summaryrefslogtreecommitdiff
path: root/help/app/models
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2012-10-18 13:42:37 -0700
committerjessib <jessib@riseup.net>2012-10-18 13:42:37 -0700
commit8b9d5235faed6c15e8ef2e2dc76aec7f24d0bb50 (patch)
treede26dada544adf1158548ef437892759504323d0 /help/app/models
parente927ad44c1f3e7e31cd393ce92a78267e4761660 (diff)
Uses the working authentication code.
Diffstat (limited to 'help/app/models')
-rw-r--r--help/app/models/ticket.rb2
-rw-r--r--help/app/models/ticket_comment.rb2
2 files changed, 2 insertions, 2 deletions
diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb
index 76fa5c8..f38fed2 100644
--- a/help/app/models/ticket.rb
+++ b/help/app/models/ticket.rb
@@ -79,7 +79,7 @@ class Ticket < CouchRest::Model::Base
def comments_attributes=(attributes)
comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes)
- comment.posted_by = User.current_test.id if User.current_test #should we not access User.current here?
+ #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller
comment.posted_at = Time.now
comments << comment
diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb
index a8639a1..49e5c6c 100644
--- a/help/app/models/ticket_comment.rb
+++ b/help/app/models/ticket_comment.rb
@@ -2,7 +2,7 @@ class TicketComment
include CouchRest::Model::Embeddable
#belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way?
- property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=
+ property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=. also, if it is protected and we set in the tickets_controller, it gets unset. TODO---is this okay to have it not protected and manually check it? We do not users to be able to set this.
# if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL
property :posted_at, Time#, :protected => true
#property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created