diff options
Diffstat (limited to 'app/controllers/application.rb')
| -rw-r--r-- | app/controllers/application.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/application.rb b/app/controllers/application.rb index 7a56e61f0..d21d0bd8c 100644 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -95,11 +95,15 @@ class ApplicationController < ActionController::Base end true end + + def deny_access + User.current.logged? ? render_403 : require_login + end # Authorize the user for the requested action def authorize(ctrl = params[:controller], action = params[:action]) allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project) - allowed ? true : (User.current.logged? ? render_403 : require_login) + allowed ? true : deny_access end # make sure that the user is a member of the project (or admin) if project is private |