From 63f5146655479cfdd13d5dec123eee22a5c6f525 Mon Sep 17 00:00:00 2001 From: Eric Date: Mon, 11 May 2020 13:38:50 -0500 Subject: [PATCH] Extract controller related concerns and put them in one place --- app/controllers/api/api_controller.rb | 2 +- app/controllers/application_controller.rb | 72 +----------------- .../billing_subscriptions_controller.rb | 3 +- .../campaign_gift_options_controller.rb | 3 +- .../campaign_gift_options_controller.rb | 3 +- .../campaigns/donations_controller.rb | 3 +- .../campaigns/supporters_controller.rb | 3 +- app/controllers/campaigns_controller.rb | 3 +- .../controllers/campaign/authorization.rb | 19 +++++ .../concerns/controllers/campaign/current.rb | 17 +++++ .../controllers/event/authorization.rb | 25 +++++++ .../concerns/controllers/event/current.rb | 17 +++++ .../concerns/controllers/locale.rb | 18 +++++ .../controllers/nonprofit/authorization.rb | 31 ++++++++ .../concerns/controllers/nonprofit/current.rb | 20 +++++ .../controllers/user/authorization.rb | 73 +++++++++++++++++++ app/controllers/email_settings_controller.rb | 3 +- app/controllers/event_discounts_controller.rb | 3 +- app/controllers/events_controller.rb | 3 +- app/controllers/maps_controller.rb | 3 +- .../nonprofits/activities_controller.rb | 3 +- .../nonprofits/bank_accounts_controller.rb | 3 +- .../nonprofits/button_controller.rb | 3 +- .../nonprofits/cards_controller.rb | 3 +- .../nonprofits/charges_controller.rb | 3 +- .../custom_field_joins_controller.rb | 3 +- .../custom_field_masters_controller.rb | 3 +- .../nonprofits/donations_controller.rb | 3 +- .../nonprofits/email_lists_controller.rb | 3 +- .../nonprofits/imports_controller.rb | 3 +- .../miscellaneous_np_infos_controller.rb | 3 +- .../nonprofits/nonprofit_keys_controller.rb | 3 +- .../nonprofits/payments_controller.rb | 3 +- .../nonprofits/payouts_controller.rb | 3 +- .../recurring_donations_controller.rb | 3 +- .../nonprofits/refunds_controller.rb | 3 +- .../nonprofits/reports_controller.rb | 3 +- .../nonprofits/supporter_emails_controller.rb | 3 +- .../nonprofits/supporter_notes_controller.rb | 3 +- .../nonprofits/supporters_controller.rb | 3 +- .../nonprofits/tag_joins_controller.rb | 3 +- .../nonprofits/tag_masters_controller.rb | 3 +- app/controllers/nonprofits_controller.rb | 3 +- app/controllers/roles_controller.rb | 3 +- app/controllers/settings_controller.rb | 3 +- app/controllers/ticket_levels_controller.rb | 3 +- app/controllers/tickets_controller.rb | 3 +- lib/controllers/campaign_helper.rb | 25 ------- lib/controllers/event_helper.rb | 29 -------- lib/controllers/nonprofit_helper.rb | 53 -------------- 50 files changed, 297 insertions(+), 215 deletions(-) create mode 100644 app/controllers/concerns/controllers/campaign/authorization.rb create mode 100644 app/controllers/concerns/controllers/campaign/current.rb create mode 100644 app/controllers/concerns/controllers/event/authorization.rb create mode 100644 app/controllers/concerns/controllers/event/current.rb create mode 100644 app/controllers/concerns/controllers/locale.rb create mode 100644 app/controllers/concerns/controllers/nonprofit/authorization.rb create mode 100644 app/controllers/concerns/controllers/nonprofit/current.rb create mode 100644 app/controllers/concerns/controllers/user/authorization.rb delete mode 100644 lib/controllers/campaign_helper.rb delete mode 100644 lib/controllers/event_helper.rb delete mode 100644 lib/controllers/nonprofit_helper.rb diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb index 44c5e5fa..47769648 100644 --- a/app/controllers/api/api_controller.rb +++ b/app/controllers/api/api_controller.rb @@ -3,7 +3,7 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class Api::ApiController < ApplicationController rescue_from ActiveRecord::RecordInvalid, with: :record_invalid_rescue - + protected def record_invalid_rescue(error) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 44a7d875..3677337f 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,23 +2,11 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class ApplicationController < ActionController::Base + include Controllers::Locale + include Controllers::Nonprofit::Authorization before_action :set_locale, :redirect_to_maintenance - protect_from_forgery - helper_method \ - :current_role?, - :current_nonprofit_user?, - :administered_nonprofit - - def set_locale - if params[:locale] && Settings.available_locales.include?(params[:locale]) - I18n.locale = params[:locale] - else - I18n.locale = Settings.language - end - end - def redirect_to_maintenance if Settings&.maintenance&.maintenance_mode && !current_user unless self.class == Users::SessionsController && @@ -74,62 +62,6 @@ class ApplicationController < ActionController::Base session[:pw_token] == token && Chronic.parse(session[:pw_timestamp]) >= 5.minutes.ago.utc end - def store_location - referrer = request.fullpath - no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, %r{.*auth/facebook.*}] - unless request.format.symbol == :json || no_redirects.map { |p| referrer.match(p) }.any? - session[:previous_url] = referrer - end - end - - def block_with_sign_in(msg = nil) - store_location - if current_user - flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}" - redirect_to root_path - else - msg ||= 'We need to sign you in before you can do that.' - redirect_to new_user_session_path, flash: { error: msg } - end - end - - def authenticate_user!(_options = {}) - block_with_sign_in unless current_user - end - - def authenticate_confirmed_user! - if !current_user - block_with_sign_in - elsif !current_user.confirmed? && !current_role?(%i[super_associate super_admin]) - redirect_to new_user_confirmation_path, flash: { error: 'You need to confirm your account to do that.' } - end - end - - def authenticate_super_associate! - unless current_role?(:super_admin) || current_role?(:super_associate) - block_with_sign_in 'Please login.' - end - end - - def authenticate_super_admin! - block_with_sign_in 'Please login.' unless current_role?(:super_admin) - end - - def current_role?(role_names, host_id = nil) - return false unless current_user - - role_names = Array(role_names) - key = "current_role_user_#{current_user_id}_names_#{role_names.join('_')}_host_#{host_id}" - QueryRoles.user_has_role?(current_user.id, role_names, host_id) - end - - def administered_nonprofit - return nil unless current_user - - key = "administered_nonprofit_user_#{current_user_id}_nonprofit" - Nonprofit.where(id: QueryRoles.host_ids(current_user_id, %i[nonprofit_admin nonprofit_associate])).last - end - # devise config def after_sign_in_path_for(_resource) diff --git a/app/controllers/billing_subscriptions_controller.rb b/app/controllers/billing_subscriptions_controller.rb index e13599ed..96d3b517 100644 --- a/app/controllers/billing_subscriptions_controller.rb +++ b/app/controllers/billing_subscriptions_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class BillingSubscriptionsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_admin! diff --git a/app/controllers/campaign_gift_options_controller.rb b/app/controllers/campaign_gift_options_controller.rb index bbd3c140..82745524 100644 --- a/app/controllers/campaign_gift_options_controller.rb +++ b/app/controllers/campaign_gift_options_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class CampaignGiftOptionsController < ApplicationController - include Controllers::CampaignHelper + include Controllers::Campaign::Current + include Controllers::Campaign::Authorization before_action :authenticate_campaign_editor!, only: %i[create destroy update update_order] diff --git a/app/controllers/campaigns/campaign_gift_options_controller.rb b/app/controllers/campaigns/campaign_gift_options_controller.rb index e48a5fdd..199391e6 100644 --- a/app/controllers/campaigns/campaign_gift_options_controller.rb +++ b/app/controllers/campaigns/campaign_gift_options_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Campaigns class CampaignGiftOptionsController < ApplicationController - include Controllers::CampaignHelper + include Controllers::Campaign::Current + include Controllers::Campaign::Authorization before_action :authenticate_campaign_editor!, only: %i[create destroy update update_order report] diff --git a/app/controllers/campaigns/donations_controller.rb b/app/controllers/campaigns/donations_controller.rb index 9cb40393..fbc73bc0 100644 --- a/app/controllers/campaigns/donations_controller.rb +++ b/app/controllers/campaigns/donations_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Campaigns class DonationsController < ApplicationController - include Controllers::CampaignHelper + include Controllers::Campaign::Current + include Controllers::Campaign::Authorization before_action :authenticate_campaign_editor!, only: [:index] diff --git a/app/controllers/campaigns/supporters_controller.rb b/app/controllers/campaigns/supporters_controller.rb index a52fb608..d504b446 100644 --- a/app/controllers/campaigns/supporters_controller.rb +++ b/app/controllers/campaigns/supporters_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Campaigns class SupportersController < ApplicationController - include Controllers::CampaignHelper + include Controllers::Campaign::Current + include Controllers::Campaign::Authorization before_action :authenticate_campaign_editor!, only: [:index] diff --git a/app/controllers/campaigns_controller.rb b/app/controllers/campaigns_controller.rb index d4a9dec0..177ec176 100644 --- a/app/controllers/campaigns_controller.rb +++ b/app/controllers/campaigns_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class CampaignsController < ApplicationController - include Controllers::CampaignHelper + include Controllers::Campaign::Current + include Controllers::Campaign::Authorization helper_method :current_campaign_editor? before_action :authenticate_confirmed_user!, only: %i[create name_and_id duplicate] diff --git a/app/controllers/concerns/controllers/campaign/authorization.rb b/app/controllers/concerns/controllers/campaign/authorization.rb new file mode 100644 index 00000000..e1efe5e5 --- /dev/null +++ b/app/controllers/concerns/controllers/campaign/authorization.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Campaign::Authorization + extend ActiveSupport::Concern + include Controllers::Nonprofit::Authorization + + included do + private + def current_campaign_editor? + !params[:preview] && (current_nonprofit_user? || current_role?(:campaign_editor, current_campaign.id) || current_role?(:super_admin)) + end + def authenticate_campaign_editor! + unless current_campaign_editor? + reject_with_sign_in 'You need to be a campaign editor to do that.' + end + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/campaign/current.rb b/app/controllers/concerns/controllers/campaign/current.rb new file mode 100644 index 00000000..0997124c --- /dev/null +++ b/app/controllers/concerns/controllers/campaign/current.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Campaign::Current + extend ActiveSupport::Concern + include Controllers::Nonprofit::Current + + included do + private + def current_campaign + @campaign ||= FetchCampaign.with_params params, current_nonprofit + raise ActionController::RoutingError, 'Campaign not found' if @campaign.nil? + + @campaign + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/event/authorization.rb b/app/controllers/concerns/controllers/event/authorization.rb new file mode 100644 index 00000000..94e6ca6b --- /dev/null +++ b/app/controllers/concerns/controllers/event/authorization.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Event::Authorization + extend ActiveSupport::Concern + include Controllers::Nonprofit::Authorization + + included do + private + + def current_event_admin? + current_nonprofit_admin? + end + + def current_event_editor? + !params[:preview] && (current_nonprofit_user? || current_role?(:event_editor, current_event.id) || current_role?(:super_admin)) + end + + def authenticate_event_editor! + unless current_event_editor? + reject_with_sign_in 'You need to be the event organizer or a nonprofit administrator before doing that.' + end + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/event/current.rb b/app/controllers/concerns/controllers/event/current.rb new file mode 100644 index 00000000..290b18cb --- /dev/null +++ b/app/controllers/concerns/controllers/event/current.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Event::Current + extend ActiveSupport::Concern + include Controllers::Nonprofit::Current + + included do + private + def current_event + @event ||= FetchEvent.with_params params, current_nonprofit + raise ActionController::RoutingError, 'Event not found' if @event.nil? + + @event + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/locale.rb b/app/controllers/concerns/controllers/locale.rb new file mode 100644 index 00000000..78e2407b --- /dev/null +++ b/app/controllers/concerns/controllers/locale.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Locale + extend ActiveSupport::Concern + + included do + before_action :set_locale + + def set_locale + if params[:locale] && Settings.available_locales.include?(params[:locale]) + I18n.locale = params[:locale] + else + I18n.locale = Settings.language + end + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/nonprofit/authorization.rb b/app/controllers/concerns/controllers/nonprofit/authorization.rb new file mode 100644 index 00000000..1fb3e684 --- /dev/null +++ b/app/controllers/concerns/controllers/nonprofit/authorization.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Nonprofit::Authorization + extend ActiveSupport::Concern + include Controllers::User::Authorization + + included do + private + def authenticate_nonprofit_user!(type: :web) + reject_with_sign_in 'Please sign in' unless current_nonprofit_user? + end + + def authenticate_nonprofit_admin! + reject_with_sign_in 'Please sign in' unless current_nonprofit_admin? + end + + def current_nonprofit_user? + return false if params[:preview] + return false unless current_nonprofit_without_exception + + @current_user_role ||= current_role?(%i[nonprofit_admin nonprofit_associate], current_nonprofit_without_exception.id) || current_role?(:super_admin) + end + + def current_nonprofit_admin? + return false if !current_user || current_user.roles.empty? + + @current_admin_role ||= current_role?(:nonprofit_admin, current_nonprofit.id) || current_role?(:super_admin) + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/nonprofit/current.rb b/app/controllers/concerns/controllers/nonprofit/current.rb new file mode 100644 index 00000000..ce4718db --- /dev/null +++ b/app/controllers/concerns/controllers/nonprofit/current.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::Nonprofit::Current + extend ActiveSupport::Concern + included do + private + def current_nonprofit + @nonprofit = current_nonprofit_without_exception + raise ActionController::RoutingError, 'Nonprofit not found' if @nonprofit.nil? + + @nonprofit + end + + def current_nonprofit_without_exception + key = "current_nonprofit_#{current_user_id}_params_#{[params[:state_code], params[:city], params[:name], params[:nonprofit_id], params[:id]].join('_')}" + FetchNonprofit.with_params params, administered_nonprofit + end + end +end \ No newline at end of file diff --git a/app/controllers/concerns/controllers/user/authorization.rb b/app/controllers/concerns/controllers/user/authorization.rb new file mode 100644 index 00000000..2eb948c4 --- /dev/null +++ b/app/controllers/concerns/controllers/user/authorization.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: true + +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +module Controllers::User::Authorization + extend ActiveSupport::Concern + + included do + private + def authenticate_user!(type= :html) + reject_with_sign_in unless current_user + end + + def reject_with_sign_in(msg=nil, type= :html) + if type == :html + block_with_sign_in(msg) + else + render text: msg, status: :unauthorized + end + end + + def block_with_sign_in(msg = nil) + store_location + if current_user + flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}" + redirect_to root_path + else + msg ||= 'We need to sign you in before you can do that.' + redirect_to new_user_session_path, flash: { error: msg } + end + end + + def current_role?(role_names, host_id = nil) + return false unless current_user + + role_names = Array(role_names) + key = "current_role_user_#{current_user_id}_names_#{role_names.join('_')}_host_#{host_id}" + QueryRoles.user_has_role?(current_user.id, role_names, host_id) + end + + def authenticate_confirmed_user! + if !current_user + reject_with_sign_in + elsif !current_user.confirmed? && !current_role?(%i[super_associate super_admin]) + redirect_to new_user_confirmation_path, flash: { error: 'You need to confirm your account to do that.' } + end + end + + def authenticate_super_associate! + unless current_role?(:super_admin) || current_role?(:super_associate) + reject_with_sign_in 'Please login.' + end + end + + def authenticate_super_admin! + reject_with_sign_in 'Please login.' unless current_role?(:super_admin) + end + + def store_location + referrer = request.fullpath + no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, %r{.*auth/facebook.*}] + unless request.format.symbol == :json || no_redirects.map { |p| referrer.match(p) }.any? + session[:previous_url] = referrer + end + end + + def administered_nonprofit + return nil unless current_user + + key = "administered_nonprofit_user_#{current_user_id}_nonprofit" + Nonprofit.where(id: QueryRoles.host_ids(current_user_id, %i[nonprofit_admin nonprofit_associate])).last + end + end +end \ No newline at end of file diff --git a/app/controllers/email_settings_controller.rb b/app/controllers/email_settings_controller.rb index 4d14a958..b4652fd1 100644 --- a/app/controllers/email_settings_controller.rb +++ b/app/controllers/email_settings_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class EmailSettingsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def index diff --git a/app/controllers/event_discounts_controller.rb b/app/controllers/event_discounts_controller.rb index 103c8b57..9ea04f5e 100644 --- a/app/controllers/event_discounts_controller.rb +++ b/app/controllers/event_discounts_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class EventDiscountsController < ApplicationController - include Controllers::EventHelper + include Controllers::Event::Current + include Controllers::Event::Authorization before_action :authenticate_event_editor!, except: [:index] def create diff --git a/app/controllers/events_controller.rb b/app/controllers/events_controller.rb index c0cec3f4..b3522da3 100644 --- a/app/controllers/events_controller.rb +++ b/app/controllers/events_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class EventsController < ApplicationController - include Controllers::EventHelper + include Controllers::Event::Current + include Controllers::Event::Authorization helper_method :current_event_editor? before_action :authenticate_nonprofit_user!, only: :name_and_id diff --git a/app/controllers/maps_controller.rb b/app/controllers/maps_controller.rb index 2982879a..561d11da 100644 --- a/app/controllers/maps_controller.rb +++ b/app/controllers/maps_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class MapsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_super_associate!, only: :all_supporters before_action :authenticate_nonprofit_user!, only: %i[all_npo_supporters specific_npo_supporters] diff --git a/app/controllers/nonprofits/activities_controller.rb b/app/controllers/nonprofits/activities_controller.rb index d5d6b652..a1435e6e 100644 --- a/app/controllers/nonprofits/activities_controller.rb +++ b/app/controllers/nonprofits/activities_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class ActivitiesController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! # get /nonprofits/:nonprofit_id/supporters/:supporter_id/activities diff --git a/app/controllers/nonprofits/bank_accounts_controller.rb b/app/controllers/nonprofits/bank_accounts_controller.rb index 74c00eda..3982fa70 100644 --- a/app/controllers/nonprofits/bank_accounts_controller.rb +++ b/app/controllers/nonprofits/bank_accounts_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class BankAccountsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_admin! diff --git a/app/controllers/nonprofits/button_controller.rb b/app/controllers/nonprofits/button_controller.rb index 35fb85a6..caaa866b 100644 --- a/app/controllers/nonprofits/button_controller.rb +++ b/app/controllers/nonprofits/button_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class ButtonController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_user! diff --git a/app/controllers/nonprofits/cards_controller.rb b/app/controllers/nonprofits/cards_controller.rb index a8d40c9c..6bd0792b 100644 --- a/app/controllers/nonprofits/cards_controller.rb +++ b/app/controllers/nonprofits/cards_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class CardsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! diff --git a/app/controllers/nonprofits/charges_controller.rb b/app/controllers/nonprofits/charges_controller.rb index 4825b881..232a6c70 100644 --- a/app/controllers/nonprofits/charges_controller.rb +++ b/app/controllers/nonprofits/charges_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class ChargesController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user!, only: :index diff --git a/app/controllers/nonprofits/custom_field_joins_controller.rb b/app/controllers/nonprofits/custom_field_joins_controller.rb index 22b4a943..57cbd114 100644 --- a/app/controllers/nonprofits/custom_field_joins_controller.rb +++ b/app/controllers/nonprofits/custom_field_joins_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class CustomFieldJoinsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def index diff --git a/app/controllers/nonprofits/custom_field_masters_controller.rb b/app/controllers/nonprofits/custom_field_masters_controller.rb index 1d846a91..e95691f5 100644 --- a/app/controllers/nonprofits/custom_field_masters_controller.rb +++ b/app/controllers/nonprofits/custom_field_masters_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class CustomFieldMastersController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def index diff --git a/app/controllers/nonprofits/donations_controller.rb b/app/controllers/nonprofits/donations_controller.rb index 79b34459..ea8d4bc9 100644 --- a/app/controllers/nonprofits/donations_controller.rb +++ b/app/controllers/nonprofits/donations_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class DonationsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user!, only: %i[index update] before_action :authenticate_campaign_editor!, only: [:create_offsite] diff --git a/app/controllers/nonprofits/email_lists_controller.rb b/app/controllers/nonprofits/email_lists_controller.rb index b382d0e8..0cb88813 100644 --- a/app/controllers/nonprofits/email_lists_controller.rb +++ b/app/controllers/nonprofits/email_lists_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class EmailListsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! diff --git a/app/controllers/nonprofits/imports_controller.rb b/app/controllers/nonprofits/imports_controller.rb index 87f92d69..dfb212ea 100644 --- a/app/controllers/nonprofits/imports_controller.rb +++ b/app/controllers/nonprofits/imports_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class ImportsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! # post /nonprofits/:nonprofit_id/imports diff --git a/app/controllers/nonprofits/miscellaneous_np_infos_controller.rb b/app/controllers/nonprofits/miscellaneous_np_infos_controller.rb index ecc4ebee..59f1392b 100644 --- a/app/controllers/nonprofits/miscellaneous_np_infos_controller.rb +++ b/app/controllers/nonprofits/miscellaneous_np_infos_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class MiscellaneousNpInfosController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization helper_method :current_nonprofit_user? before_action :authenticate_nonprofit_user! diff --git a/app/controllers/nonprofits/nonprofit_keys_controller.rb b/app/controllers/nonprofits/nonprofit_keys_controller.rb index 28fdb3f9..62b5023b 100644 --- a/app/controllers/nonprofits/nonprofit_keys_controller.rb +++ b/app/controllers/nonprofits/nonprofit_keys_controller.rb @@ -4,7 +4,8 @@ module Nonprofits class NonprofitKeysController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! # get /nonprofits/:nonprofit_id/nonprofit_keys diff --git a/app/controllers/nonprofits/payments_controller.rb b/app/controllers/nonprofits/payments_controller.rb index 75665c39..cae2eddf 100644 --- a/app/controllers/nonprofits/payments_controller.rb +++ b/app/controllers/nonprofits/payments_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class PaymentsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! diff --git a/app/controllers/nonprofits/payouts_controller.rb b/app/controllers/nonprofits/payouts_controller.rb index 85f3d1f7..047a1197 100644 --- a/app/controllers/nonprofits/payouts_controller.rb +++ b/app/controllers/nonprofits/payouts_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class PayoutsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_admin!, only: :create before_action :authenticate_nonprofit_user!, only: %i[index show] diff --git a/app/controllers/nonprofits/recurring_donations_controller.rb b/app/controllers/nonprofits/recurring_donations_controller.rb index 0a1f2c37..2623484c 100644 --- a/app/controllers/nonprofits/recurring_donations_controller.rb +++ b/app/controllers/nonprofits/recurring_donations_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class RecurringDonationsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user!, except: [:create] diff --git a/app/controllers/nonprofits/refunds_controller.rb b/app/controllers/nonprofits/refunds_controller.rb index 7b0a7232..8afa35e8 100644 --- a/app/controllers/nonprofits/refunds_controller.rb +++ b/app/controllers/nonprofits/refunds_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class RefundsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! diff --git a/app/controllers/nonprofits/reports_controller.rb b/app/controllers/nonprofits/reports_controller.rb index c3c28646..a5fdd6f6 100644 --- a/app/controllers/nonprofits/reports_controller.rb +++ b/app/controllers/nonprofits/reports_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class ReportsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def end_of_year diff --git a/app/controllers/nonprofits/supporter_emails_controller.rb b/app/controllers/nonprofits/supporter_emails_controller.rb index abdaded3..5a3930ac 100644 --- a/app/controllers/nonprofits/supporter_emails_controller.rb +++ b/app/controllers/nonprofits/supporter_emails_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class SupporterEmailsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def create diff --git a/app/controllers/nonprofits/supporter_notes_controller.rb b/app/controllers/nonprofits/supporter_notes_controller.rb index b17f0ea6..1926ea32 100644 --- a/app/controllers/nonprofits/supporter_notes_controller.rb +++ b/app/controllers/nonprofits/supporter_notes_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class SupporterNotesController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user!, except: [:create] diff --git a/app/controllers/nonprofits/supporters_controller.rb b/app/controllers/nonprofits/supporters_controller.rb index 968a7c21..ee2173e7 100644 --- a/app/controllers/nonprofits/supporters_controller.rb +++ b/app/controllers/nonprofits/supporters_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class SupportersController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user!, except: %i[new create] diff --git a/app/controllers/nonprofits/tag_joins_controller.rb b/app/controllers/nonprofits/tag_joins_controller.rb index 0a9d2a42..6471927e 100644 --- a/app/controllers/nonprofits/tag_joins_controller.rb +++ b/app/controllers/nonprofits/tag_joins_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class TagJoinsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def index diff --git a/app/controllers/nonprofits/tag_masters_controller.rb b/app/controllers/nonprofits/tag_masters_controller.rb index 07b81cb9..42e234bb 100644 --- a/app/controllers/nonprofits/tag_masters_controller.rb +++ b/app/controllers/nonprofits/tag_masters_controller.rb @@ -3,7 +3,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Nonprofits class TagMastersController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_user! def index diff --git a/app/controllers/nonprofits_controller.rb b/app/controllers/nonprofits_controller.rb index e1d8f989..b9086abf 100755 --- a/app/controllers/nonprofits_controller.rb +++ b/app/controllers/nonprofits_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class NonprofitsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization helper_method :current_nonprofit_user? before_action :authenticate_nonprofit_user!, only: %i[dashboard dashboard_metrics dashboard_todos payment_history profile_todos recurring_donation_stats update verify_identity] diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb index 51d8d054..74c8fad7 100644 --- a/app/controllers/roles_controller.rb +++ b/app/controllers/roles_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class RolesController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization before_action :authenticate_nonprofit_admin! diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb index b35db2f4..f1e31798 100644 --- a/app/controllers/settings_controller.rb +++ b/app/controllers/settings_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class SettingsController < ApplicationController - include Controllers::NonprofitHelper + include Controllers::Nonprofit::Current + include Controllers::Nonprofit::Authorization helper_method :current_nonprofit_user? before_action :authenticate_user! diff --git a/app/controllers/ticket_levels_controller.rb b/app/controllers/ticket_levels_controller.rb index 4c101c17..ab6e7dcb 100644 --- a/app/controllers/ticket_levels_controller.rb +++ b/app/controllers/ticket_levels_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class TicketLevelsController < ApplicationController - include Controllers::EventHelper + include Controllers::Event::Current + include Controllers::Event::Authorization before_action :authenticate_event_editor!, except: %i[index show] diff --git a/app/controllers/tickets_controller.rb b/app/controllers/tickets_controller.rb index c5a1720f..21ed41ec 100644 --- a/app/controllers/tickets_controller.rb +++ b/app/controllers/tickets_controller.rb @@ -2,7 +2,8 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class TicketsController < ApplicationController - include Controllers::EventHelper + include Controllers::Event::Current + include Controllers::Event::Authorization helper_method :current_event_admin?, :current_event_editor? before_action :authenticate_event_editor!, except: %i[create add_note] diff --git a/lib/controllers/campaign_helper.rb b/lib/controllers/campaign_helper.rb deleted file mode 100644 index 50b64faf..00000000 --- a/lib/controllers/campaign_helper.rb +++ /dev/null @@ -1,25 +0,0 @@ -# frozen_string_literal: true - -# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later -module Controllers::CampaignHelper - include Controllers::NonprofitHelper - - private - - def current_campaign - @campaign ||= FetchCampaign.with_params params, current_nonprofit - raise ActionController::RoutingError, 'Campaign not found' if @campaign.nil? - - @campaign - end - - def current_campaign_editor? - !params[:preview] && (current_nonprofit_user? || current_role?(:campaign_editor, current_campaign.id) || current_role?(:super_admin)) - end - - def authenticate_campaign_editor! - unless current_campaign_editor? - block_with_sign_in 'You need to be a campaign editor to do that.' - end - end -end diff --git a/lib/controllers/event_helper.rb b/lib/controllers/event_helper.rb deleted file mode 100644 index 7125436a..00000000 --- a/lib/controllers/event_helper.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: true - -# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later -module Controllers::EventHelper - include Controllers::NonprofitHelper - - private - - def current_event_admin? - current_nonprofit_admin? - end - - def current_event_editor? - !params[:preview] && (current_nonprofit_user? || current_role?(:event_editor, current_event.id) || current_role?(:super_admin)) - end - - def authenticate_event_editor! - unless current_event_editor? - block_with_sign_in 'You need to be the event organizer or a nonprofit administrator before doing that.' - end - end - - def current_event - @event ||= FetchEvent.with_params params, current_nonprofit - raise ActionController::RoutingError, 'Event not found' if @event.nil? - - @event - end -end diff --git a/lib/controllers/nonprofit_helper.rb b/lib/controllers/nonprofit_helper.rb deleted file mode 100644 index 4f36e493..00000000 --- a/lib/controllers/nonprofit_helper.rb +++ /dev/null @@ -1,53 +0,0 @@ -# frozen_string_literal: true - -# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later -module Controllers::NonprofitHelper - private - - def authenticate_nonprofit_user! - block_with_sign_in 'Please sign in' unless current_nonprofit_user? - end - - def authenticate_nonprofit_admin! - block_with_sign_in 'Please sign in' unless current_nonprofit_admin? - end - - def current_nonprofit_user? - return false if params[:preview] - return false unless current_nonprofit_without_exception - - @current_user_role ||= current_role?(%i[nonprofit_admin nonprofit_associate], current_nonprofit_without_exception.id) || current_role?(:super_admin) - end - - def current_nonprofit_admin? - return false if !current_user || current_user.roles.empty? - - @current_admin_role ||= current_role?(:nonprofit_admin, current_nonprofit.id) || current_role?(:super_admin) - end - - def current_nonprofit - @nonprofit = current_nonprofit_without_exception - raise ActionController::RoutingError, 'Nonprofit not found' if @nonprofit.nil? - - @nonprofit - end - - def current_nonprofit_without_exception - key = "current_nonprofit_#{current_user_id}_params_#{[params[:state_code], params[:city], params[:name], params[:nonprofit_id], params[:id]].join('_')}" - FetchNonprofit.with_params params, administered_nonprofit - end - - def donation_stub - return current_nonprofit_without_exception.donations.last unless current_nonprofit_without_exception.donations.empty? - - OpenStruct.new( - amount: 2000, - created_at: Time.zone.now, - nonprofit: current_nonprofit_without_exception, - campaign: nil, - designation: "Donor's designation here", - dedication: "Donor's dedication here", - id: 1 - ) - end -end