diff --git a/app/controllers/dunlop/ember/application_controller.rb b/app/controllers/dunlop/ember/application_controller.rb index c22ddde..f91d68e 100644 --- a/app/controllers/dunlop/ember/application_controller.rb +++ b/app/controllers/dunlop/ember/application_controller.rb @@ -8,11 +8,11 @@ module Dunlop def ember_path app_globals = {} if adapter_name = params[:adapter].to_s.scan(/\w+/).first.presence - return render text: 'unauthorized, no adapter engine', status: 403 unless adapter = Panda.adapters[adapter_name] + return render html: '403 - unauthorized, no adapter engine', status: 403 unless adapter = Panda.adapters[adapter_name] app_index = Rails.root.join("public/adapters/#{adapter.url_name}/app/index.html") #app_globals = adapter.settings # load through request instead. More stable then changing environments unless Rails.application.config.try(:loose_ember_app_authorization) - return render text: 'unauthorized, no adapter engine', status: 403 unless current_user.admin? or authorize!(:read, adapter.engine) + return render html: '403 - unauthorized, no adapter engine permission', status: 403 unless current_user.admin? or can?(:read, adapter.engine) end else app_index = Rails.root.join('public/app/index.html')