Change reaction admin permission check to be in-line with other controllers

This commit is contained in:
Stanko K.R.
2025-12-04 11:01:23 +01:00
parent 6050f187ca
commit 5cfe6930ee
@@ -2,6 +2,8 @@ class Cards::Comments::ReactionsController < ApplicationController
include CardScoped
before_action :set_comment
before_action :set_reaction, only: %i[ destroy ]
before_action :ensure_permision_to_administer_reaction, only: %i[ destroy ]
def index
end
@@ -14,17 +16,19 @@ class Cards::Comments::ReactionsController < ApplicationController
end
def destroy
@reaction = @comment.reactions.find(params[:id])
if Current.user != @reaction.reacter
head :forbidden
else
@reaction.destroy
end
@reaction.destroy
end
private
def set_comment
@comment = @card.comments.find(params[:comment_id])
end
def set_reaction
@reaction = @comment.reactions.find(params[:id])
end
def ensure_permision_to_administer_reaction
head :forbidden if Current.user != @reaction.reacter
end
end