From 37dcbfa9fa687d738e49a670f1902a934653f18f Mon Sep 17 00:00:00 2001 From: Karel Picman Date: Fri, 3 Jan 2014 13:08:41 +0100 Subject: [PATCH] Wrong File manipulation permission check --- app/controllers/dmsf_controller.rb | 2 +- app/views/dmsf_files/show.html.erb | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/dmsf_controller.rb b/app/controllers/dmsf_controller.rb index 1d4e5c7b..f31ffdda 100644 --- a/app/controllers/dmsf_controller.rb +++ b/app/controllers/dmsf_controller.rb @@ -34,7 +34,7 @@ class DmsfController < ApplicationController def show @folder_manipulation_allowed = User.current.allowed_to?(:folder_manipulation, @project) - @file_manipulation_allowed = User.current.allowed_to?(:folder_manipulation, @project) + @file_manipulation_allowed = User.current.allowed_to?(:file_manipulation, @project) @force_file_unlock_allowed = User.current.allowed_to?(:force_file_unlock, @project) unless @folder diff --git a/app/views/dmsf_files/show.html.erb b/app/views/dmsf_files/show.html.erb index 4fb3a12b..4b73d305 100644 --- a/app/views/dmsf_files/show.html.erb +++ b/app/views/dmsf_files/show.html.erb @@ -55,9 +55,9 @@ "manipulation_link('#{url_for(:action => 'notify_activate', :id => @file, :current => request.url)}')", :title => l(:title_notifications_not_active_activate)) %> <% end %> - <% end %> -   - <%= link_to(image_tag('copy.png'), {:controller => :dmsf_files_copy, :action => 'new', :id => @file }, :title => l(:title_copy_or_move)) %> +   + <%= link_to(image_tag('copy.png'), {:controller => :dmsf_files_copy, :action => 'new', :id => @file }, :title => l(:title_copy_or_move)) %> + <% end %> <%= render(:partial => '/dmsf/path', :locals => {:folder => @file.folder, :filename => @file.title}) %>