Commit c2602aaf authored by Phil Hughes's avatar Phil Hughes

Updated Ruby

parent 2a6942ab
class Projects::GroupLinksController < Projects::ApplicationController class Projects::GroupLinksController < Projects::ApplicationController
layout 'project_settings' layout 'project_settings'
before_action :authorize_admin_project! before_action :authorize_admin_project!
before_action :authorize_admin_project_member!, only: [:update]
def index def index
@group_links = project.project_group_links.all @group_links = project.project_group_links.all
...@@ -21,7 +22,6 @@ class Projects::GroupLinksController < Projects::ApplicationController ...@@ -21,7 +22,6 @@ class Projects::GroupLinksController < Projects::ApplicationController
def update def update
@group_link = @project.project_group_links.find(params[:id]) @group_link = @project.project_group_links.find(params[:id])
return render_403 unless can?(current_user, :admin_project_member, @project)
@group_link.update_attributes(group_link_params) @group_link.update_attributes(group_link_params)
end end
......
...@@ -19,8 +19,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController ...@@ -19,8 +19,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
@groups = @project.project_group_links.where(group_id: group_ids) @groups = @project.project_group_links.where(group_id: group_ids)
end end
@project_members = @project_members.order('access_level DESC') @project_members = @project_members.order(access_level: :desc).page(params[:page])
@project_members = @project_members.page(params[:page])
@requesters = AccessRequestsFinder.new(@project).execute(current_user) @requesters = AccessRequestsFinder.new(@project).execute(current_user)
...@@ -40,6 +39,8 @@ class Projects::ProjectMembersController < Projects::ApplicationController ...@@ -40,6 +39,8 @@ class Projects::ProjectMembersController < Projects::ApplicationController
groups = Group.where(id: group_ids) groups = Group.where(id: group_ids)
groups.each do |group| groups.each do |group|
next unless can?(current_user, :read_group, group)
project.project_group_links.create( project.project_group_links.create(
group: group, group: group,
group_access: params[:access_level], group_access: params[:access_level],
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment