authenticate user on edit and destroy, if current user for those meth…

…ods in index page, lot of work to do, but thats necessary for now
kevinquinnyo · Jul 18, 2011 · 942d8d9 · 942d8d9
1 parent 086e230
commit 942d8d9
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/app/controllers/stories_controller.rb b/app/controllers/stories_controller.rb
@@ -1,6 +1,6 @@
 class StoriesController < ApplicationController
 
-  before_filter :authenticate_user!, :only => [:rate]
+  before_filter :authenticate_user!, :only => [:rate, :edit, :destroy]
 
   # GET /stories
   # GET /stories.xml

diff --git a/app/views/stories/index.html.erb b/app/views/stories/index.html.erb
@@ -17,11 +17,12 @@
     <td><%= story.title %></td>
     <td><%= story.content %></td>
     <td><%= story.address %></td>
-    <td><%= story.geocoded? %></td>
     <td><%= story.value %></td>
     <td><%= link_to 'Show', story %></td>
-    <td><%= link_to 'Edit', edit_story_path(story) %></td>
-    <td><%= link_to 'Destroy', story, :confirm => 'Are you sure?', :method => :delete %></td>
+    <% if current_user %>
+      <td><%= link_to 'Edit', edit_story_path(story) %></td>
+      <td><%= link_to 'Destroy', story, :confirm => 'Are you sure?', :method => :delete %></td>
+    <% end %>
   </tr>
 <% end %>
 </table>