Foodsoft/foodsoft
1
1
Fork 0
Code Issues 36 Pull requests 5 Projects 1 Releases Wiki Activity

Fall back to default_scope if an invalid foodcoop is provided

Browse source 
Before this change foodsoft redirect to the last active foodcoop, when
an invalid foodcoop is provided. After this change the default_scope
will be used all the time to avoid data disclosure.
This commit is contained in:
Patrick Gansterer 2017-07-08 00:07:38 +02:00
parent e366605dbe
commit c312bd5ebd
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/controllers/application_controller.rb
View file

@ -172,6 +172,7 @@ class ApplicationController < ActionController::Base
# Set Config and database connection # Set Config and database connection
FoodsoftConfig.select_foodcoop params[:foodcoop] FoodsoftConfig.select_foodcoop params[:foodcoop]
rescue => error rescue => error
FoodsoftConfig.select_foodcoop FoodsoftConfig.config[:default_scope]
redirect_to root_url, alert: error.message redirect_to root_url, alert: error.message
end end
else else