aas/additionals
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

do not allow use of recently used dashboard without permission

Browse Source
This commit is contained in:
Alexander Meindl 2020-08-05 18:18:23 +02:00
parent 8997af7170
commit 1ed492f35f
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/dashboard.rb
View File

@ -71,7 +71,7 @@ class Dashboard < ActiveRecord::Base
scope = where(dashboard_type: dashboard_type) scope = where(dashboard_type: dashboard_type)
scope = scope.where(project_id: project.id).or(scope.where(project_id: nil)) if project.present? scope = scope.where(project_id: project.id).or(scope.where(project_id: nil)) if project.present?
dashboard = scope.find_by(id: recently_id) if recently_id.present? dashboard = scope.visible.find_by(id: recently_id) if recently_id.present?
if dashboard.blank? if dashboard.blank?
scope = scope.where(system_default: true).or(scope.where(author_id: user.id)) scope = scope.where(system_default: true).or(scope.where(author_id: user.id))

2
lib/additionals/patches/welcome_controller_patch.rb
View File

@ -31,7 +31,7 @@ module Additionals
return render_404 return render_404
end end
else else
@dashboard = Dashboard.default(DashboardContentWelcome::TYPE_NAME) @dashboard = Dashboard.default DashboardContentWelcome::TYPE_NAME
end end
resently_used_dashboard_save @dashboard resently_used_dashboard_save @dashboard