class DirectUploadsController < ActiveStorage::DirectUploadsController
  skip_forgery_protection

  before_action :authenticate!

  def authenticate!
    head :unauthorized unless User.enabled.admin_role.find_by(id: session[:user_id]).present?
  end

end