Andy Allan
7420479cde
Use CanCanCan for directions controller
2019-01-09 10:12:14 +01:00
Andy Allan
1e30edba53
Use CanCanCan for browse controller
2019-01-09 10:10:12 +01:00
Andy Allan
44eea9dcaf
Use CanCanCan for export controller
2019-01-02 19:21:10 +01:00
Andy Allan
ad68d4c634
Use CanCanCan for search controller
2019-01-02 19:17:32 +01:00
Andy Allan
c7a7d29813
Require terms agreement for abilities and capabilities related to api write methods
2019-01-02 17:40:43 +01:00
Andy Allan
ca596106f5
Refactor users_controller to use CanCanCan for authorisation
2018-12-12 16:17:24 +01:00
Andy Allan
a3a10237f7
Use CanCanCan for user_roles auth
2018-11-28 21:39:26 +01:00
Andy Allan
ea766ec57d
Use CanCanCan for notes authorization
2018-11-28 15:59:47 +01:00
Andy Allan
8f70fb2114
Use CanCanCan for changeset comments
...
This introduces different deny_access handlers for web and api requests, since we want to avoid sending redirects as API responses. See #2064 for discussion.
2018-11-28 12:35:45 +01:00
Andy Allan
79207ee594
Use CanCanCan for redaction authorizations
2018-11-07 13:28:58 +01:00
Andy Allan
368ce0000d
Migrate UserBlocksController to use CanCanCan
2018-11-07 13:07:08 +01:00
Tom Hughes
8c269aba4e
Move abilities to a sepatarate top level directory
2018-11-03 12:56:50 +00:00
