# frozen_string_literal: true class AdminController < ApplicationController include Pundit layout 'admin' before_action :authorize_user rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized after_action :verify_authorized, except: :index after_action :verify_policy_scoped, only: :index helper_method :sort_direction def current_user @current_user ||= User.find_by(id: session[:user]) if session[:user] end helper_method :current_user private def sort_direction %w(asc desc).include?(params[:direction]) ? params[:direction] : 'desc' end def authorize_user session[:request] = request.fullpath redirect_to admin_login_path unless current_user end def user_not_authorized flash[:error] = "You are not authorized to perform this action." redirect_to(request.referer || admin_login_path) end end