diff options
| author | Matthew Landauer <matthew@openaustralia.org> | 2013-03-04 09:06:04 +1100 |
|---|---|---|
| committer | Matthew Landauer <matthew@openaustralia.org> | 2013-03-04 09:06:09 +1100 |
| commit | d16f5b29e106d6f5f8191b7f881386f281f98691 (patch) | |
| tree | 48680eb5c46635f48d5b56755e66827cac53f144 | |
| parent | ab8f4379a6b43cd5578a6a7d6268cb904e69b2ff (diff) | |
Use Ability::can_update_request_state? in RequestController#describe_state
| -rw-r--r-- | app/controllers/request_controller.rb | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index f958a4746..36ec7ee13 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -384,13 +384,12 @@ class RequestController < ApplicationController return end - # Check authenticated, and parameters set. We check is_owning_user - # to get admin overrides (see is_owning_user? above) - if !(authenticated_user && info_request.is_old_unclassified?) && !info_request.is_owning_user?(authenticated_user) && !authenticated_as_user?(info_request.user, + # Check authenticated, and parameters set. + unless Ability::can_update_request_state?(authenticated_user, info_request) + authenticated_as_user?(info_request.user, :web => _("To classify the response to this FOI request"), :email => _("Then you can classify the FOI response you have got from ") + info_request.public_body.name + ".", - :email_subject => _("Classify an FOI response from ") + info_request.public_body.name - ) + :email_subject => _("Classify an FOI response from ") + info_request.public_body.name) # do nothing - as "authenticated?" has done the redirect to signin page for us return end |