Modified: branches/components/lib/rest.rb (3239 => 3240)
--- branches/components/lib/rest.rb 2012-12-06 14:02:04 UTC (rev 3239)
+++ branches/components/lib/rest.rb 2012-12-06 14:33:00 UTC (rev 3240)
@@ -1325,8 +1325,12 @@
if ob.nil?
return rest_response(404, :reason => "Couldn't find a Pack with id #{id}")
else
- ob.snapshot!
- return rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
+ if Authorization.check('edit', ob, opts[:user])
+ ob.snapshot!
+ return rest_get_request(ob, opts[:user], { "id" => ob.id.to_s })
+ else
+ return rest_response(401, :reason => "Not authorised to snapshot pack #{id}")
+ end
end
else
ob = Pack.new(:contributor => opts[:user])