X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/727ee97a3f40f6b6d40546d1417f3a936692b755..ffa65d4d725fc376037cd8390f30df45f85b6d8e:/app/controllers/application_controller.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index db4ae9ad3..394b04d58 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,5 +1,6 @@ class ApplicationController < ActionController::Base include SessionPersistence + check_authorization protect_from_forgery :with => :exception @@ -467,6 +468,11 @@ class ApplicationController < ActionController::Base raise end + rescue_from CanCan::AccessDenied do |exception| + raise "Access denied on #{exception.action} #{exception.subject.inspect}" + # ... + end + private # extract authorisation credentials from headers, returns user = nil if none