diff options
author | jomo <github@jomo.tv> | 2016-07-19 15:06:40 +0200 |
---|---|---|
committer | jomo <github@jomo.tv> | 2016-07-19 15:06:40 +0200 |
commit | 76076bbdf2c80279bcc9a34e31c960e9d58d7ed4 (patch) | |
tree | 0d7f56ae010342e1b12e54b30fa587fe4710bd27 | |
parent | f2353eebcc22212f3fe5e817f1fdee4edb810805 (diff) |
fix edit link permission checks for comments, threads, replies
-rw-r--r-- | app/views/comments/_comment.html.erb | 2 | ||||
-rw-r--r-- | app/views/forumthreads/show.html.erb | 2 | ||||
-rw-r--r-- | app/views/threadreplies/_reply.html.erb | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 286cf1b..147e85b 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -6,7 +6,7 @@ <%= ago c.created_at %> <% end %> - <%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c), class: "editlink" if (mod? || c.author.is?(current_user)) %> + <%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c), class: "editlink" if (mod? && current_user.role >= c.author.role) || c.author.is?(current_user) %> <div class="clear-right"></div> </div> <div class="items"> diff --git a/app/views/forumthreads/show.html.erb b/app/views/forumthreads/show.html.erb index 10cfeb6..206ae09 100644 --- a/app/views/forumthreads/show.html.erb +++ b/app/views/forumthreads/show.html.erb @@ -8,7 +8,7 @@ <%= link_to p do %> <%= ago @thread.created_at %> <% end %> - <%= link_to "edit", edit_forumthread_path( @thread), class: "editlink" if (@thread.author.is?(current_user) || mod?) %> + <%= link_to "edit", edit_forumthread_path( @thread), class: "editlink" if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user) %> <div class="clear-right"></div> </div> <div class="items"> diff --git a/app/views/threadreplies/_reply.html.erb b/app/views/threadreplies/_reply.html.erb index 88e4bfb..b3a344e 100644 --- a/app/views/threadreplies/_reply.html.erb +++ b/app/views/threadreplies/_reply.html.erb @@ -6,7 +6,7 @@ <%= ago reply.created_at %> <% end %> - <%= link_to "edit", edit_forumthread_threadreply_path(reply.thread, reply), class: "editlink" if mod? || reply.author.is?(current_user) %> + <%= link_to "edit", edit_forumthread_threadreply_path(reply.thread, reply), class: "editlink" if (mod? && current_user.role >= reply.author.role) || reply.author.is?(current_user) %> <div class="clear-right"></div> </div> <div class="items"> |