Add authorisation check for ManagementController

This commit is contained in:
Petko Bordjukov 2014-09-17 14:30:50 +03:00
parent 10eec9c080
commit 414f1a3916
1 changed files with 8 additions and 0 deletions

View File

@ -1,5 +1,13 @@
module Management module Management
class ManagementController < ::ApplicationController class ManagementController < ::ApplicationController
before_action :authenticate_user!, :authorize_user!
layout 'management' layout 'management'
private
def authorize_user!
head :forbidden unless current_user.admin?
end
end end
end end