From a6b10ba2df849f83b5d5f23cec13314c567faf20 Mon Sep 17 00:00:00 2001 From: Xavier J Date: Tue, 10 Jan 2017 17:34:55 +0100 Subject: [PATCH] Active protect on change dossier state tool with admin email verification --- app/controllers/admin/change_dossier_state_controller.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/controllers/admin/change_dossier_state_controller.rb b/app/controllers/admin/change_dossier_state_controller.rb index 86611da4f..0b199b3f8 100644 --- a/app/controllers/admin/change_dossier_state_controller.rb +++ b/app/controllers/admin/change_dossier_state_controller.rb @@ -10,5 +10,10 @@ class Admin::ChangeDossierStateController < AdminController def check @dossier = Dossier.find(params[:dossier][:id]) + + unless @dossier.procedure.administrateur.email == current_administrateur.email + flash.alert = 'Dossier introuvable' + return redirect_to admin_change_dossier_state_path + end end end \ No newline at end of file