SiteCustomization::CardsController < Admin::SiteCustomization::BaseController
skip_authorization_check
load_and_authorize_resource :page, class: "::SiteCustomization::Page" load_and_authorize_resource :page, class: "::SiteCustomization::Page"
load_and_authorize_resource :card, through: :page, class: "Widget::Card" load_and_authorize_resource :card, through: :page, class: "Widget::Card"