mastodon/app/controllers/admin/base_controller.rb

# frozen_string_literal: true

module Admin
  class BaseController < ApplicationController
    include Authorization
    include AccountableConcern

    layout 'admin'

    before_action :set_cache_headers
    before_action :set_referrer_policy_header

    after_action :verify_authorized

    private

    def set_cache_headers
      response.cache_control.replace(private: true, no_store: true)
    end

    def set_referrer_policy_header
      response.headers['Referrer-Policy'] = 'same-origin'
    end

    def set_user
      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
    end
  end
end