14 lines
321 B
Ruby
14 lines
321 B
Ruby
class Api::ApiController < ApplicationController
|
|
before_action :authenticate_user!
|
|
protect_from_forgery with: :null_session
|
|
|
|
skip_authorization_check
|
|
before_action :verify_administrator
|
|
|
|
private
|
|
|
|
def verify_administrator
|
|
raise CanCan::AccessDenied unless current_user.try(:administrator?)
|
|
end
|
|
end
|