module Authorization private def ensure_can_administer head :forbidden unless Current.user.admin? end def ensure_is_staff_member head :forbidden unless Current.user.staff? end end