From faa258593976639c88c1e658ed9578081939e42b Mon Sep 17 00:00:00 2001
From: Godwin <goodgodwin@hotmail.com>
Date: Thu, 5 Jan 2017 16:23:20 -0800
Subject: [PATCH] Made viewing un published conferences a 403 unless user is a
 host

---
 app/controllers/conferences_controller.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/controllers/conferences_controller.rb b/app/controllers/conferences_controller.rb
index 8f51a2b..1cecbe3 100644
--- a/app/controllers/conferences_controller.rb
+++ b/app/controllers/conferences_controller.rb
@@ -15,6 +15,8 @@ class ConferencesController < ApplicationController
 
   def view
     set_conference
+    do_403 unless @this_conference.is_public || @this_conference.host?(current_user)
+
     @workshops = Workshop.where(:conference_id => @conference.id)
 
     if @this_conference.workshop_schedule_published