diff options
| author | Chris Mytton <self@hecticjeff.net> | 2013-09-03 15:44:00 +0100 |
|---|---|---|
| committer | Chris Mytton <self@hecticjeff.net> | 2013-09-03 15:44:00 +0100 |
| commit | 924ec5ee474b731caaceb384034f478277c6a21c (patch) | |
| tree | b4a7b41ffc144de3bb2ea2c8d89b927bb3e5cf0e | |
| parent | d1151ce347010f73f60b857f0254fe8a311ed92e (diff) | |
[Zurich] Only super user can edit bodies
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index e2547019b..e0ba80af6 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -296,6 +296,7 @@ sub body : Path('body') : Args(1) { $c->stash->{body_id} = $body_id; + $c->forward( 'check_for_super_user' ); $c->forward( 'get_token' ); $c->forward( 'lookup_body' ); $c->forward( 'fetch_all_bodies' ); @@ -311,6 +312,13 @@ sub body : Path('body') : Args(1) { return 1; } +sub check_for_super_user : Private { + my ( $self, $c ) = @_; + if ( $c->cobrand->moniker eq 'zurich' && $c->stash->{admin_type} ne 'super' ) { + $c->detach('/page_error_404_not_found', []); + } +} + sub update_contacts : Private { my ( $self, $c ) = @_; |