debian-mirror-gitlab/app/controllers/concerns/enforces_admin_authentication.rb

31 lines
799 B
Ruby
Raw Normal View History

2019-07-31 22:56:46 +05:30
# frozen_string_literal: true
# == EnforcesAdminAuthentication
#
# Controller concern to enforce that users are authenticated as admins
#
# Upon inclusion, adds `authenticate_admin!` as a before_action
#
module EnforcesAdminAuthentication
extend ActiveSupport::Concern
included do
before_action :authenticate_admin!
end
def authenticate_admin!
2019-12-21 20:55:43 +05:30
return render_404 unless current_user.admin?
2021-04-29 21:17:54 +05:30
return unless Gitlab::CurrentSettings.admin_mode
2019-12-21 20:55:43 +05:30
unless current_user_mode.admin_mode?
2020-01-01 13:55:28 +05:30
current_user_mode.request_admin_mode!
2019-12-21 20:55:43 +05:30
store_location_for(:redirect, request.fullpath) if storable_location?
redirect_to(new_admin_session_path, notice: _('Re-authentication required'))
end
end
def storable_location?
request.path != new_admin_session_path
2019-07-31 22:56:46 +05:30
end
end