From c33a27061ce5fed86f590522790726f048e625e0 Mon Sep 17 00:00:00 2001
From: Arpit Goyal <agmps17@gmail.com>
Date: Thu, 19 Jun 2014 15:54:59 +0530
Subject: [PATCH] Missed a if block for valid password

---
 app/controllers/webapps_controller.rb          | 8 +++++---
 app/views/webapps/add_permission.json.jbuilder | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/controllers/webapps_controller.rb b/app/controllers/webapps_controller.rb
index dbac122..a6b439d 100755
--- a/app/controllers/webapps_controller.rb
+++ b/app/controllers/webapps_controller.rb
@@ -151,10 +151,12 @@ def add_permission
 		@webapp = Webapp.find(params[:webapp_id]) if params[:webapp_id]
 		if (@user && @webapp)
 			check = @user.valid_password?(password)
-			w = WebappAccess.find_or_create(@webapp.id)
-			w.addUser(@user,password)
+			if(check)
+				w = WebappAccess.find_or_create(@webapp.id)
+				w.addUser(@user,password)
+			end
 		end
-		status = check ? "ok" : "notok"
+		@status = check ? "ok" : "notok"
 		@users_allowed = WebappAccess.find_or_create(@webapp.id).getUsers
 	end
 
diff --git a/app/views/webapps/add_permission.json.jbuilder b/app/views/webapps/add_permission.json.jbuilder
index 52baf87..a725407 100644
--- a/app/views/webapps/add_permission.json.jbuilder
+++ b/app/views/webapps/add_permission.json.jbuilder
@@ -1,5 +1,5 @@
 self.formats = [:html]
-	json.status :ok
+	json.status @status
 	json.type :permission
 	json.webappid @webapp.id
 	json.userid @user.id