# frozen_string_literal: true
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
# Look for template overrides before rendering
before_filter :prepend_view_paths
before_filter :set_gettext_locale
after_filter :store_location
include GlobalHelpers
include Pundit
helper_method GlobalHelpers.instance_methods
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
private
def current_org
current_user.org
end
def user_not_authorized
if user_signed_in?
redirect_to plans_url, alert: _("You are not authorized to perform this action.")
else
redirect_to root_url, alert: _("You need to sign in or sign up before continuing.")
end
end
# Sets FastGettext locale for every request made
def set_gettext_locale
FastGettext.locale = session[:locale] || FastGettext.default_locale
end
def store_location
# store last url - this is needed for post-login redirect to whatever the user last
# visited.
unless ["/users/sign_in",
"/users/sign_up",
"/users/password",
"/users/invitation/accept",
].any? { |ur| request.fullpath.include?(ur) } \
or request.xhr? # don't store ajax calls
session[:previous_url] = request.fullpath
end
end
def after_sign_in_path_for(resource)
referer_path = URI(request.referer).path unless request.referer.nil? or nil
if from_external_domain? || referer_path.eql?(new_user_session_path) ||
referer_path.eql?(new_user_registration_path) ||
referer_path.nil?
root_path
else
request.referer
end
end
def after_sign_up_path_for(resource)
referer_path = URI(request.referer).path unless request.referer.nil?
if from_external_domain? ||
referer_path.eql?(new_user_session_path) ||
referer_path.nil?
root_path
else
request.referer
end
end
def after_sign_in_error_path_for(resource)
(from_external_domain? ? root_path : request.referer || root_path)
end
def after_sign_up_error_path_for(resource)
(from_external_domain? ? root_path : request.referer || root_path)
end
def authenticate_admin!
# currently if admin has any super-admin task, they can view the super-admin
unless user_signed_in? && (current_user.can_add_orgs? ||
current_user.can_change_org? ||
current_user.can_super_admin?)
redirect_to root_path
end
end
def failed_create_error(obj, obj_name)
"#{_('Could not create your %{o}.') % { o: obj_name }} #{errors_to_s(obj)}"
end
def failed_update_error(obj, obj_name)
"#{_('Could not update your %{o}.') % { o: obj_name }} #{errors_to_s(obj)}"
end
def failed_destroy_error(obj, obj_name)
"#{_('Could not delete the %{o}.') % { o: obj_name }} #{errors_to_s(obj)}"
end
def success_message(obj_name, action)
_("Successfully %{action} your %{object}.") % { object: obj_name, action: action }
end
# Override rails default render action to look for a branded version of a
# template instead of using the default one. If no override exists, the
# default version in ./app/views/[:controller]/[:action] will be used
#
# The path in the app/views/branded/ directory must match the the file it is
# replacing. For example:
# app/views/branded/layouts/_header.html.erb -> app/views/layouts/_header.html.erb
def prepend_view_paths
prepend_view_path "app/views/branded"
end
def errors_to_s(obj)
if obj.errors.count > 0
msg = "<br />"
obj.errors.each do |e, m|
if m.include?("empty") || m.include?("blank")
msg += "#{_(e)} - #{_(m)}<br />"
else
msg += "'#{obj[e]}' - #{_(m)}<br />"
end
end
msg
end
end
##
# Sign out of Shibboleth SP local session too.
# -------------------------------------------------------------
def after_sign_out_path_for(resource_or_scope)
if Rails.application.config.shibboleth_enabled
return Rails.application.config.shibboleth_logout_url + root_url
super
else
super
end
end
# -------------------------------------------------------------
def from_external_domain?
if request.referer.present?
referer = URI.parse(request.referer)
home = URI.parse(root_url)
referer.host != home.host
else
false
end
end
end
Bodacious