[openstreetmap/openstreetmap-website] Use an authorisation framework (#1626)
Andy Allan
notifications at github.com
Wed Oct 24 15:32:27 UTC 2018
As an update, #2023 is coming together, and I hope we can resolve any remaining aspects soon and get it merged. For reference, the process after that will be roughly:
* Refactor various controllers to remove the need for `require_moderator` and `require_administrator`. These can be checked with the abilities instead.
* Refactor various controllers and views to remove role checks e.g. `if current_user.moderator?`, and replace with permission checks e.g. `can? :delete @note`.
* Refactor remaining controllers to avoid needing the `require_user` filter
* Review the need for `require_cability` and friends, and migrate to using the new capabilities approach
* Mark any other controllers as not needing authorization, and then add `check_authorization` to application controller
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/1626#issuecomment-432706366
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20181024/9d0da6b3/attachment-0001.html>
More information about the rails-dev
mailing list