2018-11-22 14:58:12 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2018-11-22 14:33:08 -05:00
|
|
|
class ApplicationController < ActionController::Base
|
2018-11-29 19:02:04 -05:00
|
|
|
include Pundit
|
2018-11-29 08:51:03 -05:00
|
|
|
|
2018-11-30 20:39:26 -05:00
|
|
|
protect_from_forgery with: :exception, prepend: true, unless: :json_request?
|
2018-11-29 08:14:08 -05:00
|
|
|
|
2018-12-11 20:54:38 -05:00
|
|
|
before_action :set_raven_context
|
2018-12-11 21:04:13 -05:00
|
|
|
before_action :sign_in_guest_account
|
2018-12-11 20:54:38 -05:00
|
|
|
|
2018-11-29 19:17:26 -05:00
|
|
|
after_action :verify_authorized, except: :index
|
|
|
|
|
after_action :verify_policy_scoped, only: :index
|
|
|
|
|
|
2018-12-11 20:29:46 -05:00
|
|
|
rescue_from ActiveRecord::RecordNotFound, with: :render_not_found
|
2019-02-01 21:00:49 -05:00
|
|
|
rescue_from Pundit::NotAuthorizedError, with: :render_forbidden
|
2018-11-29 08:51:03 -05:00
|
|
|
|
2018-12-01 21:28:34 -05:00
|
|
|
helper_method :current_account
|
|
|
|
|
|
2018-11-29 08:14:08 -05:00
|
|
|
private
|
|
|
|
|
|
2018-12-01 21:28:34 -05:00
|
|
|
def current_account
|
2018-12-05 18:20:50 -05:00
|
|
|
@current_account ||= current_user&.account
|
2018-12-08 16:55:43 -05:00
|
|
|
@current_account ||= Account.guests.find_by(id: session[:guest_account_id])
|
2018-12-01 21:28:34 -05:00
|
|
|
end
|
|
|
|
|
|
2018-12-12 22:09:49 -05:00
|
|
|
alias pundit_user current_account
|
2018-12-01 21:28:34 -05:00
|
|
|
|
2018-11-29 09:57:40 -05:00
|
|
|
def set_raven_context
|
2018-12-11 20:43:15 -05:00
|
|
|
Raven.user_context(
|
|
|
|
|
account_id: current_account&.id,
|
|
|
|
|
user_id: current_user&.id,
|
|
|
|
|
)
|
|
|
|
|
|
2018-11-29 09:57:40 -05:00
|
|
|
Raven.extra_context params: params.to_unsafe_h, url: request.url
|
|
|
|
|
end
|
|
|
|
|
|
2018-12-11 21:04:13 -05:00
|
|
|
def sign_in_guest_account
|
|
|
|
|
return if current_account || params[:guest_token].blank?
|
|
|
|
|
|
|
|
|
|
account = Account.guests.find_by! guest_token: params[:guest_token]
|
|
|
|
|
remember_if_guest_account account
|
|
|
|
|
redirect_to request.original_url
|
|
|
|
|
end
|
|
|
|
|
|
2018-11-29 08:14:08 -05:00
|
|
|
def json_request?
|
|
|
|
|
request.format.json?
|
|
|
|
|
end
|
2018-11-29 08:51:03 -05:00
|
|
|
|
2018-12-11 20:29:46 -05:00
|
|
|
def render_not_found
|
2018-12-11 20:27:47 -05:00
|
|
|
respond_to do |format|
|
|
|
|
|
format.html { render status: :not_found, template: 'errors/not_found' }
|
|
|
|
|
format.json { render status: :not_found, json: {} }
|
|
|
|
|
end
|
2018-11-29 08:51:03 -05:00
|
|
|
end
|
|
|
|
|
|
2019-02-01 21:00:49 -05:00
|
|
|
def render_forbidden
|
2019-03-27 00:49:08 -04:00
|
|
|
respond_to do |format|
|
|
|
|
|
format.html { render status: :forbidden, template: 'errors/forbidden' }
|
|
|
|
|
format.json { render status: :forbidden, json: {} }
|
|
|
|
|
end
|
2018-11-29 08:51:03 -05:00
|
|
|
end
|
2018-12-04 20:49:26 -05:00
|
|
|
|
2018-12-11 20:29:46 -05:00
|
|
|
def render_method_not_allowed
|
2019-03-27 00:52:12 -04:00
|
|
|
respond_to do |format|
|
|
|
|
|
format.html do
|
|
|
|
|
render status: :method_not_allowed,
|
|
|
|
|
template: 'errors/method_not_allowed'
|
|
|
|
|
end
|
|
|
|
|
format.json { render status: :method_not_allowed, json: {} }
|
|
|
|
|
end
|
2018-12-07 20:07:28 -05:00
|
|
|
end
|
|
|
|
|
|
2018-12-04 20:49:26 -05:00
|
|
|
def remember_if_guest_account(account)
|
|
|
|
|
session[:guest_account_id] = account.id if account.guest?
|
|
|
|
|
end
|
2018-11-22 14:33:08 -05:00
|
|
|
end
|
