Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity

check mod+ rank when dealing with thread replies

Browse Source
This commit is contained in:
jomo
2016-07-19 14:53:41 +02:00
parent 072f38a373
commit f6929da548
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/threadreplies_controller.rb
View File

@@ -2,7 +2,7 @@ class ThreadrepliesController < ApplicationController
def edit
@reply = Threadreply.find(params[:id])
if mod? || @reply.author.is?(current_user)
if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user)
else
flash[:alert] = "You are not allowed to edit this reply"
redirect_to @reply.thread
@@ -32,7 +32,7 @@ class ThreadrepliesController < ApplicationController
def update
@reply = Threadreply.find(params[:id])
if mod? || @reply.author.is?(current_user)
if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user)
old_content = @reply.content_was
if @reply.update_attributes(reply_params)
@reply.send_new_reply_mail(old_content)
@@ -52,7 +52,7 @@ class ThreadrepliesController < ApplicationController
def destroy
@reply = Threadreply.find(params[:id])
if mod? || @reply.author.is?(current_user)
if (mod? && current_user.role >= @reply.author.role) || @reply.author.is?(current_user)
if @reply.destroy
flash[:notice] = "Reply deleted!"
else