From 32f2a4f2a147dd93cc59458a3d2599cce1bebcd1 Mon Sep 17 00:00:00 2001
From: rgarcia <voodoorai2000@gmail.com>
Date: Mon, 17 Aug 2015 22:30:24 +0200
Subject: [PATCH] adds admin verification to view stats

---
 app/controllers/stats_controller.rb | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/app/controllers/stats_controller.rb b/app/controllers/stats_controller.rb
index c33f6843e..1e76feb42 100644
--- a/app/controllers/stats_controller.rb
+++ b/app/controllers/stats_controller.rb
@@ -1,5 +1,14 @@
 class StatsController < ApplicationController
+  skip_authorization_check
+  before_action :verify_administrator
+
   def show
     @event_types = Ahoy::Event.select(:name).uniq.pluck(:name)
   end
+
+  private
+
+    def verify_administrator
+      raise CanCan::AccessDenied unless current_user.try(:administrator?)
+    end
 end