Code cleanup.

git-svn-id: http://svn.redmine.org/redmine/trunk@16725 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1b5a74da21677ba784a3c87e63a352a6b938cdd9..f1d57d4b8e508fd874b26fd416712c3a2cbeab96 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -272,35 +272,31 @@ class ApplicationController < ActionController::Base
   end
 
   # Find project of id params[:id]
-  def find_project
-    @project = Project.find(params[:id])
+  def find_project(project_id=params[:id])
+    @project = Project.find(project_id)
   rescue ActiveRecord::RecordNotFound
     render_404
   end
 
   # Find project of id params[:project_id]
   def find_project_by_project_id
-    @project = Project.find(params[:project_id])
-  rescue ActiveRecord::RecordNotFound
-    render_404
+    find_project(params[:project_id])
   end
 
   # Find project of id params[:id] if present
   def find_optional_project_by_id
     if params[:id].present?
-      @project = Project.find(params[:id])
+      find_project(params[:id])
     end
-  rescue ActiveRecord::RecordNotFound
-    render_404
   end
 
   # Find a project based on params[:project_id]
+  # and authorize the user for the requested action
   def find_optional_project
-    @project = Project.find(params[:project_id]) unless params[:project_id].blank?
-    allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)
-    allowed ? true : deny_access
-  rescue ActiveRecord::RecordNotFound
-    render_404
+    if params[:project_id].present?
+      find_project(params[:project_id])
+    end
+    authorize_global
   end
 
   # Finds and sets @project based on @object.project