From 84789f64c9fa8cb31a768bf3ea1dfe23ed14c7b5 Mon Sep 17 00:00:00 2001
From: Raphael <raphael@joindiaspora.com>
Date: Fri, 17 Sep 2010 14:57:14 -0700
Subject: [PATCH] scope album queries through user

---
 app/controllers/albums_controller.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/controllers/albums_controller.rb b/app/controllers/albums_controller.rb
index c4bab3d8a..dbd59c64e 100644
--- a/app/controllers/albums_controller.rb
+++ b/app/controllers/albums_controller.rb
@@ -26,7 +26,7 @@ class AlbumsController < ApplicationController
   end
 
   def destroy
-    @album = Album.find_by_id params[:id]
+    @album = current_user.album_by_id params[:id]
     @album.destroy
     flash[:notice] = "Album #{@album.name} deleted."
     respond_with :location => albums_url
@@ -41,12 +41,12 @@ class AlbumsController < ApplicationController
   end
 
   def edit
-    @album = Album.find_by_id params[:id]
+    @album = current_user.album_by_id params[:id]
     redirect_to @album unless current_user.owns? @album
   end
 
   def update
-    @album = Album.find_by_id params[:id]
+    @album = current_user.album_by_id params[:id]
     if @album.update_attributes params[:album]
       flash[:notice] = "Album #{@album.name} successfully edited."
       respond_with @album