diff options
| -rw-r--r-- | app/controllers/forums_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/forumthreads_controller.rb | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/app/controllers/forums_controller.rb b/app/controllers/forums_controller.rb index 2841be9..ecf570e 100644 --- a/app/controllers/forums_controller.rb +++ b/app/controllers/forums_controller.rb @@ -16,6 +16,10 @@ class ForumsController < ApplicationController end def edit + unless admin? + flash[:alert] = "You are not allowed to change a forum" + redirect_to forums_path + end end def new diff --git a/app/controllers/forumthreads_controller.rb b/app/controllers/forumthreads_controller.rb index ac090f5..b9b5714 100644 --- a/app/controllers/forumthreads_controller.rb +++ b/app/controllers/forumthreads_controller.rb @@ -11,6 +11,10 @@ class ForumthreadsController < ApplicationController end def edit + unless mod? || @thread.author.is?(current_user) + flash[:alert] = "You are not allowed to edit this thread!" + redirect_to @thread + end end def new |