Ensure views only link to those actions allowed for current user

2018-11-30 13:29:04 +01:00
parent d3f67ab4c7
commit 2125fb1c1d
56 changed files with 128 additions and 264 deletions
--- a/app/views/code_harbor_links/show.html.slim
+++ b/app/views/code_harbor_links/show.html.slim
@@ -1,6 +1,6 @@
 h1
  = @code_harbor_link
-  = render('shared/edit_button', object: @code_harbor_link) if policy(@code_harbor_link).edit?
+  = render('shared/edit_button', object: @code_harbor_link)

 - %w[oauth2token].each do |attribute|
  = row(label: "code_harbor_link.#{attribute}") do