From 3069ec8dd227d74edf5731dbac5c50a4326992f8 Mon Sep 17 00:00:00 2001
From: Anton Ignatov <aignatov@biosistemika.com>
Date: Thu, 20 Jun 2019 09:43:23 +0200
Subject: [PATCH] Add check for edit permission

---
 app/controllers/assets_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/assets_controller.rb b/app/controllers/assets_controller.rb
index a7dca2507..9aecf53eb 100644
--- a/app/controllers/assets_controller.rb
+++ b/app/controllers/assets_controller.rb
@@ -14,7 +14,7 @@ class AssetsController < ApplicationController
 
   before_action :load_vars, except: :create_wopi_file
   before_action :check_read_permission, except: :file_present
-  before_action :check_edit_permission, only: :edit
+  before_action :check_edit_permission, only: %i(edit create_start_edit_image_activity)
 
   def file_present
     return render_403 unless @asset.team == current_team