From 8bf58bfada05c61dbd773b74e9e6d91f01d3aae1 Mon Sep 17 00:00:00 2001
From: Xinhui
Date: Fri, 7 Oct 2016 15:57:34 +0200
Subject: Policy Chouette::StopArea

Refs #1780
---
 app/controllers/application_controller.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'app/controllers/application_controller.rb')

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fa3874632..c2414f5bb 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,9 +1,13 @@
 class ApplicationController < ActionController::Base
+  include Pundit
+  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
+
   # TODO : Delete hack to authorize Cross Request for js and json get request from javascript
   protect_from_forgery unless: -> { request.get? && (request.format.json? || request.format.js?) }
   before_action :authenticate_user!
   before_action :set_locale
 
+
   # Load helpers in rails engine
   helper LanguageEngine::Engine.helpers
 
@@ -13,6 +17,10 @@ class ApplicationController < ActionController::Base
 
   protected
 
+  def user_not_authorized
+    render :file => "#{Rails.root}/public/403.html", :status => :forbidden, :layout => false
+  end
+
   def current_organisation
     current_user.organisation if current_user
   end
-- 
cgit v1.2.3