Sha256: 35a7f42e7951ee5b9834b29b9d88a64c6bbbb5c3d67b2a5e0d1bf9314519351a
Contents?: true
Size: 777 Bytes
Versions: 3
Compression:
Stored size: 777 Bytes
Contents
class Admin::BaseController < Spree::BaseController
ssl_required
helper :search
helper 'admin/navigation'
layout 'admin'
protected
def render_js_for_destroy
render :partial => "/admin/shared/destroy"
flash.notice = nil
end
# Index request for JSON needs to pass a CSRF token in order to prevent JSON Hijacking
def check_json_authenticity
return unless request.format.js? or request.format.json?
auth_token = params[request_forgery_protection_token]
unless (auth_token and form_authenticity_token == auth_token.gsub(' ', '+'))
raise(ActionController::InvalidAuthenticityToken)
end
end
# def require_object_editable_by_current_user
# return access_denied unless object.editable_by?(current_user)
# true
# end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| spree_core-0.50.2 | app/controllers/admin/base_controller.rb |
| spree_core-0.50.1 | app/controllers/admin/base_controller.rb |
| spree_core-0.50.0 | app/controllers/admin/base_controller.rb |