mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-11-18 15:13:21 +08:00
84 lines
2 KiB
Ruby
84 lines
2 KiB
Ruby
class ApplicationController < ActionController::Base
|
|
acts_as_token_authentication_handler_for User
|
|
# Prevent CSRF attacks by raising an exception.
|
|
# For APIs, you may want to use :null_session instead.
|
|
protect_from_forgery with: :exception, prepend: true
|
|
before_action :authenticate_user!
|
|
helper_method :current_team
|
|
before_action :update_current_team, if: :user_signed_in?
|
|
around_action :set_time_zone, if: :current_user
|
|
layout 'main'
|
|
|
|
def respond_422(message = t('client_api.permission_error'))
|
|
respond_to do |format|
|
|
format.json do
|
|
render json: { message: message },
|
|
status: 422
|
|
end
|
|
end
|
|
end
|
|
|
|
def forbidden
|
|
render_403
|
|
end
|
|
|
|
def not_found
|
|
render_404
|
|
end
|
|
|
|
def is_current_page_root?
|
|
controller_name == 'projects' && action_name == 'index'
|
|
end
|
|
|
|
# Sets current team for all controllers
|
|
def current_team
|
|
Team.find_by_id(current_user.current_team_id)
|
|
end
|
|
|
|
protected
|
|
|
|
def render_403(style = 'danger')
|
|
respond_to do |format|
|
|
format.html do
|
|
render file: 'public/403.html', status: :forbidden, layout: false
|
|
end
|
|
format.json do
|
|
render json: { style: style }, status: :forbidden
|
|
end
|
|
end
|
|
true
|
|
end
|
|
|
|
def render_404
|
|
respond_to do |format|
|
|
format.html {
|
|
render :file => 'public/404.html', :status => :not_found, :layout => false
|
|
}
|
|
format.json {
|
|
render json: {}, status: :not_found
|
|
}
|
|
end
|
|
return true
|
|
end
|
|
|
|
private
|
|
|
|
def update_current_team
|
|
if current_user.current_team_id.blank? &&
|
|
current_user.teams.count > 0
|
|
current_user.update(
|
|
current_team_id: current_user.teams.first.id
|
|
)
|
|
end
|
|
end
|
|
|
|
# With this Devise callback user is redirected directly to sign in page instead
|
|
# of to root path. Therefore notification for sign out is displayed.
|
|
def after_sign_out_path_for(resource_or_scope)
|
|
new_user_session_path
|
|
end
|
|
|
|
def set_time_zone(&block)
|
|
Time.use_zone(current_user.settings[:time_zone], &block)
|
|
end
|
|
end
|