Skip to content

Commit

Permalink
Merge pull request #52 from anamariasosa/hotfix/edit_product_permissions
Browse files Browse the repository at this point in the history 
add authentication validation in edit products
  • Loading branch information
@anamariasosam
anamariasosam authored Jul 23, 2016
2 parents 4db37f1 + bc7b32e commit 801083d
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
4 changes: 4 additions & 0 deletions app/controllers/products_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,10 @@ def new

# GET /products/1/edit
def edit
if current_user.id != @product.store_id
flash[:error] = t('product.edit_permissions')
redirect_to root_url
end
end

# POST /products
Expand Down
1 change: 1 addition & 0 deletions config/locales/es.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
es:
product:
purchase: Actualmente puedes contactar el vendedor con su número de teléfono.
edit_permissions: No tienes permisos para editar este producto
mail_form:
attributes:
contact:
Expand Down

0 comments on commit 801083d

Please sign in to comment.