class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception before_action :authenticate_user! #http://rails-bestpractices.com/posts/2010/08/23/fetch-current-user-in-models before_action :set_current_user rescue_from CanCan::AccessDenied do render 'application/403', status: 403 end private def set_current_user request.env["exception_notifier.exception_data"] = { current_user: current_user.try(:inspect) } User.current = current_user end # Return an array of ids given as a param or nil if nothing is supplied def ids_param return nil unless ids = params[:ids].presence @ids_param ||= (ids.is_a?(String) ? ids.split(RecordCollection.ids_separator) : Array.wrap(ids)) end helper_method :ids_param end