about summary refs log tree commit diff
path: root/app/controllers/admin/settings_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/admin/settings_controller.rb')
-rw-r--r--app/controllers/admin/settings_controller.rb3
1 files changed, 3 insertions, 0 deletions
diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb
index a2f86b8a9..e81290228 100644
--- a/app/controllers/admin/settings_controller.rb
+++ b/app/controllers/admin/settings_controller.rb
@@ -28,10 +28,13 @@ module Admin
     ).freeze
 
     def edit
+      authorize :settings, :show?
       @admin_settings = Form::AdminSettings.new
     end
 
     def update
+      authorize :settings, :update?
+
       settings_params.each do |key, value|
         if UPLOAD_SETTINGS.include?(key)
           upload = SiteUpload.where(var: key).first_or_initialize(var: key)
generated by cgit-pink (git 2.37.1) at 2024-07-01 12:09:47 +0000