before_action :authorize_web
before_action :set_locale
- before_action :require_user
- before_action :check_permission
+
+ authorize_resource
+
before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
def index
private
def find_issue
- @issue = Issue.find(params[:id])
- end
-
- def check_permission
- unless current_user.administrator? || current_user.moderator?
- flash[:error] = t("application.require_moderator_or_admin.not_a_moderator_or_admin")
- redirect_to root_path
- end
+ @issue = Issue.visible_to(current_user).find(params[:id])
+ rescue ActiveRecord::RecordNotFound
+ head :not_found
end
end