Skip to content

Commit

Permalink
make the user edit as login as work
Browse files Browse the repository at this point in the history
  • Loading branch information
@syphax-bouazzouni
syphax-bouazzouni committed Nov 19, 2024
1 parent 3d34755 commit 95110d5
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 3 deletions.
9 changes: 6 additions & 3 deletions app/controllers/application_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,12 +253,15 @@ def authorize_and_redirect
end

def authorize_admin
admin = session[:user] && session[:user].admin?
redirect_to_home unless admin
redirect_to_home unless current_user_admin?
end

def current_user_admin?
session[:user] && session[:user].admin?
session[:user]&.admin? || current_login_as_admin?
end

def current_login_as_admin?
session[:admin_user]&.admin?
end

def ontology_restricted?(acronym)
Expand Down
1 change: 1 addition & 0 deletions app/controllers/users_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,7 @@ def unescape_id

def verify_owner
return if current_user_admin?

if session[:user].nil? || (!session[:user].id.eql?(params[:id]) && !session[:user].username.eql?(params[:id]))
redirect_to controller: 'login', action: 'index', redirect: "/accounts/#{params[:id]}"
end
Expand Down

0 comments on commit 95110d5

Please sign in to comment.