Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

:allow_admins redirects to root_path, which requires admin access #23

Closed
viamin opened this issue May 24, 2018 · 2 comments
Closed

:allow_admins redirects to root_path, which requires admin access #23

viamin opened this issue May 24, 2018 · 2 comments

Comments

@viamin
Copy link
Contributor

viamin commented May 24, 2018

If you visit the root path when logged in as a regular user, the :allow_admins callback redirects to root_path, which creates a circular redirect.

Non-admins should be able to load the app.

Fix is just to add except: :index to the callback
viamin added a commit to viamin/gdpr_rails that referenced this issue May 24, 2018
@viamin
Allow non-admins to use the app (prey#23)
789b8b8
@viamin viamin mentioned this issue May 24, 2018
Merged
@michelson
Copy link
Contributor

Hi @viamin , thanks for this contribution

since root_url shows admin information this endpoint should be enabled for admins only. I suggest that this PR instead of bypass protection of index , redirects to pending terms endpoints (user_terms/pending )

@viamin
Copy link
Contributor Author

viamin commented May 25, 2018

Sounds reasonable. I'll update the PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@michelson @viamin