2016-02-12 23:52:43 +08:00
|
|
|
class ApplicationController < ActionController::Base
|
2016-11-30 23:27:12 +08:00
|
|
|
acts_as_token_authentication_handler_for User
|
2016-02-12 23:52:43 +08:00
|
|
|
# Prevent CSRF attacks by raising an exception.
|
|
|
|
# For APIs, you may want to use :null_session instead.
|
2017-06-23 21:19:08 +08:00
|
|
|
protect_from_forgery with: :exception, prepend: true
|
2016-02-12 23:52:43 +08:00
|
|
|
before_action :authenticate_user!
|
2017-01-24 23:57:14 +08:00
|
|
|
helper_method :current_team
|
|
|
|
before_action :update_current_team, if: :user_signed_in?
|
2018-11-09 22:58:08 +08:00
|
|
|
before_action :set_date_format, if: :user_signed_in?
|
2016-02-12 23:52:43 +08:00
|
|
|
around_action :set_time_zone, if: :current_user
|
2016-10-11 22:16:48 +08:00
|
|
|
layout 'main'
|
2016-02-12 23:52:43 +08:00
|
|
|
|
2019-05-14 23:02:56 +08:00
|
|
|
rescue_from ActionController::InvalidAuthenticityToken do
|
|
|
|
redirect_to root_path
|
|
|
|
end
|
|
|
|
|
2017-12-04 18:12:35 +08:00
|
|
|
def respond_422(message = t('client_api.permission_error'))
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
render json: { message: message },
|
|
|
|
status: 422
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
def forbidden
|
|
|
|
render_403
|
|
|
|
end
|
|
|
|
|
|
|
|
def not_found
|
|
|
|
render_404
|
|
|
|
end
|
|
|
|
|
|
|
|
def is_current_page_root?
|
2016-10-11 22:16:48 +08:00
|
|
|
controller_name == 'projects' && action_name == 'index'
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
2017-01-24 23:57:14 +08:00
|
|
|
# Sets current team for all controllers
|
|
|
|
def current_team
|
2020-09-25 16:14:57 +08:00
|
|
|
@current_team ||= Team.find_by(id: current_user.current_team_id)
|
2016-10-11 17:58:37 +08:00
|
|
|
end
|
|
|
|
|
2019-01-08 15:07:24 +08:00
|
|
|
def to_user_date_format
|
|
|
|
ts = I18n.l(Time.parse(params[:timestamp]),
|
|
|
|
format: params[:ts_format].to_sym)
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
render json: { ts: ts }, status: :ok
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
protected
|
|
|
|
|
2017-03-28 21:14:05 +08:00
|
|
|
def render_403(style = 'danger')
|
2016-07-21 19:11:15 +08:00
|
|
|
respond_to do |format|
|
2017-03-28 21:14:05 +08:00
|
|
|
format.html do
|
2016-07-21 19:11:15 +08:00
|
|
|
render file: 'public/403.html', status: :forbidden, layout: false
|
2017-03-28 21:14:05 +08:00
|
|
|
end
|
|
|
|
format.json do
|
|
|
|
render json: { style: style }, status: :forbidden
|
|
|
|
end
|
2019-08-01 19:17:24 +08:00
|
|
|
format.any do
|
|
|
|
render plain: 'FORBIDDEN', status: :forbidden
|
|
|
|
end
|
2016-07-21 19:11:15 +08:00
|
|
|
end
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def render_404
|
2016-07-21 19:11:15 +08:00
|
|
|
respond_to do |format|
|
2019-08-01 19:17:24 +08:00
|
|
|
format.html do
|
|
|
|
render file: 'public/404.html', status: :not_found, layout: false
|
|
|
|
end
|
|
|
|
format.json do
|
2016-07-21 19:11:15 +08:00
|
|
|
render json: {}, status: :not_found
|
2019-08-01 19:17:24 +08:00
|
|
|
end
|
|
|
|
format.any do
|
|
|
|
render plain: 'NOT FOUND', status: :not_found
|
|
|
|
end
|
2016-07-21 19:11:15 +08:00
|
|
|
end
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2017-01-24 23:57:14 +08:00
|
|
|
def update_current_team
|
2020-09-28 22:55:20 +08:00
|
|
|
@current_team = Team.find_by_id(current_user.current_team_id)
|
2019-01-13 05:19:07 +08:00
|
|
|
if (current_team.nil? || !current_user.is_member_of_team?(current_team)) &&
|
|
|
|
current_user.teams.count.positive?
|
|
|
|
|
2016-10-25 17:39:57 +08:00
|
|
|
current_user.update(
|
2017-01-24 23:57:14 +08:00
|
|
|
current_team_id: current_user.teams.first.id
|
2016-10-25 17:39:57 +08:00
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
# With this Devise callback user is redirected directly to sign in page instead
|
|
|
|
# of to root path. Therefore notification for sign out is displayed.
|
|
|
|
def after_sign_out_path_for(resource_or_scope)
|
|
|
|
new_user_session_path
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_time_zone(&block)
|
2017-08-10 17:30:57 +08:00
|
|
|
Time.use_zone(current_user.settings[:time_zone], &block)
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
2018-11-09 22:58:08 +08:00
|
|
|
|
|
|
|
def set_date_format
|
|
|
|
I18n.backend.date_format =
|
|
|
|
current_user.settings[:date_format] || Constants::DEFAULT_DATE_FORMAT
|
|
|
|
end
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|