From bdd32643dbb947e9a184a603193bf80286019dfd Mon Sep 17 00:00:00 2001 From: Eric Schultz Date: Tue, 5 Jan 2021 16:44:45 -0600 Subject: [PATCH] Add support for non-html authenticate_user! responses --- .../concerns/controllers/user/authorization.rb | 6 +++--- app/controllers/direct_uploads_controller.rb | 10 ++++++++++ 2 files changed, 13 insertions(+), 3 deletions(-) create mode 100644 app/controllers/direct_uploads_controller.rb diff --git a/app/controllers/concerns/controllers/user/authorization.rb b/app/controllers/concerns/controllers/user/authorization.rb index 9e8ef86f..8f689105 100644 --- a/app/controllers/concerns/controllers/user/authorization.rb +++ b/app/controllers/concerns/controllers/user/authorization.rb @@ -8,15 +8,15 @@ module Controllers::User::Authorization included do helper_method :current_role?, :administered_nonprofit private - def authenticate_user!(type= :html) - reject_with_sign_in unless current_user + def authenticate_user!(msg=nil, type= :html) + reject_with_sign_in(msg, type) unless current_user end def reject_with_sign_in(msg=nil, type= :html) if type == :html block_with_sign_in(msg) else - render text: msg, status: :unauthorized + render json: {message:msg}, status: :unauthorized end end diff --git a/app/controllers/direct_uploads_controller.rb b/app/controllers/direct_uploads_controller.rb new file mode 100644 index 00000000..412a50af --- /dev/null +++ b/app/controllers/direct_uploads_controller.rb @@ -0,0 +1,10 @@ +# frozen_string_literal: true + +# +class DirectUploadsController < ActiveStorage::DirectUploadsController + include Controllers::Nonprofit::Authorization + skip_before_action :verify_authenticity_token, only: [:create] + before_action do + authenticate_user!("You must be logged in to use this", :json) + end +end \ No newline at end of file