Remove unused authorization from controller

eb99e5f5 · Felipe Artur · 0b91ff28 · eb99e5f5 · eb99e5f5 · eb99e5f5
Commit eb99e5f5 authored Apr 20, 2016 by Felipe Artur
3 changed files
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
 class Projects::ProjectMembersController < Projects::ApplicationController
  # Authorize
  before_action :authorize_admin_project_member!, except: [:leave, :index]
-  before_action :authorize_read_members_list!, only: [:index]
  def index
    @project_members = @project.project_members
@@ -113,8 +112,4 @@ class Projects::ProjectMembersController < Projects::ApplicationController
  def member_params
    params.require(:project_member).permit(:user_id, :access_level)
  end
-  def authorize_read_members_list!
-    render_403 unless can?(current_user, :read_members_list , @project)
-  end
 end
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -144,7 +144,7 @@ module ProjectsHelper
      nav_tabs << :settings
    end
-    if can?(current_user, :read_members_list, project)
+    if can?(current_user, :read_project_member, project)
      nav_tabs << :team
    end

--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -189,8 +189,7 @@ class Ability
        :create_project,
        :create_issue,
        :create_note,
-        :upload_file,
+        :upload_file
-        :read_members_list
      ]
    end