MinaHany94
commented
9 years ago @mayarali the user would not even be able to view the "Delete" link if he was not an admin in the magazine.The check is done in cancan and view level
Open MinaHany94 opened 9 years ago
MinaHany94
commented
9 years ago @mayarali the user would not even be able to view the "Delete" link if he was not an admin in the magazine.The check is done in cancan and view level
omaressameldin
commented
9 years ago @MinaHany94 add alt boxes to check if the user is authorized to delete or not actions are not sent from view to controller but from controller to models params are sent from view to controller
@MinaHany94 You have to check first that this user is an admin in this magazine and you have to pass user id and magazine id and check that the magazine already exists