granblue.team/hensei-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add admin mode

Browse source 
The API Controller checks if the user is logged in and whether they are an admin, and checks for the X-Admin-Mode header
This commit is contained in:
Justin Edmund 2023-08-24 21:56:41 -07:00
parent 7b4ef39014
commit 9a930c8d99
1 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/controllers/api/v1/api_controller.rb
View file

@ -50,9 +50,17 @@ module Api
@current_user @current_user
end end
def admin_mode
if current_user && current_user.admin? && request.headers['X-Admin-Mode']
@admin_mode ||= request.headers['X-Admin-Mode'] == 'true'
end
@admin_mode
end
def edit_key def edit_key
@edit_key ||= request.headers['X-Edit-Key'] if request.headers['X-Edit-Key'] @edit_key ||= request.headers['X-Edit-Key'] if request.headers['X-Edit-Key']
@edit_key @edit_key
end end
@ -96,9 +104,9 @@ module Api
def render_not_found_response(object) def render_not_found_response(object)
render json: ErrorBlueprint.render(nil, error: { render json: ErrorBlueprint.render(nil, error: {
message: "#{object.capitalize} could not be found", message: "#{object.capitalize} could not be found",
code: 'not_found' code: 'not_found'
}), status: :not_found }), status: :not_found
end end
def render_unauthorized_response def render_unauthorized_response