Improve require_admin! and require_staff! filters (#7018)
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
This commit is contained in:
		
					parent
					
						
							
								1c293086a1
							
						
					
				
			
			
				commit
				
					
						2e59751823
					
				
			
		
					 3 changed files with 58 additions and 13 deletions
				
			
		|  | @ -39,11 +39,11 @@ class ApplicationController < ActionController::Base | |||
|   end | ||||
| 
 | ||||
|   def require_admin! | ||||
|     redirect_to root_path unless current_user&.admin? | ||||
|     forbidden unless current_user&.admin? | ||||
|   end | ||||
| 
 | ||||
|   def require_staff! | ||||
|     redirect_to root_path unless current_user&.staff? | ||||
|     forbidden unless current_user&.staff? | ||||
|   end | ||||
| 
 | ||||
|   def check_suspension | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue