noosfero | Refactor access control logic (!1361)

[Rodrigo Souto]

Rodrigo Souto started a new discussion on app/concerns/access_levels.rb:

> +      end
> +    end
>  
> -      # Only friends and members
> -      related: 2,
> +    def validate_logged_permissions(user, profile, content = nil)
> +      if user && profile
> +        @@permission_level = ProfileAccessLevels.permission(user,
> +                                                            profile,
> +                                                            content)
> +        @@permission_level = ArticleAccessLevels.permission(user,
> +                                                            profile,
> +                                                            content)
> +        @@permission_level ||= levels[:users]
> +      else
> +        @@permission_level ||= levels[:users] if profile.nil?

This will return `levels[:users]`when both profile and user are `nil`. I don't think this should happen.

---
Reply to this email directly or view it on GitLab: https://gitlab.com/noosfero/noosfero/merge_requests/1361#note_61690660
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20180305/f4132ba2/attachment.html>