From 425f42dd8008d9962c7bee0cadfbdcf33e1f4f95 Mon Sep 17 00:00:00 2001 From: Andy Allan Date: Wed, 9 Jan 2019 15:27:29 +0100 Subject: [PATCH] Use CanCanCan for messages controller --- app/abilities/ability.rb | 1 + app/controllers/messages_controller.rb | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/app/abilities/ability.rb b/app/abilities/ability.rb index 1fcf6cbee..c4ea4ef8f 100644 --- a/app/abilities/ability.rb +++ b/app/abilities/ability.rb @@ -17,6 +17,7 @@ class Ability if user can :welcome, :site can [:create, :edit, :comment, :subscribe, :unsubscribe], DiaryEntry + can [:new, :create, :reply, :show, :inbox, :outbox, :mark, :destroy], Message can [:close, :reopen], Note can [:new, :create], Report can [:account, :go_public, :make_friend, :remove_friend, :api_details, :api_gpx_files], User diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb index c93c998f0..dce0099e5 100644 --- a/app/controllers/messages_controller.rb +++ b/app/controllers/messages_controller.rb @@ -3,7 +3,9 @@ class MessagesController < ApplicationController before_action :authorize_web before_action :set_locale - before_action :require_user + + authorize_resource + before_action :lookup_user, :only => [:new, :create] before_action :check_database_readable before_action :check_database_writable, :only => [:new, :create, :reply, :mark, :destroy] -- 2.39.5