Authorize access to admin panel, etc.
Adds a separate admin namespace and base controller, with authorization by looking up the admin property in the user's LDAP account.
This commit is contained in:
@@ -8,4 +8,15 @@ class ApplicationController < ActionController::Base
|
||||
redirect_to welcome_path and return
|
||||
end
|
||||
end
|
||||
|
||||
def authorize_admin
|
||||
http_status :forbidden unless current_user.is_admin?
|
||||
end
|
||||
|
||||
def http_status(status)
|
||||
respond_to do |format|
|
||||
format.html { render template: "shared/status_#{status.to_s}", status: status }
|
||||
format.any { head status }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user