Use ApplicationController#find_optional_project instead.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Mon, 26 Jun 2017 19:53:09 +0000 (19:53 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Mon, 26 Jun 2017 19:53:09 +0000 (19:53 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Mon, 26 Jun 2017 19:53:09 +0000 (19:53 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Mon, 26 Jun 2017 19:53:09 +0000 (19:53 +0000)
diff --git a/app/controllers/timelog_controller.rb b/app/controllers/timelog_controller.rb

index 18b911c52cb6fa1c3d2d06a84c341858a177b9c2..b45d3078ff7169cb1aaa6cd718f1ed0376e4ecd4 100644 (file)
--- a/app/controllers/timelog_controller.rb
+++ b/app/controllers/timelog_controller.rb
@@ -25,7 +25,6 @@ class TimelogController < ApplicationController
  
    before_action :find_optional_issue, :only => [:new, :create]
    before_action :find_optional_project, :only => [:index, :report]
-  before_action :authorize_global, :only => [:new, :create, :index, :report]
  
    accept_rss_auth :index
    accept_api_auth :index, :show, :create, :update, :destroy
@@ -261,19 +260,12 @@ private
      if params[:issue_id].present?
        @issue = Issue.find(params[:issue_id])
        @project = @issue.project
+      authorize
      else
        find_optional_project
      end
    end
  
-  def find_optional_project
-    if params[:project_id].present?
-      @project = Project.find(params[:project_id])
-    end
-  rescue ActiveRecord::RecordNotFound
-    render_404
-  end
-
    # Returns the TimeEntry scope for index and report actions
    def time_entry_scope(options={})
      @query.results_scope(options)
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Mon, 26 Jun 2017 19:53:09 +0000 (19:53 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Mon, 26 Jun 2017 19:53:09 +0000 (19:53 +0000)