consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Disallow users to edit their legislation proposals

Browse Source
This commit is contained in:
María Checa
2017-09-22 11:39:17 +02:00
parent f3229007e8
commit ebfa3fb011
3 changed files with 2 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/abilities/common.rb
View File

@@ -19,7 +19,7 @@ module Abilities
can [:retire_form, :retire], Proposal, author_id: user.id
can :read, Legislation::Proposal
can :update, Legislation::Proposal do |proposal|
cannot [:edit, :update], Legislation::Proposal do |proposal|
proposal.editable_by?(user)
end
can [:retire_form, :retire], Legislation::Proposal, author_id: user.id

2
app/models/abilities/everyone.rb
View File

@@ -18,7 +18,7 @@ module Abilities
can [:read, :print], Budget::Investment
can :read_results, Budget, phase: "finished"
can :new, DirectMessage
can [:read, :debate, :draft_publication, :allegations, :result_publication], Legislation::Process, published: true
can [:read, :debate, :draft_publication, :allegations, :result_publication, :proposals], Legislation::Process, published: true
can [:read, :changes, :go_to_version], Legislation::DraftVersion
can [:read], Legislation::Question
can [:create], Legislation::Answer

12
app/views/legislation/proposals/show.html.erb
View File

@@ -16,18 +16,6 @@
<div class="small-12 medium-9 column">
<%= back_link_to %>
<% if can?(:create, @document) && @proposal.documents.size < Proposal.max_documents_allowed %>
<%= link_to t("documents.upload_document"),
new_document_path(documentable_id: @proposal, documentable_type: @proposal.class.name, from: request.url),
class: 'button hollow float-right' %>
<% end %>
<% if current_user && @proposal.editable_by?(current_user) %>
<%= link_to edit_legislation_process_proposal_path(@proposal.legislation_process_id, @proposal), class: 'edit-proposal button hollow float-right' do %>
<%= t("proposals.show.edit_proposal_link") %>
<% end %>
<% end %>
<h1><%= @proposal.title %></h1>
<% if @proposal.conflictive? %>
<div data-alert class="callout alert margin-top">