diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 41d1d44..d27b719 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,6 +2,8 @@ # Forma de ingreso a Sutty class ApplicationController < ActionController::Base + include ExceptionHandler + protect_from_forgery with: :exception before_action :set_locale @@ -17,10 +19,13 @@ class ApplicationController < ActionController::Base # Encontrar un sitio por su nombre def find_site - current_usuarie.sites.find_by_name(params[:site_id] || params[:id]) + id = params[:site_id] || params[:id] - # TODO: reenviar a un 403 si el sitio ya no está permitido para le - # usuarie + unless (site = current_usuarie.sites.find_by_name(id)) + raise SiteNotFound + end + + site end def find_post(site) diff --git a/app/controllers/concerns/exception_handler.rb b/app/controllers/concerns/exception_handler.rb new file mode 100644 index 0000000..3be8412 --- /dev/null +++ b/app/controllers/concerns/exception_handler.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +# Gestiona las excepciones que lanzamos desde los controladores +module ExceptionHandler + extend ActiveSupport::Concern + + class SiteNotFound < StandardError; end + + included do + rescue_from SiteNotFound, with: :site_not_found + end + + def site_not_found + redirect_to sites_path + end +end