# frozen_string_literal: true class AdminController < ApplicationController include Pundit layout 'admin' before_action :authorize_user rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized after_action :verify_authorized, except: :index after_action :verify_policy_scoped, only: :index def current_user @current_user ||= User.find_by(id: session[:user]) if session[:user] end helper_method :current_user private def authorize_user session[:request] = request.fullpath redirect_to admin_login_path unless current_user end def user_not_authorized flash[:error] = "You are not authorized to perform this action." redirect_to(request.referer || admin_login_path) end end