summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/api/v1/switchboards_controller.rb12
-rw-r--r--app/models/ability.rb4
2 files changed, 12 insertions, 4 deletions
diff --git a/app/controllers/api/v1/switchboards_controller.rb b/app/controllers/api/v1/switchboards_controller.rb
index e6996ca..4d6607a 100644
--- a/app/controllers/api/v1/switchboards_controller.rb
+++ b/app/controllers/api/v1/switchboards_controller.rb
@@ -5,16 +5,20 @@ module Api
def index
@user = current_user
- @switchboards = @user.switchboards
+ @switchboards = Switchboard.all
- respond_with @switchboards
+ if can? :read, @switchboards
+ respond_with @switchboards
+ end
end
def show
@user = current_user
- @switchboard = @user.switchboards.find(params[:id])
+ @switchboard = Switchboard.find(params[:id])
- respond_with @switchboard
+ if can? :read, @switchboard
+ respond_with @switchboard
+ end
end
end
end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 8718dc4..66f3c60 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -95,6 +95,10 @@ class Ability
#
cannot :manage, RestoreJob
+ # Admin can manage all switchboards.
+ #
+ can :manage, Switchboard
+
else
# Any user can do the following stuff.
#