app/controllers/georgia/application_controller.rb in georgia-0.7.8 vs app/controllers/georgia/application_controller.rb in georgia-0.8.0

@@ -1,12 +1,17 @@
 module Georgia
   class ApplicationController < ActionController::Base
 
-    before_filter :authenticate_user!
+    include Pundit
+    after_action :verify_authorized
+    rescue_from Pundit::NotAuthorizedError do
+      redirect_to new_user_session_path
+    end
+
     layout :layout_by_resource
 
-    protect_from_forgery
+    protect_from_forgery with: :exception
 
     def current_ability
       @current_ability ||= Ability.new(current_user)
     end
 
@@ -17,9 +22,19 @@
 
     private
 
     def layout_by_resource
       devise_controller? ? "georgia/devise" : "georgia/application"
+    end
+
+    def user_not_authorized
+      flash[:alert] = "You are not authorized to perform this action."
+      redirect_to(request.referrer || root_path)
+    end
+
+    # Overwriting the sign_out redirect path method
+    def after_sign_out_path_for(resource_or_scope)
+      new_user_session_path
     end
 
   end
 end