cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ensure authorization checks happen for all controller methods

Browse source
This commit is contained in:
Andy Allan 2019-01-16 11:45:13 +01:00
parent fc6209dc07
commit 131fd76cae
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
app/controllers/application_controller.rb
View file

@ -4,6 +4,7 @@ class ApplicationController < ActionController::Base
protect_from_forgery :with => :exception protect_from_forgery :with => :exception
rescue_from CanCan::AccessDenied, :with => :deny_access rescue_from CanCan::AccessDenied, :with => :deny_access
check_authorization
before_action :fetch_body before_action :fetch_body
around_action :better_errors_allow_inline, :if => proc { Rails.env.development? } around_action :better_errors_allow_inline, :if => proc { Rails.env.development? }