Merge branch 'hotfix/0.1.4' into development

wayneeseguin · Apr 17, 2010 · 9ca743b · 9ca743b
2 parents 87b354a + 77b1c02
commit 9ca743b
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/app/controllers/public/todos_controller.rb b/app/controllers/public/todos_controller.rb
@@ -1,6 +1,7 @@
 class Public::TodosController < PublicController
   before_filter :get_user, :only => [:index, :new, :create, :update_order]
   before_filter :get_todo, :except => [:index, :new, :create, :update_order]
+  before_filter :verify_user
 
   def index
     load_todos
@@ -85,7 +86,7 @@ def get_todo
     @todo = Todo.find(params[:id])
     @user = @todo.user
   end
-
+  
   def load_todos
     @todo = @user.todos.new
     @todos = @user.todos.not_complete

diff --git a/git-flow-version b/git-flow-version
@@ -1 +1 @@
-GITFLOW_VERSION=0.1.3
+GITFLOW_VERSION=0.1.4
diff --git a/lib/authentication.rb b/lib/authentication.rb
@@ -47,6 +47,15 @@ def redirect_to_target_or_default(default)
     session[:return_to] = nil
   end
 
+  def verify_user()
+    if @user != current_user
+      @user_session = UserSession.find
+      @user_session.destroy
+      flash.error = 'Unauthorized Access'
+      redirect_to root_url
+    end
+  end
+
   private
 
   def store_target_location