Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-05-06 06:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Authorize before adding apps to folders

Browse source
This commit is contained in:
navaneeth 2021-05-19 15:55:59 +05:30
parent 10ac265022
commit bfd5af856f
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/controllers/folder_apps_controller.rb
View file

@ -4,6 +4,12 @@ class FolderAppsController < ApplicationController
app_id = params[:app_id]
folder_id = params[:folder_id]
@app = App.find app_id
unless AppPolicy.new(@current_user, @app).update?
render json: { message: 'Could not add app to folder due to insufficient permissions' }, status: 500
end
folder_app = FolderApp.new(app_id: app_id, folder_id: folder_id)
if folder_app.save