18 lines
432 B
Ruby
18 lines
432 B
Ruby
class Trace::BaseController < ApplicationController
|
|
|
|
helper_method :observed_logged_user?, :observed_user
|
|
|
|
|
|
def observed_user
|
|
@_observed_user ||= (User.find_by_login(params[:user_id]) || User.find_by_id(params[:user_id]))
|
|
end
|
|
|
|
def observed_logged_user?
|
|
observed_user.id == User.current&.id
|
|
end
|
|
|
|
protected
|
|
def check_auth
|
|
return render_forbidden unless current_user.admin? || observed_logged_user?
|
|
end
|
|
end |