From 30c6db8f0354847c275335c120d7218c0098c41f Mon Sep 17 00:00:00 2001 From: Mark Chao Date: Tue, 11 Dec 2018 14:28:06 +0800 Subject: Move embeddable? to model to be used outside view --- app/models/snippet.rb | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'app/models/snippet.rb') diff --git a/app/models/snippet.rb b/app/models/snippet.rb index 11856b55902..e623ee8161f 100644 --- a/app/models/snippet.rb +++ b/app/models/snippet.rb @@ -175,6 +175,14 @@ class Snippet < ActiveRecord::Base :visibility_level end + def embeddable? + if project_id? + Ability.allowed?(nil, :read_project_snippet, self) + else + Ability.allowed?(nil, :read_personal_snippet, self) + end + end + def notes_with_associations notes.includes(:author) end -- cgit v1.2.1 From ed0d691e0dfba54cd8f03706afd011afe4063a7a Mon Sep 17 00:00:00 2001 From: Mark Chao Date: Tue, 11 Dec 2018 14:32:25 +0800 Subject: Block private snippets from being embeddable --- app/models/snippet.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'app/models/snippet.rb') diff --git a/app/models/snippet.rb b/app/models/snippet.rb index e623ee8161f..f9b23bbbf6c 100644 --- a/app/models/snippet.rb +++ b/app/models/snippet.rb @@ -176,11 +176,9 @@ class Snippet < ActiveRecord::Base end def embeddable? - if project_id? - Ability.allowed?(nil, :read_project_snippet, self) - else - Ability.allowed?(nil, :read_personal_snippet, self) - end + ability = project_id? ? :read_project_snippet : :read_personal_snippet + + Ability.allowed?(nil, ability, self) end def notes_with_associations -- cgit v1.2.1