diff options
author | Azul <azul@leap.se> | 2012-10-24 20:35:52 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-10-24 20:35:52 +0200 |
commit | 3e0a1a47c0eafb7f9b79e5f2765ea33ce1ad159b (patch) | |
tree | 8c69443d15f23b391cdb282f9194d293307c98e4 /users/app | |
parent | 3ba2e664a26e96a93c8640b57241af6386db361e (diff) |
basic admin controller methods and helpers + tests
Diffstat (limited to 'users/app')
-rw-r--r-- | users/app/controllers/application_controller.rb | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb index 64e1a55..0d6e5d1 100644 --- a/users/app/controllers/application_controller.rb +++ b/users/app/controllers/application_controller.rb @@ -1,14 +1,32 @@ class ApplicationController < ActionController::Base protect_from_forgery - private + protected def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end helper_method :current_user + def logged_in? + !!current_user + end + helper_method :logged_in? + def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? + access_denied unless logged_in? + end + + def admin? + current_user && current_user.is_admin? + end + helper_method :admin? + + def authorize_admin + access_denied unless admin? + end + + def access_denied + redirect_to login_url, :alert => "Not authorized" end end |