Code cleanup.

git-svn-id: http://svn.redmine.org/redmine/trunk@16725 e93f8b46-1217-0410-a6f0-8f06a7374b81
2025-12-24 01:11:12 +00:00 · 2017-06-26 20:51:28 +00:00 · 2017-06-26 20:51:28 +00:00 · 310060ff57
commit 310060ff57
parent e7c0e16a3f
1 changed files with 9 additions and 13 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -272,35 +272,31 @@ class ApplicationController < ActionController::Base
  end

  # Find project of id params[:id]
-  def find_project
-    @project = Project.find(params[:id])
+  def find_project(project_id=params[:id])
+    @project = Project.find(project_id)
  rescue ActiveRecord::RecordNotFound
    render_404
  end

  # Find project of id params[:project_id]
  def find_project_by_project_id
-    @project = Project.find(params[:project_id])
-  rescue ActiveRecord::RecordNotFound
-    render_404
+    find_project(params[:project_id])
  end

  # Find project of id params[:id] if present
  def find_optional_project_by_id
    if params[:id].present?
-      @project = Project.find(params[:id])
+      find_project(params[:id])
    end
-  rescue ActiveRecord::RecordNotFound
-    render_404
  end

  # Find a project based on params[:project_id]
+  # and authorize the user for the requested action
  def find_optional_project
-    @project = Project.find(params[:project_id]) unless params[:project_id].blank?
-    allowed = User.current.allowed_to?({:controller => params[:controller], :action => params[:action]}, @project, :global => true)
-    allowed ? true : deny_access
-  rescue ActiveRecord::RecordNotFound
-    render_404
+    if params[:project_id].present?
+      find_project(params[:project_id])
+    end
+    authorize_global
  end

  # Finds and sets @project based on @object.project