about summary refs log tree commit diff
path: root/config/initializers
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2016-10-23 12:08:52 +0200
committerEugen Rochko <eugen@zeonfederated.com>2016-10-23 12:08:52 +0200
commit720d1f8f3d6ffbc1729e7523bd4b663703ee2f24 (patch)
treebfbd17a67b2908a6ab506254070f5fa083400038 /config/initializers
parentb746a931a5465b0ebf62e2a72e8fbea9e0f7433c (diff)
Restrict access to oauth/applications to admins only
Diffstat (limited to 'config/initializers')
-rw-r--r--config/initializers/doorkeeper.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 16297456e..2317733eb 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -15,7 +15,7 @@ Doorkeeper.configure do
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
   admin_authenticator do
-    current_user || redirect_to(new_user_session_url)
+    (current_user && current_user.admin?) || redirect_to(new_user_session_url)
   end
 
   # Authorization Code expiration time (default 10 minutes).