consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Authorize resource after authenticating user

Browse Source 
Just like it's done everywhere else in the application. Not doing so
means users who aren't logged in receive a "you aren't authorized"
message when they try to create a new legislation proposal instead of
being redirected to the login page.
This commit is contained in:
Javi Martín
2018-09-21 21:04:36 +02:00
parent 8064b53aad
commit ec18743251
2 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/legislation/proposals_controller.rb
View File

@@ -2,13 +2,13 @@ class Legislation::ProposalsController < Legislation::BaseController
include CommentableActions
include FlagActions
load_and_authorize_resource :process, class: "Legislation::Process"
load_and_authorize_resource :proposal, class: "Legislation::Proposal", through: :process
before_action :parse_tag_filter, only: :index
before_action :load_categories, only: [:index, :new, :create, :edit, :map, :summary]
before_action :load_geozones, only: [:edit, :map, :summary]
before_action :authenticate_user!, except: [:index, :show, :map, :summary]
load_and_authorize_resource :process, class: "Legislation::Process"
load_and_authorize_resource :proposal, class: "Legislation::Proposal", through: :process
invisible_captcha only: [:create, :update], honeypot: :subtitle