Home Explore Help
Register Sign In
maarten
/
aardbei
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 243 Releases 0 Wiki
Browse Source

Prevent non-organizers from editing

Maarten van den Berg 7 years ago
parent
2e4d2e0445
commit
1909ddcf03
2 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      app/controllers/activities_controller.rb
  2. 6 0
      app/helpers/activities_helper.rb

+ 1 - 0
app/controllers/activities_controller.rb
View File 

@@ -4,6 +4,7 @@ class ActivitiesController < ApplicationController
4 4 
   before_action :set_group
5 5 
   before_action :require_membership!
6 6 
   before_action :require_leader!, only: [:mass_new, :mass_create, :new, :create, :destroy]
7 
+  before_action :require_organizer!, only: [:edit, :update, :change_organizer]
7 8
8 9 
   # GET /groups/:id/activities
9 10 
   # GET /activities.json

+ 6 - 0
app/helpers/activities_helper.rb
View File 

@@ -1,2 +1,8 @@
1 1 
 module ActivitiesHelper
2 
+  def require_organizer!
3 
+    if !@activity.may_change?(current_person)
4 
+      flash_message(:danger, I18n.t('authentication.organizer_required'))
5 
+      redirect_to group_activity_path(@group, @activity)
6 
+    end
7 
+  end
2 8 
 end