scinote-web/app/controllers/application_controller.rb

120 lines
3.1 KiB
Ruby
Raw Normal View History

2016-02-12 23:52:43 +08:00
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
2017-06-23 21:19:08 +08:00
protect_from_forgery with: :exception, prepend: true
2016-02-12 23:52:43 +08:00
before_action :authenticate_user!
helper_method :current_team
before_action :update_current_team, if: :user_signed_in?
around_action :set_date_format, if: :user_signed_in?
2016-02-12 23:52:43 +08:00
around_action :set_time_zone, if: :current_user
2016-10-11 22:16:48 +08:00
layout 'main'
2016-02-12 23:52:43 +08:00
rescue_from ActionController::InvalidAuthenticityToken do
redirect_to root_path
end
2016-02-12 23:52:43 +08:00
def forbidden
render_403
end
def not_found
render_404
end
def respond_422(message = t('client_api.permission_error'))
render_422(message)
end
2016-02-12 23:52:43 +08:00
def is_current_page_root?
2016-10-11 22:16:48 +08:00
controller_name == 'projects' && action_name == 'index'
2016-02-12 23:52:43 +08:00
end
# Sets current team for all controllers
def current_team
2020-10-02 20:25:44 +08:00
@current_team ||= current_user.teams.find_by(id: current_user.current_team_id)
end
def to_user_date_format
ts = I18n.l(Time.parse(params[:timestamp]),
format: params[:ts_format].to_sym)
respond_to do |format|
format.json do
render json: { ts: ts }, status: :ok
end
end
end
2016-02-12 23:52:43 +08:00
protected
def render_403(style = 'danger')
2016-07-21 19:11:15 +08:00
respond_to do |format|
format.html do
2016-07-21 19:11:15 +08:00
render file: 'public/403.html', status: :forbidden, layout: false
end
format.json do
render json: { style: style }, status: :forbidden
end
format.any do
render plain: 'FORBIDDEN', status: :forbidden
end
2016-07-21 19:11:15 +08:00
end
2016-02-12 23:52:43 +08:00
end
def render_404
2016-07-21 19:11:15 +08:00
respond_to do |format|
format.html do
render file: 'public/404.html', status: :not_found, layout: false
end
format.json do
2016-07-21 19:11:15 +08:00
render json: {}, status: :not_found
end
format.any do
render plain: 'NOT FOUND', status: :not_found
end
2016-07-21 19:11:15 +08:00
end
2016-02-12 23:52:43 +08:00
end
def render_422(message = t('client_api.permission_error'))
respond_to do |format|
format.html do
render file: 'public/422.html', status: :unprocessable_entity, layout: false
end
format.json do
render json: { message: message }, status: :unprocessable_entity
end
format.any do
render plain: 'UNPROCESSABLE ENTITY', status: :unprocessable_entity
end
end
end
2016-02-12 23:52:43 +08:00
private
def update_current_team
2020-10-02 20:25:44 +08:00
return if current_team.present? && current_team.id == current_user.current_team_id
2020-10-02 20:25:44 +08:00
if current_user.current_team_id
@current_team = current_user.teams.find_by(id: current_user.current_team_id)
elsif current_user.teams.any?
current_user.update(current_team_id: current_user.teams.first.id)
end
end
2016-02-12 23:52:43 +08:00
# With this Devise callback user is redirected directly to sign in page instead
# of to root path. Therefore notification for sign out is displayed.
def after_sign_out_path_for(resource_or_scope)
new_user_session_path
end
def set_time_zone(&block)
Time.use_zone(current_user.settings[:time_zone], &block)
2016-02-12 23:52:43 +08:00
end
def set_date_format
I18n.backend.date_format = current_user.settings[:date_format]
yield
ensure
I18n.backend.date_format = nil
end
2016-02-12 23:52:43 +08:00
end