[openstreetmap/openstreetmap-website] Use CanCanCan for changeset comments (#2073)

Andy Allan notifications at github.com
Wed Nov 28 11:44:51 UTC 2018


This introduces different deny_access handlers for web and api requests, since we want to avoid sending redirects as API responses. See #2064 for discussion.

I think in the long term, we'll have separate deny_access handlers for web and api requests using controller inheritance, but I think this works as an intermediate stage while we're refactoring. 
You can view, comment on, or merge this pull request online at:

  https://github.com/openstreetmap/openstreetmap-website/pull/2073

-- Commit Summary --

  * Use CanCanCan for changeset comments

-- File Changes --

    M app/abilities/ability.rb (3)
    M app/abilities/capability.rb (5)
    M app/controllers/application_controller.rb (30)
    M app/controllers/changeset_comments_controller.rb (6)
    M test/abilities/capability_test.rb (42)
    A test/factories/access_tokens.rb (6)

-- Patch Links --

https://github.com/openstreetmap/openstreetmap-website/pull/2073.patch
https://github.com/openstreetmap/openstreetmap-website/pull/2073.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/2073
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20181128/3a6c5f1d/attachment.html>


More information about the rails-dev mailing list