Use CanCanCan to control access to oauth controller actions
[rails.git] / app / controllers / oauth_clients_controller.rb
index 76fdd642119f4adaa4763cb0c10fe91432435c1a..b925002ec7bed7278e19055c719c52092fec30d8 100644 (file)
@@ -3,7 +3,8 @@ class OauthClientsController < ApplicationController
 
   before_action :authorize_web
   before_action :set_locale
-  before_action :require_user
+
+  authorize_resource :class => ClientApplication
 
   def index
     @client_applications = current_user.client_applications
@@ -40,7 +41,7 @@ class OauthClientsController < ApplicationController
 
   def update
     @client_application = current_user.client_applications.find(params[:id])
-    if @client_application.update_attributes(application_params)
+    if @client_application.update(application_params)
       flash[:notice] = t "oauth_clients.update.flash"
       redirect_to :action => "show", :id => @client_application.id
     else