about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorEmelia Smith <ThisIsMissEm@users.noreply.github.com>2018-04-03 13:07:32 +0200
committerEugen Rochko <eugen@zeonfederated.com>2018-04-03 13:07:32 +0200
commit2e59751823585a8ef8729d4287239b326ab02193 (patch)
tree0b942b9b0640e7378f5578c2a2705c0c5c136e9e /app
parent1c293086a16fce465d5bdc123809f2d28b3e2ab6 (diff)
Improve require_admin! and require_staff! filters (#7018)
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
Diffstat (limited to 'app')
-rw-r--r--app/controllers/application_controller.rb4
1 files changed, 2 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 6e5042617..588526447 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -39,11 +39,11 @@ class ApplicationController < ActionController::Base
   end
 
   def require_admin!
-    redirect_to root_path unless current_user&.admin?
+    forbidden unless current_user&.admin?
   end
 
   def require_staff!
-    redirect_to root_path unless current_user&.staff?
+    forbidden unless current_user&.staff?
   end
 
   def check_suspension