htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor /insights to throw a Pundit exception if no current_user is set

Browse Source
This commit is contained in:
Sebastian Serth
2018-11-28 15:44:45 +01:00
parent 212867f300
commit 832b48ba62
2 changed files with 28 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/controllers/application_controller.rb
View File

@ -14,8 +14,15 @@ class ApplicationController < ActionController::Base
@current_user ||= ExternalUser.find_by(id: session[:external_user_id]) || login_from_session || login_from_other_sources
end
def require_user!
raise Pundit::NotAuthorizedError unless current_user
end
def render_not_authorized
redirect_to(request.referrer || :root, alert: t('application.not_authorized'))
respond_to do |format|
format.html { redirect_to(request.referrer || :root, alert: t('application.not_authorized')) }
format.json { render json: {error: t('application.not_authorized')}, status: :unauthorized }
end
end
private :render_not_authorized