diff options
author | Felipe Artur <felipefac@gmail.com> | 2016-03-31 11:36:40 -0300 |
---|---|---|
committer | Felipe Artur <felipefac@gmail.com> | 2016-04-18 11:12:27 -0300 |
commit | e8a77c0aee3eaf99793b3678a0eb97194244b339 (patch) | |
tree | 231de9a63132ba58fdecf8c27e2b062f3811a4b7 /app/controllers/users_controller.rb | |
parent | 668d6ffa437aa5c920e987beb5de4e8dacbfd00c (diff) | |
download | gitlab-ce-e8a77c0aee3eaf99793b3678a0eb97194244b339.tar.gz |
Fix code
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 642f5eea1de..233dca54b99 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,8 +1,7 @@ class UsersController < ApplicationController skip_before_action :authenticate_user! - #TODO felipe_artur: Remove this "set_user" before action. It is not good to use before filters for loading database records. before_action :set_user, except: [:show] - before_action :authorize_read_user, only: [:show] + before_action :authorize_read_user!, only: [:show] def show respond_to do |format| @@ -76,7 +75,8 @@ class UsersController < ApplicationController end private - def authorize_read_user + + def authorize_read_user! set_user render_404 unless can?(current_user, :read_user, @user) end |