|
|
|
@ -3,6 +3,8 @@ class MemosController < ApplicationController
|
|
|
|
|
before_filter :find_forum, :only => [:new, :preview]
|
|
|
|
|
before_filter :find_attachments, :only => [:preview]
|
|
|
|
|
before_filter :find_memo, :except => [:new, :create , :preview, :update]
|
|
|
|
|
before_filter :authenticate_user_edit, :only => [:edit, :update]
|
|
|
|
|
before_filter :authenticate_user_destroy, :only => [:destroy]
|
|
|
|
|
|
|
|
|
|
helper :attachments
|
|
|
|
|
include AttachmentsHelper
|
|
|
|
@ -144,4 +146,15 @@ class MemosController < ApplicationController
|
|
|
|
|
render_404
|
|
|
|
|
nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authenticate_user_edit
|
|
|
|
|
find_memo
|
|
|
|
|
render_403 unless @memo.editable_by? User.current
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authenticate_user_destroy
|
|
|
|
|
find_memo
|
|
|
|
|
render_403 unless @memo.destroyable_by? User.current
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|