From 924ec5ee474b731caaceb384034f478277c6a21c Mon Sep 17 00:00:00 2001
From: Chris Mytton <self@hecticjeff.net>
Date: Tue, 3 Sep 2013 15:44:00 +0100
Subject: [Zurich] Only super user can edit bodies

---
 perllib/FixMyStreet/App/Controller/Admin.pm | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'perllib/FixMyStreet/App/Controller/Admin.pm')

diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm
index e2547019b..e0ba80af6 100644
--- a/perllib/FixMyStreet/App/Controller/Admin.pm
+++ b/perllib/FixMyStreet/App/Controller/Admin.pm
@@ -296,6 +296,7 @@ sub body : Path('body') : Args(1) {
 
     $c->stash->{body_id} = $body_id;
 
+    $c->forward( 'check_for_super_user' );
     $c->forward( 'get_token' );
     $c->forward( 'lookup_body' );
     $c->forward( 'fetch_all_bodies' );
@@ -311,6 +312,13 @@ sub body : Path('body') : Args(1) {
     return 1;
 }
 
+sub check_for_super_user : Private {
+    my ( $self, $c ) = @_;
+    if ( $c->cobrand->moniker eq 'zurich' && $c->stash->{admin_type} ne 'super' ) {
+        $c->detach('/page_error_404_not_found', []);
+    }
+}
+
 sub update_contacts : Private {
     my ( $self, $c ) = @_;
 
-- 
cgit v1.2.3