2018-03-25 16:15:39 +00:00
|
|
|
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
|
2018-03-25 17:30:42 +00:00
|
|
|
class ApplicationController < ActionController::Base
|
2018-07-19 17:14:03 +00:00
|
|
|
before_filter :set_locale, :redirect_to_maintenance
|
2018-03-25 17:30:42 +00:00
|
|
|
|
|
|
|
|
protect_from_forgery
|
|
|
|
|
|
|
|
|
|
helper_method \
|
|
|
|
|
:current_role?,
|
|
|
|
|
:current_nonprofit_user?,
|
|
|
|
|
:administered_nonprofit,
|
|
|
|
|
:nonprofit_in_trial?,
|
|
|
|
|
:current_plan_tier #int
|
|
|
|
|
|
|
|
|
|
def set_locale
|
|
|
|
|
if params[:locale] && Settings.available_locales.include?(params[:locale])
|
|
|
|
|
I18n.locale = params[:locale]
|
|
|
|
|
else
|
|
|
|
|
I18n.locale = Settings.language
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2018-07-19 17:14:03 +00:00
|
|
|
def redirect_to_maintenance
|
|
|
|
|
if (Settings&.maintenance&.maintenance_mode && !current_user)
|
|
|
|
|
unless (self.class == Users::SessionsController &&
|
2018-07-19 17:59:29 +00:00
|
|
|
((Settings.maintenance.maintenance_token && params[:maintenance_token] == Settings.maintenance.maintenance_token) || params[:format] == 'json'))
|
2018-07-19 17:14:03 +00:00
|
|
|
redirect_to Settings.maintenance.maintenance_page
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2018-03-25 17:30:42 +00:00
|
|
|
protected
|
|
|
|
|
|
|
|
|
|
def json_saved(model, msg=nil)
|
|
|
|
|
if model.valid?
|
|
|
|
|
flash[:notice] = msg if msg
|
|
|
|
|
render json: model, status: 200
|
|
|
|
|
else
|
|
|
|
|
render json: model.errors.full_messages, status: :unprocessable_entity
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# A response helper for use with the param_validation gem
|
|
|
|
|
# use like: render_json{ UpdateUsers.update(params[:user]) }
|
|
|
|
|
# will catch and pretty print exceptions using the rails loggers
|
|
|
|
|
def render_json(&block)
|
|
|
|
|
begin
|
|
|
|
|
result = {status: 200, json: yield(block)}
|
|
|
|
|
rescue ParamValidation::ValidationError => e
|
|
|
|
|
logger.info "422: #{e}".red.bold
|
|
|
|
|
#logger.info ">>".bold.red + " #{{'Failed key name' => e.data[:key], 'Value' => e.data[:val], 'Failed validator' => e.data[:name]}}".red
|
|
|
|
|
result = {status: 422, json: {error: e.message}}
|
|
|
|
|
rescue CCOrgError => e
|
|
|
|
|
logger.info "422: #{e}".red.bold
|
|
|
|
|
result = {status: 422, json: {error: e.message}}
|
|
|
|
|
rescue ActiveRecord::RecordNotFound => e
|
|
|
|
|
logger.info "404: #{e}".red.bold
|
|
|
|
|
result = {status: 404, json: {error: e.message}}
|
|
|
|
|
rescue AuthenticationError => e
|
|
|
|
|
logger.info "401: #{e}".red.bold
|
|
|
|
|
result = {status: 401, json: {error: e.message}}
|
|
|
|
|
rescue ExpiredTokenError => e
|
|
|
|
|
logger.info "422: #{e}".red.bold
|
|
|
|
|
result = {status: 422, json: {error: e.message}}
|
|
|
|
|
rescue Exception => e # a non-validation related exception
|
|
|
|
|
logger.error "500: #{e}".red.bold
|
|
|
|
|
logger.error e.backtrace.take(5).map{|l| ">>".red.bold + " #{l}"}.join("\n").red
|
|
|
|
|
result = {status: 500, json: {error: e.message, backtrace: e.backtrace}}
|
|
|
|
|
end
|
|
|
|
|
render result
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Test that within the last 5 minutes, the user has confirmed their password
|
|
|
|
|
def password_was_confirmed(token)
|
|
|
|
|
session[:pw_token] == token && Chronic.parse(session[:pw_timestamp]) >= 5.minutes.ago.utc
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def store_location
|
|
|
|
|
referrer = request.fullpath
|
|
|
|
|
no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, /.*auth\/facebook.*/]
|
|
|
|
|
unless request.format.symbol == :json || no_redirects.map{|p| referrer.match(p)}.any?
|
|
|
|
|
session[:previous_url] = referrer
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def block_with_sign_in(msg=nil)
|
|
|
|
|
store_location
|
|
|
|
|
if current_user
|
|
|
|
|
flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}"
|
|
|
|
|
redirect_to root_path
|
|
|
|
|
else
|
|
|
|
|
msg ||= 'We need to sign you in before you can do that.'
|
|
|
|
|
redirect_to new_user_session_path, :flash => {:error => msg}
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authenticate_user!(options={})
|
|
|
|
|
block_with_sign_in unless current_user
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authenticate_confirmed_user!
|
|
|
|
|
if !current_user
|
|
|
|
|
block_with_sign_in
|
|
|
|
|
elsif !current_user.confirmed? && !current_role?([:super_associate, :super_admin])
|
|
|
|
|
redirect_to new_user_confirmation_path, flash: {error: 'You need to confirm your account to do that.'}
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authenticate_super_associate!
|
|
|
|
|
unless current_role?(:super_admin) || current_role?(:super_associate)
|
|
|
|
|
block_with_sign_in 'Please login.'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authenticate_super_admin!
|
|
|
|
|
unless current_role?(:super_admin)
|
|
|
|
|
block_with_sign_in 'Please login.'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def current_role?(role_names, host_id = nil)
|
|
|
|
|
return false unless current_user
|
|
|
|
|
role_names = Array(role_names)
|
|
|
|
|
key = "current_role_user_#{current_user_id}_names_#{role_names.join("_")}_host_#{host_id}"
|
|
|
|
|
QueryRoles.user_has_role?(current_user.id, role_names, host_id)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def nonprofit_in_trial?(npo_id=nil)
|
|
|
|
|
return false if !npo_id && !administered_nonprofit
|
|
|
|
|
npo_id ||= administered_nonprofit.id
|
|
|
|
|
key = "in_trial_user_#{current_user_id}_nonprofit_#{npo_id}"
|
|
|
|
|
QueryBillingSubscriptions.currently_in_trial?(npo_id)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def current_plan_tier(npo_id=nil)
|
|
|
|
|
return 0 if !npo_id && !administered_nonprofit
|
|
|
|
|
npo_id ||= administered_nonprofit.id
|
|
|
|
|
return 2 if current_role?(:super_admin)
|
|
|
|
|
key = "plan_tier_user_#{current_user_id}_nonprofit_#{npo_id}"
|
|
|
|
|
administered_nonprofit ? QueryBillingSubscriptions.plan_tier(npo_id) : 0
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def administered_nonprofit
|
|
|
|
|
return nil unless current_user
|
|
|
|
|
key = "administered_nonprofit_user_#{current_user_id}_nonprofit"
|
|
|
|
|
Nonprofit.where(id: QueryRoles.host_ids(current_user_id, [:nonprofit_admin, :nonprofit_associate])).last
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# devise config
|
|
|
|
|
|
|
|
|
|
def after_sign_in_path_for(resource)
|
|
|
|
|
request.env['omniauth.origin'] || session[:previous_url] || root_path
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def after_sign_up_path_for(resource)
|
|
|
|
|
request.env['omniauth.origin'] || session[:previous_url] || root_path
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def after_update_path_for(resource)
|
|
|
|
|
profile_path(current_user.profile)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def after_inactive_sign_up_path_for(resource)
|
|
|
|
|
profile_path(current_user.profile)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# /devise config
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def current_user_id
|
|
|
|
|
current_user && current_user.id
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
