File: enforces_admin_authentication.rb

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (30 lines) | stat: -rw-r--r-- 799 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# frozen_string_literal: true

# == EnforcesAdminAuthentication
#
# Controller concern to enforce that users are authenticated as admins
#
# Upon inclusion, adds `authenticate_admin!` as a before_action
#
module EnforcesAdminAuthentication
  extend ActiveSupport::Concern

  included do
    before_action :authenticate_admin!
  end

  def authenticate_admin!
    return render_404 unless current_user.admin?
    return unless Gitlab::CurrentSettings.admin_mode

    unless current_user_mode.admin_mode?
      current_user_mode.request_admin_mode!
      store_location_for(:redirect, request.fullpath) if storable_location?
      redirect_to(new_admin_session_path, notice: _('Re-authentication required'))
    end
  end

  def storable_location?
    request.path != new_admin_session_path
  end
end