about summary refs log tree commit diff
path: root/app/controllers/admin/domain_blocks_controller.rb
diff options
context:
space:
mode:
authorClaire <claire.github-309c@sitedethib.com>2022-07-05 11:57:30 +0200
committerClaire <claire.github-309c@sitedethib.com>2022-07-05 11:57:30 +0200
commit75279377583c6e2aa04cc8d7380c593979630b38 (patch)
tree5581ead197b546a3107aee2d26361b3a649bd7d7 /app/controllers/admin/domain_blocks_controller.rb
parent30e7836a1961e8e70938b14232abd91238eb2be4 (diff)
Fix authorization check in domain blocks controller
Diffstat (limited to 'app/controllers/admin/domain_blocks_controller.rb')
-rw-r--r--app/controllers/admin/domain_blocks_controller.rb1


1 files changed, 1 insertions, 0 deletions
diff --git a/app/controllers/admin/domain_blocks_controller.rb b/app/controllers/admin/domain_blocks_controller.rb
index 48e9781d6..32f1f9a5d 100644
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@@ -5,6 +5,7 @@ module Admin
     before_action :set_domain_block, only: [:show, :destroy, :edit, :update]
 
     def batch
+      authorize :domain_block, :create?
       @form = Form::DomainBlockBatch.new(form_domain_block_batch_params.merge(current_account: current_account, action: action_from_button))
       @form.save
     rescue ActionController::ParameterMissing

 

generated by cgit-pink  (git 2.37.1) at 2024-07-23 23:31:41 +0000