about summary refs log tree commit diff
path: root/app/controllers/settings/sessions_controller.rb
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2020-09-11 20:56:35 +0200
committerGitHub <noreply@github.com>2020-09-11 20:56:35 +0200
commit4e4b3a0c8e69a724e229f028896ce774ef26df3b (patch)
treed5e7e22746d286998972b138dafa260a2482e532 /app/controllers/settings/sessions_controller.rb
parente6b272e5c9c227cfbbe375a893f567c5967d669c (diff)
Refactor settings controllers (#14767)
- Disallow suspended accounts from revoking sessions and apps
- Allow suspended accounts to access exports
Diffstat (limited to 'app/controllers/settings/sessions_controller.rb')
-rw-r--r--app/controllers/settings/sessions_controller.rb6
1 files changed, 3 insertions, 3 deletions
diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb
index df5ace803..ee2fc5dc8 100644
--- a/app/controllers/settings/sessions_controller.rb
+++ b/app/controllers/settings/sessions_controller.rb
@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
 class Settings::SessionsController < Settings::BaseController
-  before_action :authenticate_user!
-  before_action :set_session, only: :destroy
-
   skip_before_action :require_functional!
 
+  before_action :require_not_suspended!
+  before_action :set_session, only: :destroy
+
   def destroy
     @session.destroy!
     flash[:notice] = I18n.t('sessions.revoke_success')
generated by cgit-pink (git 2.37.1) at 2024-06-26 15:15:50 +0000