diff options
author | Alex Legler <alex@a3li.li> | 2011-08-20 12:01:59 +0200 |
---|---|---|
committer | Alex Legler <alex@a3li.li> | 2011-08-20 12:01:59 +0200 |
commit | aa6be6cf871ac358ad0df5e9ea41c8236eabcd36 (patch) | |
tree | 2726f4b625d9804a5e74776b4ebfa84feab34cec /app/controllers/application_controller.rb | |
parent | Remove more h() calls (diff) | |
download | glsamaker-aa6be6cf871ac358ad0df5e9ea41c8236eabcd36.tar.gz glsamaker-aa6be6cf871ac358ad0df5e9ea41c8236eabcd36.tar.bz2 glsamaker-aa6be6cf871ac358ad0df5e9ea41c8236eabcd36.zip |
Move check_object_access from glsa_controller to application_controller
Also, remove the empty check_access_level filter
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 98f7de2..5acaeb3 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -23,6 +23,24 @@ class ApplicationController < ActionController::Base include ApplicationHelper protected + # Checks access to a given GLSA + def check_object_access(glsa) + # Contributor, no foreign drafts + if current_user.access == 0 + unless glsa.is_owner? current_user + deny_access "Access to GLSA #{glsa.id} (#{params[:action]})" + return false + end + elsif current_user.access == 1 + if glsa.restricted + deny_access "Access to restricted GLSA #{glsa.id} (#{params[:action]})" + return false + end + end + + true + end + def deny_access(msg) logger.warn "[#{Time.now.rfc2822}] UNAUTHORIZED ACCESS by #{current_user.login} from #{request.remote_ip}: #{msg}" redirect_to :controller => '/index', :action => 'error', :type => 'access' |