From d4283be8b1e33d30d2a1c0f638a713c5e81cc916 Mon Sep 17 00:00:00 2001
From: jessib <jessib@riseup.net>
Date: Thu, 8 Aug 2013 11:48:16 -0700
Subject: Still a bit hacky, but catching some more corner cases as far as
 setting the user variable, due to complication that an admin might be
 accessing data for another user.

---
 billing/app/views/subscriptions/show.html.haml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'billing/app/views/subscriptions/show.html.haml')

diff --git a/billing/app/views/subscriptions/show.html.haml b/billing/app/views/subscriptions/show.html.haml
index 10eb667..ebb7e0d 100644
--- a/billing/app/views/subscriptions/show.html.haml
+++ b/billing/app/views/subscriptions/show.html.haml
@@ -3,4 +3,5 @@
     Current
   Subscription
 = render :partial => "subscription_details",  :locals => {:subscription => @subscription}
-= link_to t(:cancel_subscription), subscription_path,  :confirm => t(:are_you_sure), :method => :delete, :class => 'btn btn-danger' if @subscription.status == 'Active' # permission check or should that just be on show?
+- if @user == current_user
+  = link_to t(:cancel_subscription), subscription_path(@subscription.id),  :confirm => t(:are_you_sure), :method => :delete, :class => 'btn btn-danger' if @subscription.status == 'Active' # permission check or should that just be on show?
-- 
cgit v1.2.3