Commit 2bdcef4d authored by http://jneen.net/'s avatar http://jneen.net/

use a nil subject when we want to check global abilities

parent 2b26270a
...@@ -30,7 +30,7 @@ module API ...@@ -30,7 +30,7 @@ module API
# Example Request: # Example Request:
# POST /groups # POST /groups
post do post do
authorize! :create_group, current_user authorize! :create_group
required_attributes! [:name, :path] required_attributes! [:name, :path]
attrs = attributes_for_keys [:name, :path, :description, :visibility_level] attrs = attributes_for_keys [:name, :path, :description, :visibility_level]
......
...@@ -129,7 +129,7 @@ module API ...@@ -129,7 +129,7 @@ module API
forbidden! unless current_user.is_admin? forbidden! unless current_user.is_admin?
end end
def authorize!(action, subject) def authorize!(action, subject = nil)
forbidden! unless can?(current_user, action, subject) forbidden! unless can?(current_user, action, subject)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment