446 lines
15 KiB
Ruby
446 lines
15 KiB
Ruby
class ApplicationController < ActionController::Base
|
|
protect_from_forgery
|
|
|
|
include ParserFrontEnd, ParserBackEnd, ApplicationHelper
|
|
include OrbitApp::ErrorHandlers::PageErrorHandler
|
|
include OrbitApp::ErrorHandlers::ObjectAuthErrorHandler
|
|
include OrbitApp::ErrorHandlers::ModuleAppErrorHandler
|
|
|
|
rescue_from ObjectAuthError, :with => :render_object_auth_error
|
|
rescue_from ModuleAppError, :with => :render_module_app_error
|
|
rescue_from PageError, :with => :render_page_error
|
|
|
|
layout :layout_by_resource
|
|
|
|
helper :admin, :orbit_form
|
|
before_filter :set_site, :set_locale, :prepare_for_mobile
|
|
|
|
helper_attr :site_valid_locales
|
|
|
|
def check_backend_openness
|
|
if !Me.backend_openness_on
|
|
redirect_to '/users/sign_in' if not (authenticate_user! and is_member? )
|
|
end
|
|
end
|
|
|
|
def site_restart
|
|
Resque.enqueue(RestartServer)
|
|
end
|
|
|
|
def set_current_user
|
|
User.current = current_or_guest_user
|
|
UserActionRecoder.perform(current_or_guest_user,params.to_s)
|
|
end
|
|
|
|
def front_end_available(module_app_title='')
|
|
app_controller = ModuleApp.first(conditions: {:key => module_app_title} )
|
|
unless app_controller.enable_frontend?
|
|
render :nothing => true
|
|
end
|
|
end
|
|
|
|
def get_all_app_engines
|
|
ary = ["vender/plugins/new_blog"]
|
|
app_engines = ary.collect{|t|
|
|
Rails::Engine.find t
|
|
}
|
|
app_engines.each{ |t|
|
|
# t.
|
|
}
|
|
end
|
|
|
|
def flaten_controller
|
|
ary=[]
|
|
Find.find(File.join(Rails.root , 'vendor/plugins/')) { |name|
|
|
require_dependency(name) if /_controller\.rb$/ =~ name
|
|
ary << name
|
|
}
|
|
ary
|
|
end
|
|
|
|
# Find the parent for the given item
|
|
def find_parent_item
|
|
@parent_item = Item.first(:conditions => { :id => BSON::ObjectId(params[:parent_id]) }) rescue nil
|
|
end
|
|
|
|
def auth_failed_in_backend
|
|
#redirect_to admin_dashboards_url
|
|
redirect_to root_path
|
|
end
|
|
|
|
def for_admin_only
|
|
if is_admin?
|
|
true
|
|
else
|
|
flash[:error] = t("access.denied.not_admin")
|
|
auth_failed_in_backend
|
|
end
|
|
end
|
|
|
|
def for_app_manager
|
|
if is_manager?
|
|
true
|
|
else
|
|
flash[:error] = t("access.denied.app.not_manager")
|
|
auth_failed_in_backend
|
|
end
|
|
end
|
|
|
|
def for_app_sub_manager
|
|
if (@module_app.sub_managing_users.include?(current_or_guest_user) || is_manager?)
|
|
true
|
|
else
|
|
flash[:error] = t("access.denied.app.not_sub_manager")
|
|
auth_failed_in_backend
|
|
end
|
|
end
|
|
|
|
def for_app_user
|
|
if (@module_app.app_auth.auth_users.include?(current_or_guest_user) || for_app_sub_manager )
|
|
true
|
|
else
|
|
flash[:error] = t("access.denied.app.not_authed_user")
|
|
auth_failed_in_backend
|
|
end
|
|
end
|
|
|
|
def check_object_premission(obj,title)
|
|
flash[:error] = t("access.denied.object")
|
|
auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) || is_manager? || is_admin? )
|
|
end
|
|
|
|
# Render the page
|
|
def render_page(args={})
|
|
if @item
|
|
respond_to do |format|
|
|
format.html { render :text => parse_page_content(@item,args), :layout => 'page_layout' }
|
|
format.rss { render_main_rss }
|
|
format.mobile { redirect_to mobile_path(:app => params[:app]) }
|
|
end
|
|
else
|
|
render :text => '404 Not Found'
|
|
end
|
|
end
|
|
|
|
def render_share
|
|
object_class = params[:model].classify.constantize
|
|
@object = object_class.find(params[:id])
|
|
module_app = ModuleApp.first(:conditions => {:key => params[:key]})
|
|
@item = @object.share_item
|
|
#@item = Item.where(module_app_id: module_app.id).all_of("tag" => {"$in" => [nil,'']},"category" => { "$in" => [nil,'']}).first
|
|
#binding.pry
|
|
@orig_url = "http://#{request.host_with_port}/#{@item.path}?id=#{@object.id}"
|
|
render 'shared/render_share', :layout => false
|
|
end
|
|
|
|
protected
|
|
|
|
# Set I18n.locale
|
|
def set_locale
|
|
# update session if passed
|
|
session[:locale] = params[:locale] if params[:locale]
|
|
browser_locale = condition = nil
|
|
# check if locale is valid for non site pages
|
|
if LIST[:forbidden_item_names].include?(env['PATH_INFO'].split('/')[1].to_s)
|
|
condition = VALID_LOCALES.include?(session[:locale])
|
|
elsif session[:locale]
|
|
condition = @site.in_use_locales.include?(session[:locale])
|
|
else
|
|
browser_locale = request.env['HTTP_ACCEPT_LANGUAGE'].scan(/^[a-z]{2}/).first rescue nil
|
|
condition = @site.in_use_locales.include?(browser_locale)
|
|
end
|
|
session[:locale] = condition ? (browser_locale || session[:locale]) : I18n.default_locale.to_s
|
|
I18n.locale = session[:locale].to_sym
|
|
@site_in_use_locales = site_locales_default_head(@site.in_use_locales)
|
|
@site_valid_locales = site_locales_default_head(@site.valid_locales)
|
|
end
|
|
|
|
# Set the site variables
|
|
def set_site
|
|
# set site if exist or create site
|
|
@site = Site.first || Site.create({:valid_locales => VALID_LOCALES, :in_use_locales => VALID_LOCALES})
|
|
session[:site] = @site.id
|
|
end
|
|
|
|
def set_current_item
|
|
session[:current_page] = params[:id] || @item.id rescue nil
|
|
end
|
|
|
|
def decrypt_data(encrypted_data, encrypted_key, encrypted_iv)
|
|
site = Site.find(session[:site])
|
|
if encrypted_data
|
|
private_key = OpenSSL::PKey::RSA.new(site.private_key)
|
|
cipher = OpenSSL::Cipher.new('aes-256-cbc')
|
|
cipher.decrypt
|
|
cipher.key = private_key.private_decrypt(encrypted_key)
|
|
cipher.iv = private_key.private_decrypt(encrypted_iv)
|
|
|
|
decrypted_data = cipher.update(encrypted_data)
|
|
decrypted_data << cipher.final
|
|
else
|
|
''
|
|
end
|
|
end
|
|
|
|
def get_homepage
|
|
Page.root
|
|
end
|
|
|
|
def layout_by_resource
|
|
if devise_controller?
|
|
"devise"
|
|
else
|
|
"application"
|
|
end
|
|
end
|
|
|
|
def site_locales_default_head(locales)
|
|
if locales[0].eql? I18n.locale.to_s
|
|
locales
|
|
else
|
|
a = Array.new(locales)
|
|
shift_out = a.delete(I18n.locale.to_s)
|
|
[shift_out] + a
|
|
end
|
|
end
|
|
# called (once) when the user logs in, insert any code your application needs
|
|
# to hand off from guest_user to current_user.
|
|
def logging_in
|
|
# For example:
|
|
# guest_comments = guest_user.comments.all
|
|
# guest_comments.each do |comment|
|
|
# comment.user_id = current_user.id
|
|
# comment.save
|
|
# end
|
|
end
|
|
|
|
|
|
def render_main_rss
|
|
ret = ''
|
|
ret << "/panel/#{@item.module_app.key}/front_end/#{@item.app_frontend_url}.rss"
|
|
ret << "/#{params[:id]}" if params[:id] && !params[:id].eql?(@item.id.to_s)
|
|
|
|
categories_str=params[:category].collect{|t| "category_id[]=#{t}"}.join('&')
|
|
tags_str=params[:tag].collect{|t| "tag_id[]=#{t}"}.join('&')
|
|
categories_str = "&#{categories_str}" unless categories_str.blank?
|
|
tags_str = "&#{tags_str}" unless tags_str.blank?
|
|
|
|
ret << "?inner=true#{categories_str}#{tags_str}&page_main=#{params[:page_main]}"
|
|
redirect_to ret
|
|
end
|
|
|
|
def get_sorted_and_filtered(object_class, query = nil, objects = nil)
|
|
if params[:filter] || params[:sort] || params[:new_filter]
|
|
@filter = params[:filter]
|
|
new_filter = params[:new_filter]
|
|
|
|
if @filter && params[:clear]
|
|
@filter.delete(params[:type])
|
|
elsif @filter && new_filter
|
|
if @filter.has_key?(new_filter[:type]) && @filter[new_filter[:type]].include?(new_filter[:id].to_s)
|
|
@filter[new_filter[:type]].delete(new_filter[:id].to_s)
|
|
elsif @filter.has_key?(new_filter[:type])
|
|
@filter[new_filter[:type]] << new_filter[:id].to_s
|
|
else
|
|
@filter.merge!({new_filter[:type] => [new_filter[:id].to_s]})
|
|
end
|
|
elsif new_filter
|
|
@filter = {new_filter[:type] => [new_filter[:id].to_s]}
|
|
end
|
|
|
|
object_class = object_class.classify.constantize
|
|
objects ||= get_objects(object_class, query)
|
|
unless params[:sort].blank?
|
|
options = params[:sort_options]
|
|
options = [options] unless options.is_a?(Array)
|
|
options.each do |option|
|
|
if object_class.fields.include?(option)
|
|
if object_class.fields[option].type.to_s.eql?('Object') && !object_class.relations[option].nil?
|
|
objects = get_objects_from_referenced_objects(object_class.fields[option].options[:class_name].constantize, objects, option)
|
|
else
|
|
(objects = objects.order_by(option, params[:direction])) rescue nil
|
|
end
|
|
elsif object_class.relations.include?(option)
|
|
case object_class.relations[option].macro
|
|
when :references_one
|
|
a = Array.new
|
|
objects.each { |object| a << [get_string_value_from_object(object), object] }
|
|
sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
|
|
objects = sorted.collect {|x| x[1] }
|
|
when :references_many, :references_and_referenced_in_many
|
|
objects = get_objects_from_self(object_class, objects, option)
|
|
when :referenced_in
|
|
objects = get_objects_from_referenced_objects(object_class.relations[option].class_name.constantize, objects, "#{option}_id")
|
|
end
|
|
elsif option.eql?('category')
|
|
category_array = @module_app.categories.inject([]){ |result, value|
|
|
result << [value.title, value]
|
|
}
|
|
params[:direction].eql?('asc') ? category_array.sort! : category_array.sort!.reverse!
|
|
sorted_objects = Array.new
|
|
category_array.each do |x|
|
|
buffer_categories = x[1].buffer_categories
|
|
buffer_categories.each {|buffer_category| sorted_objects << buffer_category.categorizable }
|
|
end
|
|
sorted_objects.flatten!
|
|
sorted_objects.uniq!
|
|
objects = get_with_nil(objects, option, sorted_objects)
|
|
elsif option.eql?('tags')
|
|
tag_array = @module_app.tags.inject([]){ |result, value|
|
|
result << [value.name, value]
|
|
}
|
|
params[:direction].eql?('asc') ? tag_array.sort! : tag_array.sort!.reverse!
|
|
sorted_objects = Array.new
|
|
tag_array.each do |x|
|
|
taggings = x[1].taggings
|
|
taggings.each {|tagging| sorted_objects << tagging.taggable }
|
|
end
|
|
sorted_objects.flatten!
|
|
sorted_objects.uniq!
|
|
objects = get_with_nil(objects, option, sorted_objects)
|
|
end
|
|
end
|
|
end
|
|
if @filter
|
|
@filter.each do |key, value|
|
|
case key
|
|
when 'status'
|
|
a = Array.new
|
|
objects.each do |object|
|
|
value.each do |v|
|
|
a << object if object[v]
|
|
end
|
|
end
|
|
objects = a.uniq
|
|
when 'category'
|
|
a = Array.new
|
|
objects.each do |object|
|
|
a << object if (value.include?(object.category.id.to_s) rescue nil)
|
|
end
|
|
objects = a.uniq
|
|
when 'tag'
|
|
a = Array.new
|
|
objects.each do |object|
|
|
object.tags.each do |tag|
|
|
a << object if value.include?(tag.id.to_s)
|
|
end
|
|
end
|
|
objects = a.uniq
|
|
end if value.size > 0
|
|
end
|
|
end
|
|
else
|
|
objects = get_viewable(object_class, query)
|
|
end
|
|
Kaminari.paginate_array(filter_authorized_objects(objects)).page(params[:page]).per(10)
|
|
end
|
|
|
|
def get_string_value_from_object(object)
|
|
s = object.name_translations[I18n.locale.to_s] unless s rescue nil
|
|
s = object.title_translations[I18n.locale.to_s] unless s rescue nil
|
|
s = object.name unless s rescue nil
|
|
s = object.title unless s rescue nil
|
|
s.downcase rescue ''
|
|
end
|
|
|
|
def get_objects_from_referenced_objects(object_class, objects, option)
|
|
referer_ids = objects.distinct(option)
|
|
referenced_objects = object_class.find(referer_ids) rescue nil
|
|
if referenced_objects
|
|
a = Array.new
|
|
referenced_objects.to_a.each { |referer| a << [get_string_value_from_object(referer), referer.id] }
|
|
sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
|
|
sorted_objects = sorted.collect {|x| objects.where(option => x[1]).entries }
|
|
sorted_objects.flatten!
|
|
sorted_objects.uniq!
|
|
get_with_nil(objects, option, sorted_objects)
|
|
else
|
|
objects
|
|
end
|
|
end
|
|
|
|
def get_objects_from_self(object_class, objects, option)
|
|
referenced_class = object_class.relations[option].class_name.constantize
|
|
referenced_objects = referenced_class.all rescue nil
|
|
if referenced_objects
|
|
reverse_relation = nil
|
|
referenced_class.relations.each { |relation| reverse_relation = relation[1].name.to_s if relation[1].class_name.eql?(object_class.to_s) }
|
|
a = Array.new
|
|
referenced_objects.each { |referenced_object| a << [get_string_value_from_object(referenced_object), referenced_object] }
|
|
a.compact!
|
|
sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
|
|
sorted_objects = Array.new
|
|
sorted.each {|x| sorted_objects << x[1].send(reverse_relation) }
|
|
sorted_objects.flatten!
|
|
sorted_objects.uniq!
|
|
get_with_nil(objects, option, sorted_objects)
|
|
else
|
|
objects
|
|
end
|
|
end
|
|
|
|
def get_with_nil(objects, option, sorted_objects)
|
|
tmp = Array.new
|
|
objects.each { |object| tmp << [get_string_value_from_object(object), object] if (object.send(option).blank? || (object.send(option).size == 0 rescue nil)) }
|
|
sorted = params[:direction].eql?('asc') ? tmp.sort : tmp.sort.reverse
|
|
sorted_tmp = sorted.collect {|a| a[1] }
|
|
a = params[:direction].eql?('asc') ? (sorted_tmp + sorted_objects) : (sorted_objects + sorted_tmp)
|
|
a.flatten
|
|
end
|
|
|
|
|
|
def get_viewable(object_class, query=nil)
|
|
get_objects(object_class,query).order_by(:created_at, :desc)
|
|
end
|
|
|
|
def get_objects(object_class, query=nil)
|
|
if query
|
|
objects = object_class.where(query)
|
|
else
|
|
objects = object_class.all
|
|
end
|
|
objects
|
|
end
|
|
|
|
def filter_authorized_objects(objects)
|
|
if(!is_admin? || !is_manager?)
|
|
objects.delete_if{ |object|
|
|
if object.is_pending == true
|
|
if check_permission(:manager)
|
|
object.create_user_id != current_user.id
|
|
else
|
|
!object.category.authed_users('fact_check').include?(current_user) rescue false
|
|
end
|
|
else
|
|
false
|
|
end
|
|
}
|
|
end
|
|
objects
|
|
end
|
|
|
|
private
|
|
|
|
def mobile_device?
|
|
if session[:mobile_param]
|
|
session[:mobile_param] == "1"
|
|
else
|
|
request.user_agent =~ /iPhone|iPod|Android/
|
|
end
|
|
end
|
|
|
|
def prepare_for_mobile
|
|
if @site.mobile_on
|
|
session[:mobile_param] = if request.path =~ /mobile/
|
|
'1'
|
|
elsif params[:mobile]
|
|
params[:mobile]
|
|
else
|
|
session[:mobile_param]
|
|
end
|
|
request.format = :mobile if mobile_device?
|
|
end
|
|
end
|
|
|
|
end
|