htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Correctly authorize comment deletion

Browse Source
This commit is contained in:
Maximilian Grundke
2016-04-27 17:16:23 +02:00
parent 57b773698b
commit 8ef615ffaa
2 changed files with 3 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/policies/comment_policy.rb
View File

@@ -1,12 +1,6 @@
class CommentPolicy < ApplicationPolicy
def author?
if @record.is_a?(ActiveRecord::Relation)
flag = true
@record.all {|item| flag = (flag and item.author == @user)}
flag
else
@user == @record.author
end
@user == @record.author
end
private :author?