use a nil subject when we want to check global abilities

2bdcef4d · http://jneen.net/ · 2b26270a · 2bdcef4d · 2bdcef4d
Commit 2bdcef4d authored Aug 18, 2016 by http://jneen.net/
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

lib/api/groups.rb lib/api/groups.rb +1 -1

lib/api/helpers.rb lib/api/helpers.rb +1 -1

No files found.
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -30,7 +30,7 @@ module API
      # Example Request:
      #   POST /groups
      post do
-        authorize! :create_group, current_user
+        authorize! :create_group
        required_attributes! [:name, :path]

        attrs = attributes_for_keys [:name, :path, :description, :visibility_level]

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -129,7 +129,7 @@ module API
      forbidden! unless current_user.is_admin?
    end

-    def authorize!(action, subject)
+    def authorize!(action, subject = nil)
      forbidden! unless can?(current_user, action, subject)
    end