diff options
| author | ThibG <thib@sitedethib.com> | 2020-06-05 15:23:27 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-05 15:23:27 +0200 |
| commit | bf6745b9c326e64b819a381a0558cc87c99be4be (patch) | |
| tree | 1502504967828c16117431d8f37bedb8143c8532 /app/views | |
| parent | aed3a436a2dbef40096ec8596cec08e185efe936 (diff) | |
Fix unpermitted operations on custom emojis leading to cryptic errors (#13951)
* Display appropriate error when performing unpermitted operation on custom emoji Fixes #13897 * Remove links to custom emoji actions not performable by moderators
Diffstat (limited to 'app/views')
| -rw-r--r-- | app/views/admin/custom_emojis/index.html.haml | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/app/views/admin/custom_emojis/index.html.haml b/app/views/admin/custom_emojis/index.html.haml index 69aa5ae41..c96a1ce00 100644 --- a/app/views/admin/custom_emojis/index.html.haml +++ b/app/views/admin/custom_emojis/index.html.haml @@ -4,8 +4,9 @@ - content_for :header_tags do = javascript_pack_tag 'admin', integrity: true, async: true, crossorigin: 'anonymous' -- content_for :heading_actions do - = link_to t('admin.custom_emojis.upload'), new_admin_custom_emoji_path, class: 'button' +- if can?(:create, :custom_emoji) + - content_for :heading_actions do + = link_to t('admin.custom_emojis.upload'), new_admin_custom_emoji_path, class: 'button' .filters .filter-subset @@ -58,9 +59,10 @@ = f.button safe_join([fa_icon('power-off'), t('admin.custom_emojis.disable')]), name: :disable, class: 'table-action-link', type: :submit, data: { confirm: t('admin.reports.are_you_sure') } - = f.button safe_join([fa_icon('times'), t('admin.custom_emojis.delete')]), name: :delete, class: 'table-action-link', type: :submit, data: { confirm: t('admin.reports.are_you_sure') } + - if can?(:destroy, :custom_emoji) + = f.button safe_join([fa_icon('times'), t('admin.custom_emojis.delete')]), name: :delete, class: 'table-action-link', type: :submit, data: { confirm: t('admin.reports.are_you_sure') } - - unless params[:local] == '1' + - if can?(:copy, :custom_emoji) && params[:local] != '1' = f.button safe_join([fa_icon('copy'), t('admin.custom_emojis.copy')]), name: :copy, class: 'table-action-link', type: :submit, data: { confirm: t('admin.reports.are_you_sure') } - if params[:local] == '1' |