2019-05-01 21:07:38 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
# == EnforcesAdminAuthentication
|
|
|
|
#
|
|
|
|
# Controller concern to enforce that users are authenticated as admins
|
|
|
|
#
|
|
|
|
# Upon inclusion, adds `authenticate_admin!` as a before_action
|
|
|
|
#
|
|
|
|
module EnforcesAdminAuthentication
|
|
|
|
extend ActiveSupport::Concern
|
|
|
|
|
|
|
|
included do
|
|
|
|
before_action :authenticate_admin!
|
|
|
|
end
|
|
|
|
|
|
|
|
def authenticate_admin!
|
2019-09-26 08:06:00 -04:00
|
|
|
return render_404 unless current_user.admin?
|
2021-03-17 20:08:58 -04:00
|
|
|
return unless Gitlab::CurrentSettings.admin_mode
|
2019-09-26 08:06:00 -04:00
|
|
|
|
|
|
|
unless current_user_mode.admin_mode?
|
2019-12-11 07:08:10 -05:00
|
|
|
current_user_mode.request_admin_mode!
|
2019-09-26 08:06:00 -04:00
|
|
|
store_location_for(:redirect, request.fullpath) if storable_location?
|
|
|
|
redirect_to(new_admin_session_path, notice: _('Re-authentication required'))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def storable_location?
|
|
|
|
request.path != new_admin_session_path
|
2019-05-01 21:07:38 -04:00
|
|
|
end
|
|
|
|
end
|