Poltergeist in the green, and resourceful refactor

app/controllers/employees/application_controller.rb

@@ -0,0 +1,17 @@
+module Employees
+  class ApplicationController < ::ApplicationController
+    before_action :setup_employee!
+    load_and_authorize_resource
+    def setup_employee!
+      authenticate_employee!
+      @current_ability = Employees::Ability.new( current_employee )
+      run_after_authentication_hooks!
+    end
+    rescue_from CanCan::AccessDenied do |exception|
+      respond_to do |format|
+        format.html { redirect_to root_path, alert: 'Action forbidden'}
+        format.json { render json: {}, status: :forbidden }
+      end
+    end
+  end
+end