Commit eb99e5f5 authored by Felipe Artur's avatar Felipe Artur

Remove unused authorization from controller

parent 0b91ff28
class Projects::ProjectMembersController < Projects::ApplicationController
# Authorize
before_action :authorize_admin_project_member!, except: [:leave, :index]
before_action :authorize_read_members_list!, only: [:index]
def index
@project_members = @project.project_members
......@@ -113,8 +112,4 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def member_params
params.require(:project_member).permit(:user_id, :access_level)
end
def authorize_read_members_list!
render_403 unless can?(current_user, :read_members_list , @project)
end
end
......@@ -144,7 +144,7 @@ module ProjectsHelper
nav_tabs << :settings
end
if can?(current_user, :read_members_list, project)
if can?(current_user, :read_project_member, project)
nav_tabs << :team
end
......
......@@ -189,8 +189,7 @@ class Ability
:create_project,
:create_issue,
:create_note,
:upload_file,
:read_members_list
:upload_file
]
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment