Revision 1b9ff021
Added by Ohad Levy over 13 years ago
- ID 1b9ff021bfdd895c5e6ab43d8b3cfa3dd21699ca
app/controllers/application_controller.rb | ||
---|---|---|
before_filter :welcome, :detect_notices, :only => :index, :unless => :request_json?
|
||
before_filter :authorize, :except => :login
|
||
|
||
protected
|
||
|
||
# Authorize the user for the requested action
|
||
def authorize(ctrl = params[:controller], action = params[:action])
|
||
return true if request.xhr?
|
||
... | ... | |
User.current.logged? ? render_403 : require_login
|
||
end
|
||
|
||
protected
|
||
|
||
def require_ssl
|
||
# if SSL is not configured, don't bother forcing it.
|
||
return true unless SETTINGS[:require_ssl]
|
Also available in: Unified diff
all application controller methods should be protected