diff options
author | jessib <jessib@riseup.net> | 2012-10-18 13:42:37 -0700 |
---|---|---|
committer | jessib <jessib@riseup.net> | 2012-10-18 13:42:37 -0700 |
commit | 8b9d5235faed6c15e8ef2e2dc76aec7f24d0bb50 (patch) | |
tree | de26dada544adf1158548ef437892759504323d0 /help/app/models | |
parent | e927ad44c1f3e7e31cd393ce92a78267e4761660 (diff) |
Uses the working authentication code.
Diffstat (limited to 'help/app/models')
-rw-r--r-- | help/app/models/ticket.rb | 2 | ||||
-rw-r--r-- | help/app/models/ticket_comment.rb | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 76fa5c8..f38fed2 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -79,7 +79,7 @@ class Ticket < CouchRest::Model::Base def comments_attributes=(attributes) comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes) - comment.posted_by = User.current_test.id if User.current_test #should we not access User.current here? + #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller comment.posted_at = Time.now comments << comment diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb index a8639a1..49e5c6c 100644 --- a/help/app/models/ticket_comment.rb +++ b/help/app/models/ticket_comment.rb @@ -2,7 +2,7 @@ class TicketComment include CouchRest::Model::Embeddable #belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way? - property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes= + property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=. also, if it is protected and we set in the tickets_controller, it gets unset. TODO---is this okay to have it not protected and manually check it? We do not users to be able to set this. # if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL property :posted_at, Time#, :protected => true #property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created |