return forbidden for forbidden json requests

This commit is contained in:
Ilion Beyst 2015-09-11 14:32:24 +02:00
parent 2ea8124a01
commit dbaded000f

View file

@ -4,7 +4,10 @@ class ApplicationController < ActionController::Base
protect_from_forgery with: :exception protect_from_forgery with: :exception
rescue_from CanCan::AccessDenied do |exception| rescue_from CanCan::AccessDenied do |exception|
redirect_to root_url, alert: exception.message respond_to do |format|
format.json { render nothing: true, status: :forbidden }
format.html { redirect_to root_url, alert: exception.message }
end
end end
def authenticate_user_or_client! def authenticate_user_or_client!