From b057cb591344828ceead2d8b156832d332a9991d Mon Sep 17 00:00:00 2001 From: jomo Date: Sun, 24 Jul 2016 22:30:00 +0200 Subject: remove annoying permission check for comments, forums, threads, replies --- app/controllers/comments_controller.rb | 6 +++--- app/controllers/forumthreads_controller.rb | 6 +++--- app/controllers/threadreplies_controller.rb | 6 +++--- app/views/comments/_comment.html.erb | 2 +- app/views/forumthreads/show.html.erb | 2 +- app/views/threadreplies/_reply.html.erb | 2 +- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index b69053e..3c2f57d 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -4,7 +4,7 @@ class CommentsController < ApplicationController def edit @comment = Comment.find(params[:id]) - if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user) + if mod? || @comment.author.is?(current_user) else flash[:alert] = "You are not allowed to edit this comment" redirect_to @comment.blogpost @@ -33,7 +33,7 @@ class CommentsController < ApplicationController def update @comment = Comment.find(params[:id]) - if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user) + if mod? || @comment.author.is?(current_user) @comment.user_editor = current_user @comment.attributes = comment_params old_content = @comment.content_was @@ -55,7 +55,7 @@ class CommentsController < ApplicationController def destroy @comment = Comment.find(params[:id]) - if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user) + if mod? || @comment.author.is?(current_user) if @comment.destroy flash[:notice] = "Comment deleted!" else diff --git a/app/controllers/forumthreads_controller.rb b/app/controllers/forumthreads_controller.rb index f9d31a3..b9b5714 100644 --- a/app/controllers/forumthreads_controller.rb +++ b/app/controllers/forumthreads_controller.rb @@ -11,7 +11,7 @@ class ForumthreadsController < ApplicationController end def edit - unless (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user) + unless mod? || @thread.author.is?(current_user) flash[:alert] = "You are not allowed to edit this thread!" redirect_to @thread end @@ -46,7 +46,7 @@ class ForumthreadsController < ApplicationController end def update - if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user) + if mod? || @thread.author.is?(current_user) @thread.user_editor = current_user @thread.attributes = (mod? ? thread_params([:sticky, :locked, :forum_id, :label_id]) : thread_params) old_content = @thread.content_was @@ -64,7 +64,7 @@ class ForumthreadsController < ApplicationController end def destroy - if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user) + if mod? || @thread.author.is?(current_user) if @thread.destroy flash[:notice] = "Thread deleted!" else diff --git a/app/controllers/threadreplies_controller.rb b/app/controllers/threadreplies_controller.rb index 235f037..946155d 100644 --- a/app/controllers/threadreplies_controller.rb +++ b/app/controllers/threadreplies_controller.rb @@ -2,7 +2,7 @@ class ThreadrepliesController < ApplicationController def edit @reply = Threadreply.find(params[:id]) - if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user) + if mod? || @reply.author.is?(current_user) else flash[:alert] = "You are not allowed to edit this reply" redirect_to @reply.thread @@ -32,7 +32,7 @@ class ThreadrepliesController < ApplicationController def update @reply = Threadreply.find(params[:id]) - if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user) + if mod? || @reply.author.is?(current_user) old_content = @reply.content_was if @reply.update_attributes(reply_params) @reply.send_new_reply_mail(old_content) @@ -52,7 +52,7 @@ class ThreadrepliesController < ApplicationController def destroy @reply = Threadreply.find(params[:id]) - if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user) + if mod? || @reply.author.is?(current_user) if @reply.destroy flash[:notice] = "Reply deleted!" else diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 147e85b..b5a05e5 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -6,7 +6,7 @@ <%= ago c.created_at %> <% end %> - <%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c), class: "editlink" if (mod? && current_user.role >= c.author.role) || c.author.is?(current_user) %> + <%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c), class: "editlink" if mod? || c.author.is?(current_user) %>
diff --git a/app/views/forumthreads/show.html.erb b/app/views/forumthreads/show.html.erb index 206ae09..876d55d 100644 --- a/app/views/forumthreads/show.html.erb +++ b/app/views/forumthreads/show.html.erb @@ -8,7 +8,7 @@ <%= link_to p do %> <%= ago @thread.created_at %> <% end %> - <%= link_to "edit", edit_forumthread_path( @thread), class: "editlink" if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user) %> + <%= link_to "edit", edit_forumthread_path( @thread), class: "editlink" if mod? || @thread.author.is?(current_user) %>
diff --git a/app/views/threadreplies/_reply.html.erb b/app/views/threadreplies/_reply.html.erb index b3a344e..88e4bfb 100644 --- a/app/views/threadreplies/_reply.html.erb +++ b/app/views/threadreplies/_reply.html.erb @@ -6,7 +6,7 @@ <%= ago reply.created_at %> <% end %> - <%= link_to "edit", edit_forumthread_threadreply_path(reply.thread, reply), class: "editlink" if (mod? && current_user.role >= reply.author.role) || reply.author.is?(current_user) %> + <%= link_to "edit", edit_forumthread_threadreply_path(reply.thread, reply), class: "editlink" if mod? || reply.author.is?(current_user) %>
-- cgit v1.2.3