Authorize access to admin panel, etc.

Adds a separate admin namespace and base controller, with authorization
by looking up the admin property in the user's LDAP account.
This commit is contained in:
2020-11-18 00:22:44 +01:00
parent 6614f14d8a
commit f0312cb8e7
13 changed files with 58 additions and 11 deletions
+11
View File
@@ -8,4 +8,15 @@ class ApplicationController < ActionController::Base
redirect_to welcome_path and return
end
end
def authorize_admin
http_status :forbidden unless current_user.is_admin?
end
def http_status(status)
respond_to do |format|
format.html { render template: "shared/status_#{status.to_s}", status: status }
format.any { head status }
end
end
end