<role>_only: fix role checking logic to check ip bans last.

Make <role>_only methods check the role first and ip bans last. This avoids hitting the database for anonymous users, since they'll always fail the is_<role>? check before the ip check.
2018-09-09 20:01:26 -05:00
parent e546e52bd7
commit de10ea66a1
2 changed files with 2 additions and 9 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -113,10 +113,6 @@ class User < ApplicationRecord
  accepts_nested_attributes_for :dmail_filter

  module BanMethods
-    def is_banned_or_ip_banned?
-      return is_banned? || IpBan.is_banned?(CurrentUser.ip_addr)
-    end
-
    def validate_ip_addr_is_not_banned
      if IpBan.is_banned?(CurrentUser.ip_addr)
        self.errors[:base] << "IP address is banned"