openstreetmap-website

cst1/openstreetmap-website

Fork 0

Commit graph

Author	SHA1	Message	Date
Chris Flipse	5232914427	Implement the cancan filters for diary entries Access logic is not _entirely_ exported from the controller, unfortunately. For interface reasons, some actions which require admin have to be listed within the controller's deny_access method. This is required because, being a default-deny system, cancancan _cannot_ tell you the reason you were denied access; and so the "nice" feedback presenting next steps can't be gleaned from the exception	2018-06-17 13:57:06 -04:00
Chris Flipse	6da3ece683	use token in ability checks	2018-06-17 13:56:23 -04:00

Author

SHA1

Message

Date

Chris Flipse

5232914427

Implement the cancan filters for diary entries

Access logic is not _entirely_ exported from the controller,
unfortunately.  For interface reasons, some actions which require admin
have to be listed within the controller's deny_access method.

This is required because, being a default-deny system, cancancan
_cannot_ tell you the reason you were denied access; and so
the "nice" feedback presenting next steps can't be gleaned from
the exception

2018-06-17 13:57:06 -04:00

Chris Flipse

6da3ece683

use token in ability checks

2018-06-17 13:56:23 -04:00

2 commits