remove annoying permission check for comments, forums, threads, replies

2016-07-24 22:30:00 +02:00
parent c9e7015f4c
commit b057cb5913
6 changed files with 12 additions and 12 deletions
--- a/app/controllers/comments_controller.rb
+++ b/app/controllers/comments_controller.rb
@@ -4,7 +4,7 @@ class CommentsController < ApplicationController

  def edit
    @comment = Comment.find(params[:id])
-    if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user)
+    if mod? || @comment.author.is?(current_user)
    else
      flash[:alert] = "You are not allowed to edit this comment"
      redirect_to @comment.blogpost
@@ -33,7 +33,7 @@ class CommentsController < ApplicationController

  def update
    @comment = Comment.find(params[:id])
-    if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user)
+    if mod? || @comment.author.is?(current_user)
      @comment.user_editor = current_user
      @comment.attributes = comment_params
      old_content = @comment.content_was
@@ -55,7 +55,7 @@ class CommentsController < ApplicationController

  def destroy
    @comment = Comment.find(params[:id])
-    if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user)
+    if mod? || @comment.author.is?(current_user)
      if @comment.destroy
        flash[:notice] = "Comment deleted!"
      else
--- a/app/controllers/forumthreads_controller.rb
+++ b/app/controllers/forumthreads_controller.rb
@@ -11,7 +11,7 @@ class ForumthreadsController < ApplicationController
  end

  def edit
-    unless (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user)
+    unless mod? || @thread.author.is?(current_user)
      flash[:alert] = "You are not allowed to edit this thread!"
      redirect_to @thread
    end
@@ -46,7 +46,7 @@ class ForumthreadsController < ApplicationController
  end

  def update
-    if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user)
+    if mod? || @thread.author.is?(current_user)
      @thread.user_editor = current_user
      @thread.attributes = (mod? ? thread_params([:sticky, :locked, :forum_id, :label_id]) : thread_params)
      old_content = @thread.content_was
@@ -64,7 +64,7 @@ class ForumthreadsController < ApplicationController
  end

  def destroy
-    if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user)
+    if mod? || @thread.author.is?(current_user)
      if @thread.destroy
        flash[:notice] = "Thread deleted!"
      else
--- a/app/controllers/threadreplies_controller.rb
+++ b/app/controllers/threadreplies_controller.rb
@@ -2,7 +2,7 @@ class ThreadrepliesController < ApplicationController

  def edit
    @reply = Threadreply.find(params[:id])
-    if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user)
+    if mod? || @reply.author.is?(current_user)
    else
      flash[:alert] = "You are not allowed to edit this reply"
      redirect_to @reply.thread
@@ -32,7 +32,7 @@ class ThreadrepliesController < ApplicationController

  def update
    @reply = Threadreply.find(params[:id])
-    if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user)
+    if mod? || @reply.author.is?(current_user)
      old_content = @reply.content_was
      if @reply.update_attributes(reply_params)
        @reply.send_new_reply_mail(old_content)
@@ -52,7 +52,7 @@ class ThreadrepliesController < ApplicationController

  def destroy
    @reply = Threadreply.find(params[:id])
-    if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user)
+    if mod? || @reply.author.is?(current_user)
      if @reply.destroy
        flash[:notice] = "Reply deleted!"
      else
--- a/app/views/comments/_comment.html.erb
+++ b/app/views/comments/_comment.html.erb
@@ -6,7 +6,7 @@
      <%= ago c.created_at %>
    <% end %>

-    <%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c), class: "editlink" if (mod? && current_user.role >= c.author.role) || c.author.is?(current_user) %>
+    <%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c), class: "editlink" if mod? || c.author.is?(current_user) %>
    <div class="clear-right"></div>
  </div>
  <div class="items">
--- a/app/views/forumthreads/show.html.erb
+++ b/app/views/forumthreads/show.html.erb
@@ -8,7 +8,7 @@
    <%= link_to p do %>
      <%= ago @thread.created_at %>
    <% end %>
-    <%= link_to "edit", edit_forumthread_path( @thread), class: "editlink" if (mod? && current_user.role >= @thread.author.role) || @thread.author.is?(current_user) %>
+    <%= link_to "edit", edit_forumthread_path( @thread), class: "editlink" if mod? || @thread.author.is?(current_user) %>
    <div class="clear-right"></div>
  </div>
  <div class="items">
--- a/app/views/threadreplies/_reply.html.erb
+++ b/app/views/threadreplies/_reply.html.erb
@@ -6,7 +6,7 @@
      <%= ago reply.created_at %>
    <% end %>

-    <%= link_to "edit", edit_forumthread_threadreply_path(reply.thread, reply), class: "editlink" if (mod? && current_user.role >= reply.author.role) || reply.author.is?(current_user) %>
+    <%= link_to "edit", edit_forumthread_threadreply_path(reply.thread, reply), class: "editlink" if mod? || reply.author.is?(current_user) %>
    <div class="clear-right"></div>
  </div>
  <div class="items">