module Employees
  class ApplicationController < ::ApplicationController
    before_action :setup_employee!
    load_and_authorize_resource
    def setup_employee!
      authenticate_employee!
      @current_ability = Employees::Ability.new( current_employee )
      run_after_authentication_hooks!
    end
    rescue_from CanCan::AccessDenied do |exception|
      respond_to do |format|
        format.html { redirect_to root_path, alert: 'Action forbidden'}
        format.json { render json: {}, status: :forbidden }
      end
    end
  end
end