summaryrefslogtreecommitdiff
path: root/app/controllers/projects/boards/issues_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects/boards/issues_controller.rb')
-rw-r--r--app/controllers/projects/boards/issues_controller.rb5
1 files changed, 5 insertions, 0 deletions
diff --git a/app/controllers/projects/boards/issues_controller.rb b/app/controllers/projects/boards/issues_controller.rb
index 3b1b236a89a..fea7a35232d 100644
--- a/app/controllers/projects/boards/issues_controller.rb
+++ b/app/controllers/projects/boards/issues_controller.rb
@@ -2,6 +2,7 @@ module Projects
module Boards
class IssuesController < Boards::ApplicationController
before_action :authorize_read_issue!, only: [:index]
+ before_action :authorize_create_issue!, only: [:create]
before_action :authorize_update_issue!, only: [:update]
def index
@@ -52,6 +53,10 @@ module Projects
return render_403 unless can?(current_user, :read_issue, project)
end
+ def authorize_create_issue!
+ return render_403 unless can?(current_user, :admin_issue, project)
+ end
+
def authorize_update_issue!
return render_403 unless can?(current_user, :update_issue, issue)
end
View Lorry Controller Status