]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/application_controller.rb
projects / rails.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Ensure authorization checks happen for all controller methods
[rails.git] / app / controllers / application_controller.rb
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 38758e1df4277031c64ee47b5242701890261793..fa6d432e9b06c7d07b3f071e5df68525748e9856 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -4,6 +4,7 @@ class ApplicationController < ActionController::Base
   protect_from_forgery :with => :exception
 
   rescue_from CanCan::AccessDenied, :with => :deny_access
+  check_authorization
 
   before_action :fetch_body
   around_action :better_errors_allow_inline, :if => proc { Rails.env.development? }
The OpenStreetMap web site