From fb650c6c9c1a23b4852f9b7f74f7d0a89762d624 Mon Sep 17 00:00:00 2001
From: rulingcom <orbit@rulingcom.com>
Date: Sat, 1 Jul 2023 11:59:47 +0800
Subject: [PATCH] fix error

---
 app/controllers/admin/box_controller.rb  |  9 +++++++++
 app/controllers/admin/plow_controller.rb | 10 +++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/app/controllers/admin/box_controller.rb b/app/controllers/admin/box_controller.rb
index 7ec7516..2043397 100644
--- a/app/controllers/admin/box_controller.rb
+++ b/app/controllers/admin/box_controller.rb
@@ -5,6 +5,7 @@ class Admin::BoxController < ApplicationController
   Binary = File.expand_path("../../../../bin/box", __FILE__)
   CSSFile = File.expand_path("../../../../white-on-black.css", __FILE__)
   skip_before_action :verify_authenticity_token
+  before_action :check_login
 
   def index
     is_not_open = `fuser #{SocketFile}`.gsub(/\n/, '').empty?
@@ -23,4 +24,12 @@ class Admin::BoxController < ApplicationController
     reverse_proxy "unix://#{SocketFile}", path: path do |config|
     end
   end
+
+private
+  def check_login
+    user = current_user
+    if user.nil? || user.is_admin?
+      return render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found, :formats => [:html] 
+    end
+  end
 end
diff --git a/app/controllers/admin/plow_controller.rb b/app/controllers/admin/plow_controller.rb
index 9119692..18b11ab 100644
--- a/app/controllers/admin/plow_controller.rb
+++ b/app/controllers/admin/plow_controller.rb
@@ -1,9 +1,11 @@
-class Admin::PlowController < OrbitAdminController
+class Admin::PlowController < ApplicationController
   include ReverseProxy::Controller
   SocketFile = "#{Rails.root}/tmp/plow.sock"
   Binary = File.expand_path("../../../../bin/plow", __FILE__)
   LogFile = "#{Rails.root}/tmp/plow_summary.log"
   before_action :setup_setting, only: [:setting, :save_setting]
+  before_action :check_login
+  skip_before_action :verify_authenticity_token
 
   def index
     reverse_proxy "unix://#{Rails.root}/tmp/plow.sock", path: '/' do |config|
@@ -56,6 +58,12 @@ class Admin::PlowController < OrbitAdminController
   end
 
 private
+  def check_login
+    user = current_user
+    if user.nil? || user.is_admin?
+      return render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found, :formats => [:html] 
+    end
+  end
   def setup_setting
     @setting = PlowSetting.first
     @plow_pid = `fuser #{SocketFile}`.gsub(/\n/, '').to_i