Project

General

Profile

« Previous | Next » 

Revision c427a1d9

Added by Ohad Levy almost 12 years ago

  • ID c427a1d92ec65021ebeb4a719167eaf3c36be9a7

ensures that auto completer for users search works even when you are not an admin

View differences:

app/controllers/users_controller.rb
def authorize(ctrl = params[:controller], action = params[:action])
# Editing self is true when the user is granted access to just their own account details
if action == 'auto_complete_search' and User.current.allowed_to?({:controller => ctrl, :action => 'index'})
return true
end
self.editing_self = false
return true if User.current.allowed_to?({:controller => ctrl, :action => action})
if (action =~ /edit|update/ and params[:id].to_i == User.current.id)

Also available in: Unified diff