From b0c571e658e6e4c293e6a58e57ae0af1bb2d9062 Mon Sep 17 00:00:00 2001
From: taitus <sebastia.roig@gmail.com>
Date: Thu, 13 Jul 2017 18:39:17 +0200
Subject: [PATCH] Do not display send notification button when proposal is from
 another author.

---
 app/controllers/users_controller.rb | 9 ++-------
 app/models/abilities/common.rb      | 2 +-
 app/views/users/_proposal.html.erb  | 4 ++--
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 1392472c8..1c425e4ac 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -4,7 +4,6 @@ class UsersController < ApplicationController
   load_and_authorize_resource
   helper_method :author?
   helper_method :valid_interests_access?
-  helper_method :author_or_admin?
 
   def show
     load_filtered_activity if valid_access?
@@ -81,12 +80,8 @@ class UsersController < ApplicationController
       @user.public_interests || authorized_current_user?
     end
 
-    def author?
-      @author ||= current_user && (current_user == @user)
-    end
-
-    def author_or_admin?
-      @author_or_admin ||= current_user && (author? || current_user.administrator?)
+    def author?(proposal)
+      proposal.author_id == current_user.id
     end
 
     def authorized_current_user?
diff --git a/app/models/abilities/common.rb b/app/models/abilities/common.rb
index cf183ec53..33a9d50f6 100644
--- a/app/models/abilities/common.rb
+++ b/app/models/abilities/common.rb
@@ -50,7 +50,7 @@ module Abilities
         can :create, Budget::Investment,               budget: { phase: "accepting" }
         can :suggest, Budget::Investment,              budget: { phase: "accepting" }
         can :destroy, Budget::Investment,              budget: { phase: ["accepting", "reviewing"] }, author_id: user.id
-        can :vote, Budget::Investment, budget: { phase: "selecting" }
+        can :vote, Budget::Investment,                 budget: { phase: "selecting" }
         can [:show, :create], Budget::Ballot,          budget: { phase: "balloting" }
         can [:create, :destroy], Budget::Ballot::Line, budget: { phase: "balloting" }
 
diff --git a/app/views/users/_proposal.html.erb b/app/views/users/_proposal.html.erb
index 4d8e5451b..f5a361c19 100644
--- a/app/views/users/_proposal.html.erb
+++ b/app/views/users/_proposal.html.erb
@@ -5,7 +5,7 @@
     <%= proposal.summary %>
   </td>
 
-  <% if can? :retire_form, proposal %>
+  <% if author?(proposal) %>
     <td class="text-center">
       <%= link_to t("users.proposals.send_notification"),
                   new_proposal_notification_path(proposal_id: proposal.id),
@@ -13,7 +13,7 @@
     </td>
   <% end %>
 
-  <% if can? :new, ProposalNotification, author_id: proposal.author_id %>
+  <% if author?(proposal) || proposal.retired? %>
     <td class="text-center">
       <% if proposal.retired? %>
         <span class="label alert"><%= t('users.proposals.retired') %></span>