orbit-basic/app/controllers/application_controller.rb

483 lines
16 KiB
Ruby
Raw Permalink Normal View History

2009-05-07 16:53:18 +00:00
class ApplicationController < ActionController::Base
protect_from_forgery
2013-10-31 08:17:51 +00:00
include ParserFrontEnd, ApplicationHelper
include OrbitApp::ErrorHandlers::PageErrorHandler
include OrbitApp::ErrorHandlers::ObjectAuthErrorHandler
include OrbitApp::ErrorHandlers::ModuleAppErrorHandler
rescue_from ObjectAuthError, :with => :render_object_auth_error
2013-01-03 02:58:52 +00:00
rescue_from ModuleAppError, :with => :render_module_app_error
rescue_from PageError, :with => :render_page_error
2012-02-19 08:33:22 +00:00
layout :layout_by_resource
2013-01-08 21:18:16 +00:00
helper :admin, :orbit_form
2013-02-26 12:14:03 +00:00
before_filter :set_site, :set_locale, :prepare_for_mobile
2012-01-05 08:20:51 +00:00
2012-11-15 09:23:39 +00:00
helper_attr :site_valid_locales
def check_backend_openness
2013-11-04 07:41:23 +00:00
if !Site.first.backend_openness_on
redirect_to '/users/sign_in' if not (authenticate_user! and is_member? )
end
end
2013-11-19 08:23:30 +00:00
def check_mobile_api_openness
if !Site.first.mobile_api_openness_on
redirect_to '/users/sign_in' if not (authenticate_user! and is_member? )
end
end
def site_restart
Resque.enqueue(RestartServer)
end
def set_current_user
2012-08-23 08:05:14 +00:00
User.current = current_or_guest_user
UserActionRecoder.perform(current_or_guest_user,params.to_s)
end
2012-01-05 08:20:51 +00:00
def front_end_available(module_app_title='')
app_controller = ModuleApp.first(conditions: {:key => module_app_title} )
unless app_controller.enable_frontend?
2012-01-18 13:34:26 +00:00
render :nothing => true
2012-01-05 08:20:51 +00:00
end
end
def get_all_app_engines
2012-01-10 10:29:11 +00:00
ary = ["vender/plugins/new_blog"]
app_engines = ary.collect{|t|
Rails::Engine.find t
}
app_engines.each{ |t|
# t.
}
end
def flaten_controller
ary=[]
Find.find(File.join(Rails.root , 'vendor/plugins/')) { |name|
require_dependency(name) if /_controller\.rb$/ =~ name
ary << name
}
ary
end
# Find the parent for the given item
def find_parent_item
@parent_item = Item.first(:conditions => { :id => BSON::ObjectId(params[:parent_id]) }) rescue nil
end
def auth_failed_in_backend
#redirect_to admin_dashboards_url
redirect_to root_path
end
def for_admin_only
if is_admin?
true
else
2012-09-12 11:12:50 +00:00
flash[:error] = t("access.denied.not_admin")
auth_failed_in_backend
end
end
def for_app_manager
if is_manager?
true
else
2012-09-12 11:12:50 +00:00
flash[:error] = t("access.denied.app.not_manager")
auth_failed_in_backend
end
end
def for_app_sub_manager
2012-08-23 08:05:14 +00:00
if (@module_app.sub_managing_users.include?(current_or_guest_user) || is_manager?)
true
else
2012-09-12 11:12:50 +00:00
flash[:error] = t("access.denied.app.not_sub_manager")
auth_failed_in_backend
end
end
def for_app_user
2012-08-23 08:05:14 +00:00
if (@module_app.app_auth.auth_users.include?(current_or_guest_user) || for_app_sub_manager )
true
else
2012-09-12 11:12:50 +00:00
flash[:error] = t("access.denied.app.not_authed_user")
auth_failed_in_backend
end
end
def check_object_premission(obj,title)
2012-09-12 11:12:50 +00:00
flash[:error] = t("access.denied.object")
2012-08-23 08:05:14 +00:00
auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) || is_manager? || is_admin? )
end
# Render the page
def render_page(args={})
if @item
2012-06-19 02:49:45 +00:00
respond_to do |format|
2013-04-03 11:03:16 +00:00
format.html { render :text => parse_page_content(@item,args), :layout => 'page_layout' }
2012-06-19 02:49:45 +00:00
format.rss { render_main_rss }
2013-01-16 00:14:42 +00:00
format.mobile { redirect_to mobile_path(:app => params[:app]) }
2012-06-19 02:49:45 +00:00
end
else
render :text => '404 Not Found'
end
end
def render_share
object_class = params[:model].classify.constantize
@object = object_class.find(params[:id])
2012-08-07 23:46:10 +00:00
module_app = ModuleApp.first(:conditions => {:key => params[:key]})
2012-09-19 07:09:08 +00:00
@item = @object.share_item
#@item = Item.where(module_app_id: module_app.id).all_of("tag" => {"$in" => [nil,'']},"category" => { "$in" => [nil,'']}).first
#binding.pry
@orig_url = "http://#{request.host_with_port}/#{@item.path}?id=#{@object.id}"
render 'shared/render_share', :layout => false
end
2011-08-18 05:43:33 +00:00
protected
# Set I18n.locale
2009-06-19 09:31:10 +00:00
def set_locale
# update session if passed
session[:locale] = params[:locale] if params[:locale]
2013-02-26 12:14:03 +00:00
browser_locale = condition = nil
default_locale = condition = nil
2013-11-28 04:28:43 +00:00
backup_locale = condition = nil
# check if locale is valid for non site pages
2013-02-26 12:14:03 +00:00
if LIST[:forbidden_item_names].include?(env['PATH_INFO'].split('/')[1].to_s)
condition = VALID_LOCALES.include?(session[:locale])
#check if the default locale is present or not
2013-11-22 09:14:47 +00:00
elsif params[:locale]
condition = @site.in_use_locales.include?(params[:locale])
2013-12-09 04:06:19 +00:00
elsif (@site.default_locale.present? && @site.enable_language_detection.eql?(false))
2013-11-22 09:14:47 +00:00
default_locale = @site.default_locale
condition = @site.in_use_locales.include?(default_locale)
elsif (@site.enable_language_detection.eql?(true) && @site.default_locale.nil?)
#check enable langauge detection
2013-02-26 12:14:03 +00:00
browser_locale = request.env['HTTP_ACCEPT_LANGUAGE'].scan(/^[a-z]{2}/).first rescue nil
if browser_locale.eql?("zh")
condition = @site.in_use_locales.include?("zh_tw")
browser_locale = "zh_tw"
else
condition = @site.in_use_locales.include?(browser_locale)
end
2013-12-09 03:10:55 +00:00
elsif (@site.default_locale.nil? && @site.enable_language_detection.eql?(false))
backup_locale = @site.valid_locales.first
condition = @site.in_use_locales.include?(backup_locale)
end
session[:locale] = condition ? ( session[:locale] || default_locale || browser_locale || backup_locale) : I18n.default_locale.to_s
2013-02-26 12:14:03 +00:00
I18n.locale = session[:locale].to_sym
2013-12-12 02:21:53 +00:00
@site_in_use_locales = site_locales_default_head(@site.in_use_locales)
@site_valid_locales = site_locales_default_head(@site.valid_locales)
2010-01-11 09:09:50 +00:00
end
# Set the site variables
def set_site
# set site if exist or create site
@site = Site.first || Site.create({:valid_locales => VALID_LOCALES, :in_use_locales => VALID_LOCALES})
session[:site] = @site.id
end
2011-05-13 01:08:42 +00:00
def set_current_item
session[:current_page] = params[:id] || @item.id rescue nil
2011-05-13 01:08:42 +00:00
end
2011-08-18 05:43:33 +00:00
def decrypt_data(encrypted_data, encrypted_key, encrypted_iv)
site = Site.find(session[:site])
if encrypted_data
private_key = OpenSSL::PKey::RSA.new(site.private_key)
cipher = OpenSSL::Cipher.new('aes-256-cbc')
cipher.decrypt
cipher.key = private_key.private_decrypt(encrypted_key)
cipher.iv = private_key.private_decrypt(encrypted_iv)
decrypted_data = cipher.update(encrypted_data)
decrypted_data << cipher.final
else
''
end
end
2011-09-01 01:12:41 +00:00
def get_homepage
2012-05-22 06:45:49 +00:00
Page.root
2011-09-01 01:12:41 +00:00
end
2012-02-19 08:33:22 +00:00
def layout_by_resource
if devise_controller?
"devise"
else
"application"
end
end
def site_locales_default_head(locales)
if locales[0].eql? I18n.locale.to_s
locales
else
a = Array.new(locales)
shift_out = a.delete(I18n.locale.to_s)
[shift_out] + a
end
end
2012-08-23 08:05:14 +00:00
# called (once) when the user logs in, insert any code your application needs
# to hand off from guest_user to current_user.
def logging_in
# For example:
# guest_comments = guest_user.comments.all
# guest_comments.each do |comment|
# comment.user_id = current_user.id
# comment.save
# end
end
2012-06-19 02:49:45 +00:00
def render_main_rss
ret = ''
ret << "/panel/#{@item.module_app.key}/front_end/#{@item.app_frontend_url}.rss"
ret << "/#{params[:id]}" if params[:id] && !params[:id].eql?(@item.id.to_s)
2013-03-05 10:34:41 +00:00
categories_str=params[:category].collect{|t| "category_id[]=#{t}"}.join('&')
tags_str=params[:tag].collect{|t| "tag_id[]=#{t}"}.join('&')
categories_str = "&#{categories_str}" unless categories_str.blank?
tags_str = "&#{tags_str}" unless tags_str.blank?
ret << "?inner=true#{categories_str}#{tags_str}&page_main=#{params[:page_main]}"
2012-06-19 02:49:45 +00:00
redirect_to ret
end
def get_sorted_and_filtered(object_class, query = nil, objects = nil, pagination = true)
if params[:filter] || params[:sort] || params[:new_filter]
@filter = params[:filter]
new_filter = params[:new_filter]
if @filter && params[:clear]
@filter.delete(params[:type])
elsif @filter && new_filter
if @filter.has_key?(new_filter[:type]) && @filter[new_filter[:type]].include?(new_filter[:id].to_s)
@filter[new_filter[:type]].delete(new_filter[:id].to_s)
elsif @filter.has_key?(new_filter[:type])
@filter[new_filter[:type]] << new_filter[:id].to_s
else
@filter.merge!({new_filter[:type] => [new_filter[:id].to_s]})
end
elsif new_filter
@filter = {new_filter[:type] => [new_filter[:id].to_s]}
end
2013-07-22 09:41:52 +00:00
object_class = object_class.classify.constantize
objects ||= get_objects(object_class, query)
unless params[:sort].blank?
options = params[:sort_options]
options = [options] unless options.is_a?(Array)
options.each do |option|
if object_class.fields.include?(option)
if object_class.fields[option].type.to_s.eql?('Object') && !object_class.relations[option].nil?
objects = get_objects_from_referenced_objects(object_class.fields[option].options[:class_name].constantize, objects, option)
else
(objects = objects.order_by(option, params[:direction])) rescue nil
end
elsif object_class.relations.include?(option)
case object_class.relations[option].macro
when :references_one
a = Array.new
objects.each { |object| a << [get_string_value_from_object(object), object] }
sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
objects = sorted.collect {|x| x[1] }
when :references_many, :references_and_referenced_in_many
objects = get_objects_from_self(object_class, objects, option)
when :referenced_in
objects = get_objects_from_referenced_objects(object_class.relations[option].class_name.constantize, objects, "#{option}_id")
end
elsif option.eql?('category')
category_array = @module_app.categories.inject([]){ |result, value|
result << [value.title, value]
}
params[:direction].eql?('asc') ? category_array.sort! : category_array.sort!.reverse!
sorted_objects = Array.new
category_array.each do |x|
buffer_categories = x[1].buffer_categories
buffer_categories.each {|buffer_category| sorted_objects << buffer_category.categorizable }
end
sorted_objects.flatten!
sorted_objects.uniq!
objects = get_with_nil(objects, option, sorted_objects)
elsif option.eql?('tags')
tag_array = @module_app.tags.inject([]){ |result, value|
result << [value.name, value]
}
params[:direction].eql?('asc') ? tag_array.sort! : tag_array.sort!.reverse!
sorted_objects = Array.new
tag_array.each do |x|
taggings = x[1].taggings
taggings.each {|tagging| sorted_objects << tagging.taggable }
end
sorted_objects.flatten!
sorted_objects.uniq!
objects = get_with_nil(objects, option, sorted_objects)
end
end
end
if @filter
@filter.each do |key, value|
case key
when 'status'
a = Array.new
objects.each do |object|
value.each do |v|
a << object if object[v]
end
end
objects = a.uniq
when 'category'
a = Array.new
objects.each do |object|
a << object if (value.include?(object.category.id.to_s) rescue nil)
end
objects = a.uniq
when 'tags'
a = Array.new
objects.each do |object|
object.tags.each do |tag|
a << object if value.include?(tag.id.to_s)
end
end
objects = a.uniq
end if value.size > 0
end
end
else
objects = get_viewable(object_class, query)
end
if (!user_signed_in? && object_class == "bulletin")
objects = get_bulletins_for_open_backend(objects)
end
if pagination
Kaminari.paginate_array(filter_authorized_objects(objects)).page(params[:page]).per(10)
else
filter_authorized_objects(objects)
end
end
def get_bulletins_for_open_backend(objects)
objects.select{|object| object.is_rejected == false && object.is_pending == false}
end
def get_string_value_from_object(object)
s = object.name_translations[I18n.locale.to_s] unless s rescue nil
s = object.title_translations[I18n.locale.to_s] unless s rescue nil
s = object.name unless s rescue nil
s = object.title unless s rescue nil
s.downcase rescue ''
end
def get_objects_from_referenced_objects(object_class, objects, option)
referer_ids = objects.distinct(option)
referenced_objects = object_class.find(referer_ids) rescue nil
if referenced_objects
a = Array.new
referenced_objects.to_a.each { |referer| a << [get_string_value_from_object(referer), referer.id] }
sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
sorted_objects = sorted.collect {|x| objects.where(option => x[1]).entries }
sorted_objects.flatten!
sorted_objects.uniq!
get_with_nil(objects, option, sorted_objects)
else
objects
end
end
def get_objects_from_self(object_class, objects, option)
referenced_class = object_class.relations[option].class_name.constantize
referenced_objects = referenced_class.all rescue nil
if referenced_objects
reverse_relation = nil
referenced_class.relations.each { |relation| reverse_relation = relation[1].name.to_s if relation[1].class_name.eql?(object_class.to_s) }
a = Array.new
referenced_objects.each { |referenced_object| a << [get_string_value_from_object(referenced_object), referenced_object] }
a.compact!
sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
sorted_objects = Array.new
sorted.each {|x| sorted_objects << x[1].send(reverse_relation) }
sorted_objects.flatten!
sorted_objects.uniq!
get_with_nil(objects, option, sorted_objects)
else
objects
end
end
def get_with_nil(objects, option, sorted_objects)
tmp = Array.new
objects.each { |object| tmp << [get_string_value_from_object(object), object] if (object.send(option).blank? || (object.send(option).size == 0 rescue nil)) }
sorted = params[:direction].eql?('asc') ? tmp.sort : tmp.sort.reverse
sorted_tmp = sorted.collect {|a| a[1] }
a = params[:direction].eql?('asc') ? (sorted_tmp + sorted_objects) : (sorted_objects + sorted_tmp)
a.flatten
end
def get_viewable(object_class, query=nil)
2013-07-22 09:41:52 +00:00
object_class = object_class.classify.constantize
get_objects(object_class,query).order_by(:created_at, :desc)
end
def get_objects(object_class, query=nil)
if query
objects = object_class.where(query)
else
objects = object_class.all
end
objects
end
def filter_authorized_objects(objects)
if(!is_admin? || !is_manager?)
objects.delete_if{ |object|
if object.is_pending == true
if check_permission(:manager)
object.create_user_id != current_user.id
else
!object.category.authed_users("approval_#{@module_app.key}").include?(current_user) rescue false
end
else
false
end
}
end
objects
end
2012-12-19 19:21:50 +00:00
private
def mobile_device?
if session[:mobile_param]
session[:mobile_param] == "1"
else
request.user_agent =~ /iPhone|iPod|Android/
end
end
def prepare_for_mobile
2013-01-06 19:57:36 +00:00
if @site.mobile_on
2013-01-09 07:57:31 +00:00
session[:mobile_param] = if request.path =~ /mobile/
'1'
elsif params[:mobile]
params[:mobile]
else
session[:mobile_param]
end
2013-01-06 19:57:36 +00:00
request.format = :mobile if mobile_device?
end
2012-12-19 19:21:50 +00:00
end
2009-05-07 16:53:18 +00:00
end