Revision 4ec71610
Added by Marek Hulán almost 9 years ago
| app/models/concerns/taxonomix.rb | ||
|---|---|---|
|
|
||
|
next if (User.current.nil? || User.current.send("#{assoc}").empty?) || (!new_record? && !self.send("#{key}_changed?"))
|
||
|
|
||
|
allowed = taxonomy.authorized("assign_#{assoc}", taxonomy).pluck(:id).to_set
|
||
|
allowed = taxonomy.authorized("assign_#{assoc}", taxonomy).pluck(:id).to_set.union(self.send("#{key}_was"))
|
||
|
tried = self.send(key).to_set
|
||
|
|
||
|
if tried.empty? || !tried.subset?(allowed)
|
||
Also available in: Unified diff
Fixes #11187 - explicitly pass resource_type and permission to check