jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

uploads: only let users see their own uploads on /uploads listing.

Browse Source
This commit is contained in:
evazion
2020-04-06 14:12:57 -05:00
parent b2ee1f0766
commit 1e0f6f730a
4 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/uploads_controller.rb
View File

@@ -25,7 +25,7 @@ class UploadsController < ApplicationController
end
def index
@uploads = authorize Upload.paginated_search(params, count_pages: true)
@uploads = authorize Upload.visible(CurrentUser.user).paginated_search(params, count_pages: true)
@uploads = @uploads.includes(:uploader, post: :uploader) if request.format.html?
respond_with(@uploads)