diff options
| author | Vlatka Pavisic | 2017-04-19 16:03:20 +0200 |
|---|---|---|
| committer | Vlatka Pavisic | 2017-04-19 16:03:29 +0200 |
| commit | b7684b0cd694605d2c140159c79f7155fb601130 (patch) | |
| tree | 97c9bad17b560f6d21e5db04631e77756e94a0f3 | |
| parent | 940bf02a229dadf5d96465278fb38d66e8f76ca8 (diff) | |
| download | chouette-core-b7684b0cd694605d2c140159c79f7155fb601130.tar.bz2 | |
Refs #3128 : Check organisation match for referentials
| -rw-r--r-- | app/policies/referential_policy.rb | 9 | ||||
| -rw-r--r-- | app/views/workbenches/show.html.slim | 2 |
2 files changed, 7 insertions, 4 deletions
diff --git a/app/policies/referential_policy.rb b/app/policies/referential_policy.rb index fb55f006a..8d366aff7 100644 --- a/app/policies/referential_policy.rb +++ b/app/policies/referential_policy.rb @@ -10,21 +10,24 @@ class ReferentialPolicy < ApplicationPolicy end def edit? - user.has_permission?('referentials.edit') + organisation_match? && user.has_permission?('referentials.edit') end def destroy? - user.has_permission?('referentials.destroy') + organisation_match? && user.has_permission?('referentials.destroy') end def archive? edit? end + def clone? + organisation_match? && create? + end + def unarchive? ; archive? end def update? ; edit? end def new? ; create? end - def clone? ; create? end end diff --git a/app/views/workbenches/show.html.slim b/app/views/workbenches/show.html.slim index f9a705c29..b46cf09a4 100644 --- a/app/views/workbenches/show.html.slim +++ b/app/views/workbenches/show.html.slim @@ -8,7 +8,7 @@ .row.mb-sm .col-lg-12.text-right - if policy(Referential).create? - = link_to t('referentials.actions.new'), new_referential_path(workbench_id: @workbench), class: 'btn btn-primary' + = link_to t('referentials.actions.new'), new_referential_path(workbench_id: @workbench), class: 'btn btn-primary' / PageContent .page_content |