diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-06-26 20:51:28 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-06-26 20:51:28 +0000 |
commit | 310060ff579ad42934194853e9759ea82f6bceee (patch) | |
tree | 849056c5650ec853fce46c129fe00115f5994d3d /app/controllers/application_controller.rb | |
parent | e7c0e16a3ff68681cb475fa382d843c0977a7c09 (diff) | |
download | redmine-310060ff579ad42934194853e9759ea82f6bceee.tar.gz redmine-310060ff579ad42934194853e9759ea82f6bceee.zip |
Code cleanup.
git-svn-id: http://svn.redmine.org/redmine/trunk@16725 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1b5a74da2..f1d57d4b8 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -272,35 +272,31 @@ class ApplicationController < ActionController::Base end # Find project of id params[:id] - def find_project - @project = Project.find(params[:id]) + def find_project(project_id=params[:id]) + @project = Project.find(project_id) rescue ActiveRecord::RecordNotFound render_404 end # Find project of id params[:project_id] def find_project_by_project_id - @project = Project.find(params[:project_id]) - rescue ActiveRecord::RecordNotFound - render_404 + find_project(params[:project_id]) end # Find project of id params[:id] if present def find_optional_project_by_id if params[:id].present? - @project = Project.find(params[:id]) + find_project(params[:id]) end - rescue ActiveRecord::RecordNotFound - render_404 end # Find a project based on params[:project_id] + # and authorize the user for the requested action def find_optional_project - @project = Project.find(params[:project_id]) unless params[:project_id].blank? - allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true) - allowed ? true : deny_access - rescue ActiveRecord::RecordNotFound - render_404 + if params[:project_id].present? + find_project(params[:project_id]) + end + authorize_global end # Finds and sets @project based on @object.project |