|
|
@ -43,7 +43,8 @@ not_found do |
|
|
|
serve :"404" |
|
|
|
serve :"404" |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
def auth_denied(msg="You are not permitted to do that!") |
|
|
|
def auth_denied(msg="You are not permitted to do that!", status=403) |
|
|
|
|
|
|
|
session[:status] = status |
|
|
|
flash[:error] = msg |
|
|
|
flash[:error] = msg |
|
|
|
redirect "/" |
|
|
|
redirect "/" |
|
|
|
end |
|
|
|
end |
|
|
@ -217,8 +218,8 @@ get "/admin" do |
|
|
|
p flags.to_s(2) |
|
|
|
p flags.to_s(2) |
|
|
|
|
|
|
|
|
|
|
|
user = get_current_user |
|
|
|
user = get_current_user |
|
|
|
banned unless !user.banned? |
|
|
|
banned unless !user.banned? # reject the user if banned |
|
|
|
auth_denied unless user.flags != 0 |
|
|
|
auth_denied unless user.flags != 0 # reject the user if he/she has no roles |
|
|
|
|
|
|
|
|
|
|
|
serve :admin, {flags: flags} |
|
|
|
serve :admin, {flags: flags} |
|
|
|
end |
|
|
|
end |
|
|
|