Sha256: 33b41ecbf7c6779ab4016611ef1b736f20ebc3389c21b11ac8c0bbe07802ad17
Contents?: true
Size: 926 Bytes
Versions: 1
Compression:
Stored size: 926 Bytes
Contents
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :set_current_user
before_filter :check_route
rescue_from CanCan::AccessDenied do |exception|
if request.env["HTTP_REFERER"]
redirect_to :back, :alert => exception.message
else
redirect_to "/login"
end
end
def current_ability
@current_ability ||= Ability.new(@current_user)
end
def set_current_user
@current_user = session[:member_id] ? Member.where(:id => session[:member_id].to_i, :freezed => 0).first : nil
end
def check_route
if params[:controller]!="apis"
url = "#{params[:controller].gsub(/\//, "_")}_#{params[:action]}"
authorize! :manage, url.to_sym, :message => "你没有访问权限"
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| admin-sys-1.1.0 | app/controllers/application_controller.rb |