base_controller.rb in alchemy_cms-7.1.0.pre.b1

- old
+ new

@@ -51,11 +51,13 @@
         Rails.logger.debug <<-WARN.strip_heredoc
           /!\\ Failed to permit #{exception.action} on #{exception.subject.inspect} for:
           #{current_alchemy_user.inspect}
         WARN
       end
-      if current_alchemy_user
+      if request.format.json?
+        render json: {message: Alchemy.t("You are not authorized")}, status: :unauthorized
+      elsif current_alchemy_user
         handle_redirect_for_user
       else
         handle_redirect_for_guest
       end
     end
@@ -63,10 +65,10 @@
     def handle_redirect_for_user
       flash[:warning] = Alchemy.t("You are not authorized")
       if can?(:index, :alchemy_admin_dashboard)
         redirect_or_render_notice
       else
-        redirect_to("/")
+        redirect_to Alchemy.unauthorized_path
       end
     end
 
     def redirect_or_render_notice
       if request.xhr?