From b184b39f344b7298370c246d8f45d10f48d01a7e Mon Sep 17 00:00:00 2001
From: Andy Allan <git@gravitystorm.co.uk>
Date: Wed, 9 Jan 2019 15:34:54 +0100
Subject: [PATCH] Use CanCanCan for oauth clients controller

---
 app/abilities/ability.rb                    | 1 +
 app/controllers/oauth_clients_controller.rb | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/abilities/ability.rb b/app/abilities/ability.rb
index c4ea4ef8f..7138374f3 100644
--- a/app/abilities/ability.rb
+++ b/app/abilities/ability.rb
@@ -16,6 +16,7 @@ class Ability
 
     if user
       can :welcome, :site
+      can [:index, :new, :create, :show, :edit, :update, :destroy], ClientApplication
       can [:create, :edit, :comment, :subscribe, :unsubscribe], DiaryEntry
       can [:new, :create, :reply, :show, :inbox, :outbox, :mark, :destroy], Message
       can [:close, :reopen], Note
diff --git a/app/controllers/oauth_clients_controller.rb b/app/controllers/oauth_clients_controller.rb
index eb427e090..b925002ec 100644
--- a/app/controllers/oauth_clients_controller.rb
+++ b/app/controllers/oauth_clients_controller.rb
@@ -3,7 +3,8 @@ class OauthClientsController < ApplicationController
 
   before_action :authorize_web
   before_action :set_locale
-  before_action :require_user
+
+  authorize_resource :class => ClientApplication
 
   def index
     @client_applications = current_user.client_applications
-- 
2.43.2