Correct comment.

[rails.git] / app / controllers / application_controller.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index c43271b93a81faf5b3426a75097ac5fc1053f0e5..c701d8adde71093f37b9f927c1e8b228e4d5bbc6 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -78,6 +78,12 @@ class ApplicationController < ActionController::Base
         @user = User.authenticate(:username => username, :password => passwd) # basic auth
       end
     end
+
+    # check if the user has been banned
+    unless @user.nil? or @user.active_blocks.empty?
+      # NOTE: need slightly more helpful message than this.
+      render :text => t('application.setup_user_auth.blocked'), :status => :forbidden
+    end
   end
 
   def authorize(realm='Web Password', errormessage="Couldn't authenticate you")