Commit 694768e5 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Fix 404 if Group guest visit empty group page

parent 0235c2a7
......@@ -110,7 +110,7 @@ class GroupsController < ApplicationController
# Dont allow unauthorized access to group
def authorize_read_group!
unless projects.present? or can?(current_user, :manage_group, @group)
unless projects.present? or can?(current_user, :read_group, @group)
return render_404
end
end
......
......@@ -135,6 +135,10 @@ class Ability
def group_abilities user, group
rules = []
if group.users.include?(user)
rules << :read_group
end
# Only group owner and administrators can manage group
if group.owners.include?(user) || user.admin?
rules << [
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment