orbit-basic/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  protect_from_forgery

  include ParserFrontEnd, ParserBackEnd, ApplicationHelper
  include OrbitApp::ErrorHandlers::PageErrorHandler
  include OrbitApp::ErrorHandlers::ObjectAuthErrorHandler 
  include OrbitApp::ErrorHandlers::ModuleAppErrorHandler 

  rescue_from ObjectAuthError, :with => :render_object_auth_error
  rescue_from ModuleAppError, :with => :render_module_app_error
  rescue_from PageError, :with => :render_page_error

  layout :layout_by_resource

  helper :admin, :orbit_form
  before_filter :set_locale, :set_site, :prepare_for_mobile

  helper_attr :site_valid_locales


  def set_current_user
    User.current = current_or_guest_user
  end

  def front_end_available(module_app_title='')
    app_controller = ModuleApp.first(conditions: {:key => module_app_title} )
    unless app_controller.enable_frontend? 
      render :nothing => true
    end
  end
  
  def get_all_app_engines
    ary = ["vender/plugins/new_blog"]
    app_engines = ary.collect{|t|
      Rails::Engine.find t
    }
    app_engines.each{ |t|
     # t.
    }
  end

  def flaten_controller
    ary=[]
    Find.find(File.join(Rails.root , 'vendor/plugins/'))  { |name|  
          require_dependency(name) if /_controller\.rb$/ =~ name
          ary << name
    }
    ary
  end
  
  # Find the parent for the given item
  def find_parent_item
    @parent_item  = Item.first(:conditions => { :id => BSON::ObjectId(params[:parent_id]) }) rescue nil
  end
  
  def auth_failed_in_backend
     #redirect_to admin_dashboards_url 
     redirect_to root_path
  end
  
  # Check if the current_user is admin,if not redirect
  def is_admin?
    current_or_guest_user.admin? ? true : auth_failed_in_backend
  end
  
  # def is_manager?
  #    @module_app.is_manager?(current_or_guest_user) || is_admin?
  # end
  
  # # Check if the current_user is admin
  # def is_member?
  #   if (current_user rescue false)
  #     return true
  #   end
  #   return false
  # end
  
  # def is_guest?
  #   if session[:guest_user_id]
  #     return true
  #   end
  #   return false
  # end
  
  def for_admin_only
    if is_admin?
      true
    else
    flash[:error] = t("access.denied.not_admin")
    auth_failed_in_backend
    end
  end
  
  def for_app_manager
    if is_manager?
      true
    else
      flash[:error] = t("access.denied.app.not_manager")
      auth_failed_in_backend
    end
  end
  
  def for_app_sub_manager
    if (@module_app.sub_managing_users.include?(current_or_guest_user) || is_manager?)
      true
    else
      flash[:error] = t("access.denied.app.not_sub_manager")
      auth_failed_in_backend
    end
  end

  def for_app_user
    if (@module_app.app_auth.auth_users.include?(current_or_guest_user) || for_app_sub_manager )
      true
    else
      flash[:error] = t("access.denied.app.not_authed_user")
      auth_failed_in_backend
    end
  end

  def check_object_premission(obj,title)
    flash[:error] = t("access.denied.object")
    auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) || is_manager? || is_admin? )
  end
  
  # Render the page
  def render_page
    if @item
      respond_to do |format|
        format.html { render :text => parse_page_content(@item), :layout => 'page_layout' }
        format.rss { render_main_rss }
        format.mobile { redirect_to mobile_path(:app => params[:app]) }
      end
    else
      render :text => '404 Not Found'
    end
  end

  def render_share
    object_class = params[:model].classify.constantize
    @object = object_class.find(params[:id])
    module_app = ModuleApp.first(:conditions => {:key => params[:key]})
    @item = @object.share_item
    #@item = Item.where(module_app_id: module_app.id).all_of("tag" => {"$in" => [nil,'']},"category" => { "$in" => [nil,'']}).first
    #binding.pry
    @orig_url = "http://#{request.host_with_port}/#{@item.path}?id=#{@object.id}"
    render 'shared/render_share', :layout => false
  end
  
  protected
  
  # Set I18n.locale
  def set_locale
    # update session if passed
    session[:locale] = params[:locale] if params[:locale]

    # set locale based on session or default
    begin
      # check if locale is valid for non site pages
      if LIST[:forbidden_item_names].include?(env['PATH_INFO'].split('/')[1].to_s) && !VALID_LOCALES.include?(session[:locale])
        I18n.locale = I18n.default_locale
      else
        I18n.locale = session[:locale]
      end
    rescue
      I18n.locale = I18n.default_locale
    end    
  end
    
  # Set the site variables
  def set_site
    # set site if exist or create site
    @site = Site.first || Site.create({:valid_locales => [], :in_use_locales => []})
    session[:site] = @site.id
    @site_in_use_locales = site_locales_default_head(@site.in_use_locales)
    @site_valid_locales = site_locales_default_head(@site.valid_locales)
  end
  
  def set_current_item
    session[:current_page] = params[:id] || @item.id rescue nil
  end
  
  def decrypt_data(encrypted_data, encrypted_key, encrypted_iv)
    site = Site.find(session[:site])
    if encrypted_data
      private_key = OpenSSL::PKey::RSA.new(site.private_key)
      cipher = OpenSSL::Cipher.new('aes-256-cbc')
      cipher.decrypt
      cipher.key = private_key.private_decrypt(encrypted_key)
      cipher.iv = private_key.private_decrypt(encrypted_iv)

      decrypted_data = cipher.update(encrypted_data)
      decrypted_data << cipher.final
    else
      ''
    end
  end
  
  def get_homepage
    Page.root
  end

  def layout_by_resource
    if devise_controller?
      "devise"
    else
      "application"
    end
  end

  def site_locales_default_head(locales)
    if locales[0].eql? I18n.locale.to_s
      locales
    else
      a = Array.new(locales)
      shift_out = a.delete(I18n.locale.to_s)
      [shift_out] + a
    end
  end
    # called (once) when the user logs in, insert any code your application needs
    # to hand off from guest_user to current_user.
    def logging_in
      # For example:
      # guest_comments = guest_user.comments.all
      # guest_comments.each do |comment|
        # comment.user_id = current_user.id
        # comment.save
      # end
    end


  def render_main_rss
    ret = ''
    ret << "/panel/#{@item.module_app.key}/front_end/#{@item.app_frontend_url}.rss"
    ret << "/#{params[:id]}" if params[:id] && !params[:id].eql?(@item.id.to_s)
    ret << "?inner=true&category_id=#{params[:category]}&tag_id=#{params[:tag]}&page_main=#{params[:page_main]}"
    redirect_to ret
  end


  private

  def mobile_device?
    if session[:mobile_param]
      session[:mobile_param] == "1"
    else
      request.user_agent =~ /iPhone|iPod|Android/
    end
  end

  def prepare_for_mobile
    if @site.mobile_on
      session[:mobile_param] =  if request.path =~ /mobile/
                                  '1'
                                elsif params[:mobile]
                                  params[:mobile]
                                else
                                  session[:mobile_param]
                                end
      request.format = :mobile if mobile_device?
    end
  end

end
init rails 2.3.2 2009-05-07 16:53:18 +00:00			`class ApplicationController < ActionController::Base`
Add announcement admin and view template 2009-06-01 06:20:15 +00:00			`protect_from_forgery`
Merge branch 'new_member' of github.com:Rulingcom/orbit into new_member Conflicts: app/controllers/application_controller.rb app/views/layouts/_side_bar.html.erb 2012-09-13 16:03:52 +00:00
fix commit bugs 2012-09-13 07:53:36 +00:00			`include ParserFrontEnd, ParserBackEnd, ApplicationHelper`
show error message when trying to show a not existed page 2013-01-03 05:50:27 +00:00			`include OrbitApp::ErrorHandlers::PageErrorHandler`
			`include OrbitApp::ErrorHandlers::ObjectAuthErrorHandler`
			`include OrbitApp::ErrorHandlers::ModuleAppErrorHandler`

fix object auth. show error message if user try to do object auth in a wrong way. 2013-01-02 06:34:34 +00:00			`rescue_from ObjectAuthError, :with => :render_object_auth_error`
fix calendar broken 2013-01-03 02:58:52 +00:00			`rescue_from ModuleAppError, :with => :render_module_app_error`
show error message when trying to show a not existed page 2013-01-03 05:50:27 +00:00			`rescue_from PageError, :with => :render_page_error`
fix object auth. show error message if user try to do object auth in a wrong way. 2013-01-02 06:34:34 +00:00
Changes for orbit bar, login 2012-02-19 08:33:22 +00:00			`layout :layout_by_resource`
Merge branch 'back' of github.com:Rulingcom/orbit into back Conflicts: app/assets/javascripts/mobile/orbit.mobile.js.erb app/assets/stylesheets/mobile.css app/assets/stylesheets/mobile/orbit-mobile.css.erb app/controllers/application_controller.rb app/controllers/mobile_controller.rb app/views/layouts/mobile.mobile.erb app/views/mobile/_footer.mobile.erb app/views/mobile/_header.mobile.erb app/views/mobile/_menu.mobile.erb app/views/mobile/index.mobile.erb config/routes.rb 2013-01-14 09:46:27 +00:00
Change date picker 2013-01-08 21:18:16 +00:00			`helper :admin, :orbit_form`
Add mobile but remove news in it 2012-12-19 19:21:50 +00:00			`before_filter :set_locale, :set_site, :prepare_for_mobile`
fixing for app_auth 2012-01-05 08:20:51 +00:00
address field and text field convert 2012-11-15 09:23:39 +00:00			`helper_attr :site_valid_locales`

fix object auth. show error message if user try to do object auth in a wrong way. 2013-01-02 06:34:34 +00:00

Change to apply page to had object_auth 2012-05-14 04:34:15 +00:00			`def set_current_user`
guest user 2012-08-23 08:05:14 +00:00			`User.current = current_or_guest_user`
Change to apply page to had object_auth 2012-05-14 04:34:15 +00:00			`end`

fixing for app_auth 2012-01-05 08:20:51 +00:00			`def front_end_available(module_app_title='')`
Add key in module_app.rb to use instead of title for authorization 2012-01-30 10:12:18 +00:00			`app_controller = ModuleApp.first(conditions: {:key => module_app_title} )`
fixing for app_auth 2012-01-05 08:20:51 +00:00			`unless app_controller.enable_frontend?`
announcement widget query 2012-01-18 13:34:26 +00:00			`render :nothing => true`
fixing for app_auth 2012-01-05 08:20:51 +00:00			`end`
			`end`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00
Revert ff82391b7d0d17c17568ed21176b8b0112a34e31^..HEAD 2011-10-20 02:06:06 +00:00			`def get_all_app_engines`
Change NewBlog to new_blog 2012-01-10 10:29:11 +00:00			`ary = ["vender/plugins/new_blog"]`
Revert ff82391b7d0d17c17568ed21176b8b0112a34e31^..HEAD 2011-10-20 02:06:06 +00:00			`app_engines = ary.collect{\|t\|`
			`Rails::Engine.find t`
			`}`
			`app_engines.each{ \|t\|`
			`# t.`
			`}`
			`end`

			`def flaten_controller`
			`ary=[]`
			`Find.find(File.join(Rails.root , 'vendor/plugins/')) { \|name\|`
			`require_dependency(name) if /_controller\.rb$/ =~ name`
			`ary << name`
			`}`
			`ary`
			`end`

Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`# Find the parent for the given item`
			`def find_parent_item`
			`@parent_item = Item.first(:conditions => { :id => BSON::ObjectId(params[:parent_id]) }) rescue nil`
			`end`
let page model support i18n 2009-06-19 09:31:10 +00:00
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`def auth_failed_in_backend`
Apply app_auth to ad_banner. From now,ad_banner can only be viewed for at least manager. 2012-05-01 08:05:05 +00:00			`#redirect_to admin_dashboards_url`
			`redirect_to root_path`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`end`

complete visitor dashbroad 2012-09-11 03:30:58 +00:00			`# Check if the current_user is admin,if not redirect`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`def is_admin?`
guest user 2012-08-23 08:05:14 +00:00			`current_or_guest_user.admin? ? true : auth_failed_in_backend`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`end`

complete visitor dashbroad 2012-09-11 03:30:58 +00:00			`# def is_manager?`
			`# @module_app.is_manager?(current_or_guest_user) \|\| is_admin?`
			`# end`
guest user 2012-08-23 08:05:14 +00:00
complete visitor dashbroad 2012-09-11 03:30:58 +00:00			`# # Check if the current_user is admin`
			`# def is_member?`
			`# if (current_user rescue false)`
			`# return true`
			`# end`
			`# return false`
			`# end`
guest user 2012-08-23 08:05:14 +00:00
complete visitor dashbroad 2012-09-11 03:30:58 +00:00			`# def is_guest?`
			`# if session[:guest_user_id]`
			`# return true`
			`# end`
			`# return false`
			`# end`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00
			`def for_admin_only`
			`if is_admin?`
			`true`
			`else`
Changes for i18n yml 2012-09-12 11:12:50 +00:00			`flash[:error] = t("access.denied.not_admin")`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`auth_failed_in_backend`
			`end`
			`end`

			`def for_app_manager`
			`if is_manager?`
			`true`
			`else`
Changes for i18n yml 2012-09-12 11:12:50 +00:00			`flash[:error] = t("access.denied.app.not_manager")`
Fix bug in is_admin? Fix bug in helpers for news and announcement 2012-05-05 09:40:07 +00:00			`auth_failed_in_backend`
			`end`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`end`

			`def for_app_sub_manager`
guest user 2012-08-23 08:05:14 +00:00			`if (@module_app.sub_managing_users.include?(current_or_guest_user) \|\| is_manager?)`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`true`
			`else`
Changes for i18n yml 2012-09-12 11:12:50 +00:00			`flash[:error] = t("access.denied.app.not_sub_manager")`
Fix bug in is_admin? Fix bug in helpers for news and announcement 2012-05-05 09:40:07 +00:00			`auth_failed_in_backend`
			`end`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`end`

			`def for_app_user`
guest user 2012-08-23 08:05:14 +00:00			`if (@module_app.app_auth.auth_users.include?(current_or_guest_user) \|\| for_app_sub_manager )`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`true`
			`else`
Changes for i18n yml 2012-09-12 11:12:50 +00:00			`flash[:error] = t("access.denied.app.not_authed_user")`
Fix bug in is_admin? Fix bug in helpers for news and announcement 2012-05-05 09:40:07 +00:00			`auth_failed_in_backend`
			`end`
Fix for NCCU 0430 all functions ok with two submanagers but different behavors 2012-04-29 19:14:15 +00:00			`end`

			`def check_object_premission(obj,title)`
Changes for i18n yml 2012-09-12 11:12:50 +00:00			`flash[:error] = t("access.denied.object")`
guest user 2012-08-23 08:05:14 +00:00			`auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) \|\| is_manager? \|\| is_admin? )`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`end`

radius parser for multilingual - dev.rake 2011-03-02 09:28:33 +00:00			`# Render the page`
Clean the parsers code 2012-05-13 11:32:05 +00:00			`def render_page`
Uniformized: @page and @ link in @item Change parser for page edition. 2011-05-25 06:50:56 +00:00			`if @item`
RSS first page 2012-06-19 02:49:45 +00:00			`respond_to do \|format\|`
Only one parser for front end Separate site map for i18n 2012-12-19 09:15:31 +00:00			`format.html { render :text => parse_page_content(@item), :layout => 'page_layout' }`
RSS first page 2012-06-19 02:49:45 +00:00			`format.rss { render_main_rss }`
Fix bug for mobile app routes 2013-01-16 00:14:42 +00:00			`format.mobile { redirect_to mobile_path(:app => params[:app]) }`
RSS first page 2012-06-19 02:49:45 +00:00			`end`
Add announcement admin and view template 2009-06-01 06:20:15 +00:00			`else`
			`render :text => '404 Not Found'`
			`end`
			`end`
Try fb from override and generated page 2012-08-07 21:40:50 +00:00
			`def render_share`
			`object_class = params[:model].classify.constantize`
			`@object = object_class.find(params[:id])`
Change for getting url from key 2012-08-07 23:46:10 +00:00			`module_app = ModuleApp.first(:conditions => {:key => params[:key]})`
fix share loading failed 2012-09-19 07:09:08 +00:00			`@item = @object.share_item`
			`#@item = Item.where(module_app_id: module_app.id).all_of("tag" => {"$in" => [nil,'']},"category" => { "$in" => [nil,'']}).first`
			`#binding.pry`
Fix fb share, redirect with js when the page is not requested by fb but by user 2012-08-08 02:12:21 +00:00			`@orig_url = "http://#{request.host_with_port}/#{@item.path}?id=#{@object.id}"`
Try fb from override and generated page 2012-08-07 21:40:50 +00:00			`render 'shared/render_share', :layout => false`
			`end`
Add announcement admin and view template 2009-06-01 06:20:15 +00:00
Merge server and rails_3_1 2011-08-18 05:43:33 +00:00			`protected`

Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`# Set I18n.locale`
let page model support i18n 2009-06-19 09:31:10 +00:00			`def set_locale`
			`# update session if passed`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`session[:locale] = params[:locale] if params[:locale]`

let page model support i18n 2009-06-19 09:31:10 +00:00			`# set locale based on session or default`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`begin`
			`# check if locale is valid for non site pages`
			`if LIST[:forbidden_item_names].include?(env['PATH_INFO'].split('/')[1].to_s) && !VALID_LOCALES.include?(session[:locale])`
			`I18n.locale = I18n.default_locale`
			`else`
			`I18n.locale = session[:locale]`
			`end`
			`rescue`
			`I18n.locale = I18n.default_locale`
			`end`
Add reroute middleware hack 2010-01-11 09:09:50 +00:00			`end`
upgrade to rails3, but grip is broken 2010-03-08 08:04:05 +00:00
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`# Set the site variables`
			`def set_site`
			`# set site if exist or create site`
radius parser for multilingual - dev.rake 2011-03-02 09:28:33 +00:00			`@site = Site.first \|\| Site.create({:valid_locales => [], :in_use_locales => []})`
			`session[:site] = @site.id`
Fix site_locale_default_head and active for current locale 2012-05-06 16:53:52 +00:00			`@site_in_use_locales = site_locales_default_head(@site.in_use_locales)`
			`@site_valid_locales = site_locales_default_head(@site.valid_locales)`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00			`end`
Links edition 2011-05-13 01:08:42 +00:00
			`def set_current_item`
Uniformized: @page and @ link in @item Change parser for page edition. 2011-05-25 06:50:56 +00:00			`session[:current_page] = params[:id] \|\| @item.id rescue nil`
Links edition 2011-05-13 01:08:42 +00:00			`end`
Merge server and rails_3_1 2011-08-18 05:43:33 +00:00
			`def decrypt_data(encrypted_data, encrypted_key, encrypted_iv)`
			`site = Site.find(session[:site])`
			`if encrypted_data`
			`private_key = OpenSSL::PKey::RSA.new(site.private_key)`
			`cipher = OpenSSL::Cipher.new('aes-256-cbc')`
			`cipher.decrypt`
			`cipher.key = private_key.private_decrypt(encrypted_key)`
			`cipher.iv = private_key.private_decrypt(encrypted_iv)`

			`decrypted_data = cipher.update(encrypted_data)`
			`decrypted_data << cipher.final`
			`else`
			`''`
			`end`
			`end`
Modifications for menu in Design 2011-09-01 01:12:41 +00:00
			`def get_homepage`
Changes for structure 2012-05-22 06:45:49 +00:00			`Page.root`
Modifications for menu in Design 2011-09-01 01:12:41 +00:00			`end`
Chris's first commit at Fri Jan 28 2011 10:14:32 GMT+0800 (CST) 2011-04-13 10:19:51 +00:00
Changes for orbit bar, login 2012-02-19 08:33:22 +00:00			`def layout_by_resource`
			`if devise_controller?`
			`"devise"`
			`else`
			`"application"`
			`end`
			`end`
Revert ff82391b7d0d17c17568ed21176b8b0112a34e31^..HEAD 2011-10-20 02:06:06 +00:00
Fix site_locale_default_head and active for current locale 2012-05-06 16:53:52 +00:00			`def site_locales_default_head(locales)`
			`if locales[0].eql? I18n.locale.to_s`
			`locales`
			`else`
			`a = Array.new(locales)`
			`shift_out = a.delete(I18n.locale.to_s)`
			`[shift_out] + a`
			`end`
			`end`
guest user 2012-08-23 08:05:14 +00:00			`# called (once) when the user logs in, insert any code your application needs`
			`# to hand off from guest_user to current_user.`
			`def logging_in`
			`# For example:`
			`# guest_comments = guest_user.comments.all`
			`# guest_comments.each do \|comment\|`
			`# comment.user_id = current_user.id`
			`# comment.save`
			`# end`
			`end`

Fix site_locale_default_head and active for current locale 2012-05-06 16:53:52 +00:00
RSS first page 2012-06-19 02:49:45 +00:00			`def render_main_rss`
			`ret = ''`
			`ret << "/panel/#{@item.module_app.key}/front_end/#{@item.app_frontend_url}.rss"`
			`ret << "/#{params[:id]}" if params[:id] && !params[:id].eql?(@item.id.to_s)`
			`ret << "?inner=true&category_id=#{params[:category]}&tag_id=#{params[:tag]}&page_main=#{params[:page_main]}"`
			`redirect_to ret`
			`end`

Add mobile but remove news in it 2012-12-19 19:21:50 +00:00
			`private`

			`def mobile_device?`
			`if session[:mobile_param]`
			`session[:mobile_param] == "1"`
			`else`
			`request.user_agent =~ /iPhone\|iPod\|Android/`
			`end`
			`end`

			`def prepare_for_mobile`
Add mobile version in site settings 2013-01-06 19:57:36 +00:00			`if @site.mobile_on`
Change icons 2013-01-09 07:57:31 +00:00			`session[:mobile_param] = if request.path =~ /mobile/`
			`'1'`
			`elsif params[:mobile]`
			`params[:mobile]`
			`else`
			`session[:mobile_param]`
			`end`
Add mobile version in site settings 2013-01-06 19:57:36 +00:00			`request.format = :mobile if mobile_device?`
			`end`
Add mobile but remove news in it 2012-12-19 19:21:50 +00:00			`end`

init rails 2.3.2 2009-05-07 16:53:18 +00:00			`end`