nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

scope album queries through user

Browse source
This commit is contained in:
Raphael 2010-09-17 14:57:14 -07:00
parent f5c10bb24c
commit 84789f64c9
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/controllers/albums_controller.rb
View file

@ -26,7 +26,7 @@ class AlbumsController < ApplicationController
end
def destroy
@album = Album.find_by_id params[:id]
@album = current_user.album_by_id params[:id]
@album.destroy
flash[:notice] = "Album #{@album.name} deleted."
respond_with :location => albums_url
@ -41,12 +41,12 @@ class AlbumsController < ApplicationController
end
def edit
@album = Album.find_by_id params[:id]
@album = current_user.album_by_id params[:id]
redirect_to @album unless current_user.owns? @album
end
def update
@album = Album.find_by_id params[:id]
@album = current_user.album_by_id params[:id]
if @album.update_attributes params[:album]
flash[:notice] = "Album #{@album.name} successfully edited."
respond_with @album