scinote-web/app/controllers/application_controller.rb

127 lines
3.2 KiB
Ruby
Raw Normal View History

2016-02-12 23:52:43 +08:00
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
2017-06-23 21:19:08 +08:00
protect_from_forgery with: :exception, prepend: true
2016-02-12 23:52:43 +08:00
before_action :authenticate_user!
helper_method :current_team
before_action :update_current_team, if: :user_signed_in?
around_action :set_date_format, if: :user_signed_in?
2016-02-12 23:52:43 +08:00
around_action :set_time_zone, if: :current_user
2016-10-11 22:16:48 +08:00
layout 'main'
2016-02-12 23:52:43 +08:00
rescue_from ActionController::InvalidAuthenticityToken do
redirect_to root_path
end
2016-02-12 23:52:43 +08:00
def forbidden
render_403
end
def not_found
render_404
end
def respond_422(message = t('client_api.permission_error'))
render_422(message)
end
2016-02-12 23:52:43 +08:00
def is_current_page_root?
2016-10-11 22:16:48 +08:00
controller_name == 'projects' && action_name == 'index'
2016-02-12 23:52:43 +08:00
end
# Sets current team for all controllers
def current_team
2020-10-02 20:25:44 +08:00
@current_team ||= current_user.teams.find_by(id: current_user.current_team_id)
end
def to_user_date_format
ts = I18n.l(Time.parse(params[:timestamp]),
format: params[:ts_format].to_sym)
render json: { ts: ts }, status: :ok
end
2016-02-12 23:52:43 +08:00
protected
def render_403(style = 'danger')
2016-07-21 19:11:15 +08:00
respond_to do |format|
format.html do
render 'errors/403', status: :forbidden, layout: false
end
format.json do
render json: { style: style }, status: :forbidden
end
format.any do
render plain: 'FORBIDDEN', status: :forbidden
end
2016-07-21 19:11:15 +08:00
end
2016-02-12 23:52:43 +08:00
end
def render_404
2016-07-21 19:11:15 +08:00
respond_to do |format|
format.html do
render 'errors/404', status: :not_found, layout: false
end
format.json do
2016-07-21 19:11:15 +08:00
render json: {}, status: :not_found
end
format.any do
render plain: 'NOT FOUND', status: :not_found
end
2016-07-21 19:11:15 +08:00
end
2016-02-12 23:52:43 +08:00
end
def render_422(message = t('client_api.permission_error'))
respond_to do |format|
format.html do
render 'errors/422', status: :unprocessable_entity, layout: false
end
format.json do
render json: { message: message }, status: :unprocessable_entity
end
format.any do
render plain: 'UNPROCESSABLE ENTITY', status: :unprocessable_entity
end
end
end
2016-02-12 23:52:43 +08:00
private
def update_current_team
2020-10-02 20:25:44 +08:00
return if current_team.present? && current_team.id == current_user.current_team_id
2020-10-02 20:25:44 +08:00
if current_user.current_team_id
@current_team = current_user.teams.find_by(id: current_user.current_team_id)
elsif current_user.teams.any?
current_user.update(current_team_id: current_user.teams.first.id)
end
end
2016-02-12 23:52:43 +08:00
# With this Devise callback user is redirected directly to sign in page instead
# of to root path. Therefore notification for sign out is displayed.
def after_sign_out_path_for(resource_or_scope)
new_user_session_path
end
def set_time_zone(&block)
Time.use_zone(current_user.settings[:time_zone], &block)
2016-02-12 23:52:43 +08:00
end
def set_date_format
I18n.backend.date_format = current_user.settings[:date_format]
yield
ensure
I18n.backend.date_format = nil
end
def pagination_dict(object)
{
current_page: object.current_page,
next_page: object.next_page,
prev_page: object.prev_page,
total_pages: object.total_pages,
total_count: object.total_count
}
end
2016-02-12 23:52:43 +08:00
end