summaryrefslogtreecommitdiffstats
path: root/app/controllers/application_controller.rb
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2017-06-26 20:51:28 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2017-06-26 20:51:28 +0000
commit310060ff579ad42934194853e9759ea82f6bceee (patch)
tree849056c5650ec853fce46c129fe00115f5994d3d /app/controllers/application_controller.rb
parente7c0e16a3ff68681cb475fa382d843c0977a7c09 (diff)
downloadredmine-310060ff579ad42934194853e9759ea82f6bceee.tar.gz
redmine-310060ff579ad42934194853e9759ea82f6bceee.zip
Code cleanup.
git-svn-id: http://svn.redmine.org/redmine/trunk@16725 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r--app/controllers/application_controller.rb22
1 files changed, 9 insertions, 13 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1b5a74da2..f1d57d4b8 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -272,35 +272,31 @@ class ApplicationController < ActionController::Base
end
# Find project of id params[:id]
- def find_project
- @project = Project.find(params[:id])
+ def find_project(project_id=params[:id])
+ @project = Project.find(project_id)
rescue ActiveRecord::RecordNotFound
render_404
end
# Find project of id params[:project_id]
def find_project_by_project_id
- @project = Project.find(params[:project_id])
- rescue ActiveRecord::RecordNotFound
- render_404
+ find_project(params[:project_id])
end
# Find project of id params[:id] if present
def find_optional_project_by_id
if params[:id].present?
- @project = Project.find(params[:id])
+ find_project(params[:id])
end
- rescue ActiveRecord::RecordNotFound
- render_404
end
# Find a project based on params[:project_id]
+ # and authorize the user for the requested action
def find_optional_project
- @project = Project.find(params[:project_id]) unless params[:project_id].blank?
- allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)
- allowed ? true : deny_access
- rescue ActiveRecord::RecordNotFound
- render_404
+ if params[:project_id].present?
+ find_project(params[:project_id])
+ end
+ authorize_global
end
# Finds and sets @project based on @object.project