Revision 1b9ff021
Added by Ohad Levy over 13 years ago
- ID 1b9ff021bfdd895c5e6ab43d8b3cfa3dd21699ca
| app/controllers/application_controller.rb | ||
|---|---|---|
|
before_filter :welcome, :detect_notices, :only => :index, :unless => :request_json?
|
||
|
before_filter :authorize, :except => :login
|
||
|
|
||
|
protected
|
||
|
|
||
|
# Authorize the user for the requested action
|
||
|
def authorize(ctrl = params[:controller], action = params[:action])
|
||
|
return true if request.xhr?
|
||
| ... | ... | |
|
User.current.logged? ? render_403 : require_login
|
||
|
end
|
||
|
|
||
|
protected
|
||
|
|
||
|
def require_ssl
|
||
|
# if SSL is not configured, don't bother forcing it.
|
||
|
return true unless SETTINGS[:require_ssl]
|
||
Also available in: Unified diff
all application controller methods should be protected