summaryrefslogtreecommitdiff
path: root/lib/api/notes.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/notes.rb')
-rw-r--r--lib/api/notes.rb2
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index d6e7203adaf..0b9ab4eeb05 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -78,6 +78,8 @@ module API
}
if can?(current_user, noteable_read_ability_name(noteable), noteable)
+ authorize! :create_note, noteable
+
if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
opts[:created_at] = params[:created_at]
end
View Lorry Controller Status