Sha256: 2eb102e4af03e82f1b3305f733c3b12537feded29f65f20c8af1ae63f277b265
Contents?: true
Size: 896 Bytes
Versions: 3
Compression:
Stored size: 896 Bytes
Contents
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :set_current_user
before_filter :check_route
rescue_from CanCan::AccessDenied do |exception|
if request.env["HTTP_REFERER"]
redirect_to :back, :alert => exception.message
else
redirect_to "/login"
end
end
def current_ability
@current_ability ||= Ability.new(@current_user)
end
def set_current_user
@current_user = session[:member_id] ? Member.where(:id => session[:member_id].to_i, :freezed => 0).first : nil
end
def check_route
if params[:controller]!="apis"
url = "#{params[:controller].gsub(/\//, "_")}_#{params[:action]}"
authorize! :manage, url.to_sym, :message => "你没有访问权限"
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| admin-sys-1.0.2 | app/controllers/application_controller.rb |
| admin-sys-1.0.1 | app/controllers/application_controller.rb |
| admin-sys-1.0.0 | app/controllers/application_controller.rb |