Created
April 15, 2014 14:08
-
-
Save forced-request/10735707 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class ApplicationController < ActionController::Base | |
| ensure_authorization_performed :except => [:index, :search], :if => :auditing_security?, :unless => :devise_controller? | |
| private | |
| def auditing_security? | |
| Rails.env != 'production' | |
| end | |
| # Send 'em back where they came from with a slap on the wrist | |
| def authority_forbidden(error) | |
| Authority.logger.warn(error.message) | |
| redirect_to request.referrer.presence || root_path, :alert => 'You are not authorized to complete that action.' | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Framework < ActiveRecord::Base | |
| include Authority::Abilities | |
| self.authorizer_name = 'InfoDatabaseAuthorizer' | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class FrameworksController < AuthenticatedController | |
| authorize_actions_for Framework | |
| def index | |
| @frameworks = Framework.all | |
| end | |
| def new | |
| @framework = Framework.new | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment