consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Simplify CKEditor authorization

Browse Source 
We can use the `config.authorize_with` option, so we don't need to copy
the controller in order to load and authorize resource.

Besides, only administrators can upload images, so we don't need to
track the image's user id.
This commit is contained in:
Javi Martín
2018-09-07 14:03:01 +02:00
parent 7347874f4b
commit 43e83889ff
5 changed files with 2 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/controllers/application_controller.rb
View File

@@ -27,16 +27,8 @@ class ApplicationController < ActionController::Base
respond_to :html
helper_method :current_budget
before_action :set_user_for_ckeditor_pictures
private
def set_user_for_ckeditor_pictures
if request.path == '/ckeditor/pictures' && request.request_method == 'POST'
params['user_id'] = current_user.id
end
end
def authenticate_http_basic
authenticate_or_request_with_http_basic do |username, password|
username == Rails.application.secrets.http_basic_username && password == Rails.application.secrets.http_basic_password