Permalink
Browse files

add admin authorization

  • Loading branch information...
1 parent 6d97565 commit 736c4415067e2d18adf4d4f33c208578fb8231f1 @blahed committed Nov 14, 2012
@@ -1,4 +1,6 @@
class Admin::GroupsController < ApplicationController
+ before_filter :authorize_admin
+
def index
@groups = Group.all
end
@@ -1,4 +1,5 @@
class Admin::UsersController < AdminController
+ before_filter :authorize_admin
def index
@users = User.where
@@ -15,6 +15,12 @@ def authorize
redirect_to login_url, :alert => 'Not authorized'
end
end
+
+ def authorize_admin
+ if current_user.nil? || !current_user.admin?
+ redirect_to login_url, :alert => 'Not authorized'
+ end
+ end
def allowed_groups
if current_user.admin?

0 comments on commit 736c441

Please sign in to comment.