NPO-Accounting/houdini
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge branch 'feat/extract_controller_concerns' into rails-v5

Browse source
This commit is contained in:
Eric 2020-05-11 13:39:15 -05:00
commit bf64d85852
50 changed files with 298 additions and 215 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/api_controller.rb
View file

@ -3,7 +3,7 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class Api::ApiController < ApplicationController
rescue_from ActiveRecord::RecordInvalid, with: :record_invalid_rescue
protected
def record_invalid_rescue(error)

72
app/controllers/application_controller.rb
View file

@ -2,23 +2,11 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class ApplicationController < ActionController::Base
include Controllers::Locale
include Controllers::Nonprofit::Authorization
before_action :set_locale, :redirect_to_maintenance
protect_from_forgery
helper_method \
:current_role?,
:current_nonprofit_user?,
:administered_nonprofit
def set_locale
if params[:locale] && Settings.available_locales.include?(params[:locale])
I18n.locale = params[:locale]
else
I18n.locale = Settings.language
end
end
def redirect_to_maintenance
if Settings&.maintenance&.maintenance_mode && !current_user
unless self.class == Users::SessionsController &&
@ -74,62 +62,6 @@ class ApplicationController < ActionController::Base
session[:pw_token] == token && Chronic.parse(session[:pw_timestamp]) >= 5.minutes.ago.utc
end
def store_location
referrer = request.fullpath
no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, %r{.*auth/facebook.*}]
unless request.format.symbol == :json || no_redirects.map { |p| referrer.match(p) }.any?
session[:previous_url] = referrer
end
end
def block_with_sign_in(msg = nil)
store_location
if current_user
flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}"
redirect_to root_path
else
msg ||= 'We need to sign you in before you can do that.'
redirect_to new_user_session_path, flash: { error: msg }
end
end
def authenticate_user!(_options = {})
block_with_sign_in unless current_user
end
def authenticate_confirmed_user!
if !current_user
block_with_sign_in
elsif !current_user.confirmed? && !current_role?(%i[super_associate super_admin])
redirect_to new_user_confirmation_path, flash: { error: 'You need to confirm your account to do that.' }
end
end
def authenticate_super_associate!
unless current_role?(:super_admin) || current_role?(:super_associate)
block_with_sign_in 'Please login.'
end
end
def authenticate_super_admin!
block_with_sign_in 'Please login.' unless current_role?(:super_admin)
end
def current_role?(role_names, host_id = nil)
return false unless current_user
role_names = Array(role_names)
key = "current_role_user_#{current_user_id}_names_#{role_names.join('_')}_host_#{host_id}"
QueryRoles.user_has_role?(current_user.id, role_names, host_id)
end
def administered_nonprofit
return nil unless current_user
key = "administered_nonprofit_user_#{current_user_id}_nonprofit"
Nonprofit.where(id: QueryRoles.host_ids(current_user_id, %i[nonprofit_admin nonprofit_associate])).last
end
# devise config
def after_sign_in_path_for(_resource)

3
app/controllers/billing_subscriptions_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class BillingSubscriptionsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_admin!

3
app/controllers/campaign_gift_options_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class CampaignGiftOptionsController < ApplicationController
include Controllers::CampaignHelper
include Controllers::Campaign::Current
include Controllers::Campaign::Authorization
before_action :authenticate_campaign_editor!, only: %i[create destroy update update_order]

3
app/controllers/campaigns/campaign_gift_options_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Campaigns
class CampaignGiftOptionsController < ApplicationController
include Controllers::CampaignHelper
include Controllers::Campaign::Current
include Controllers::Campaign::Authorization
before_action :authenticate_campaign_editor!, only: %i[create destroy update update_order report]

3
app/controllers/campaigns/donations_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Campaigns
class DonationsController < ApplicationController
include Controllers::CampaignHelper
include Controllers::Campaign::Current
include Controllers::Campaign::Authorization
before_action :authenticate_campaign_editor!, only: [:index]

3
app/controllers/campaigns/supporters_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Campaigns
class SupportersController < ApplicationController
include Controllers::CampaignHelper
include Controllers::Campaign::Current
include Controllers::Campaign::Authorization
before_action :authenticate_campaign_editor!, only: [:index]

3
app/controllers/campaigns_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class CampaignsController < ApplicationController
include Controllers::CampaignHelper
include Controllers::Campaign::Current
include Controllers::Campaign::Authorization
helper_method :current_campaign_editor?
before_action :authenticate_confirmed_user!, only: %i[create name_and_id duplicate]

19
app/controllers/concerns/controllers/campaign/authorization.rb Normal file
View file

@ -0,0 +1,19 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Campaign::Authorization
extend ActiveSupport::Concern
include Controllers::Nonprofit::Authorization
included do
private
def current_campaign_editor?
!params[:preview] && (current_nonprofit_user? || current_role?(:campaign_editor, current_campaign.id) || current_role?(:super_admin))
end
def authenticate_campaign_editor!
unless current_campaign_editor?
reject_with_sign_in 'You need to be a campaign editor to do that.'
end
end
end
end

17
app/controllers/concerns/controllers/campaign/current.rb Normal file
View file

@ -0,0 +1,17 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Campaign::Current
extend ActiveSupport::Concern
include Controllers::Nonprofit::Current
included do
private
def current_campaign
@campaign ||= FetchCampaign.with_params params, current_nonprofit
raise ActionController::RoutingError, 'Campaign not found' if @campaign.nil?
@campaign
end
end
end

25
app/controllers/concerns/controllers/event/authorization.rb Normal file
View file

@ -0,0 +1,25 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Event::Authorization
extend ActiveSupport::Concern
include Controllers::Nonprofit::Authorization
included do
private
def current_event_admin?
current_nonprofit_admin?
end
def current_event_editor?
!params[:preview] && (current_nonprofit_user? || current_role?(:event_editor, current_event.id) || current_role?(:super_admin))
end
def authenticate_event_editor!
unless current_event_editor?
reject_with_sign_in 'You need to be the event organizer or a nonprofit administrator before doing that.'
end
end
end
end

17
app/controllers/concerns/controllers/event/current.rb Normal file
View file

@ -0,0 +1,17 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Event::Current
extend ActiveSupport::Concern
include Controllers::Nonprofit::Current
included do
private
def current_event
@event ||= FetchEvent.with_params params, current_nonprofit
raise ActionController::RoutingError, 'Event not found' if @event.nil?
@event
end
end
end

18
app/controllers/concerns/controllers/locale.rb Normal file
View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Locale
extend ActiveSupport::Concern
included do
before_action :set_locale
def set_locale
if params[:locale] && Settings.available_locales.include?(params[:locale])
I18n.locale = params[:locale]
else
I18n.locale = Settings.language
end
end
end
end

31
app/controllers/concerns/controllers/nonprofit/authorization.rb Normal file
View file

@ -0,0 +1,31 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Nonprofit::Authorization
extend ActiveSupport::Concern
include Controllers::User::Authorization
included do
private
def authenticate_nonprofit_user!(type: :web)
reject_with_sign_in 'Please sign in' unless current_nonprofit_user?
end
def authenticate_nonprofit_admin!
reject_with_sign_in 'Please sign in' unless current_nonprofit_admin?
end
def current_nonprofit_user?
return false if params[:preview]
return false unless current_nonprofit_without_exception
@current_user_role ||= current_role?(%i[nonprofit_admin nonprofit_associate], current_nonprofit_without_exception.id) || current_role?(:super_admin)
end
def current_nonprofit_admin?
return false if !current_user || current_user.roles.empty?
@current_admin_role ||= current_role?(:nonprofit_admin, current_nonprofit.id) || current_role?(:super_admin)
end
end
end

20
app/controllers/concerns/controllers/nonprofit/current.rb Normal file
View file

@ -0,0 +1,20 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::Nonprofit::Current
extend ActiveSupport::Concern
included do
private
def current_nonprofit
@nonprofit = current_nonprofit_without_exception
raise ActionController::RoutingError, 'Nonprofit not found' if @nonprofit.nil?
@nonprofit
end
def current_nonprofit_without_exception
key = "current_nonprofit_#{current_user_id}_params_#{[params[:state_code], params[:city], params[:name], params[:nonprofit_id], params[:id]].join('_')}"
FetchNonprofit.with_params params, administered_nonprofit
end
end
end

74
app/controllers/concerns/controllers/user/authorization.rb Normal file
View file

@ -0,0 +1,74 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::User::Authorization
extend ActiveSupport::Concern
included do
helper_method :current_role?, :administered_nonprofit
private
def authenticate_user!(type= :html)
reject_with_sign_in unless current_user
end
def reject_with_sign_in(msg=nil, type= :html)
if type == :html
block_with_sign_in(msg)
else
render text: msg, status: :unauthorized
end
end
def block_with_sign_in(msg = nil)
store_location
if current_user
flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}"
redirect_to root_path
else
msg ||= 'We need to sign you in before you can do that.'
redirect_to new_user_session_path, flash: { error: msg }
end
end
def current_role?(role_names, host_id = nil)
return false unless current_user
role_names = Array(role_names)
key = "current_role_user_#{current_user_id}_names_#{role_names.join('_')}_host_#{host_id}"
QueryRoles.user_has_role?(current_user.id, role_names, host_id)
end
def authenticate_confirmed_user!
if !current_user
reject_with_sign_in
elsif !current_user.confirmed? && !current_role?(%i[super_associate super_admin])
redirect_to new_user_confirmation_path, flash: { error: 'You need to confirm your account to do that.' }
end
end
def authenticate_super_associate!
unless current_role?(:super_admin) || current_role?(:super_associate)
reject_with_sign_in 'Please login.'
end
end
def authenticate_super_admin!
reject_with_sign_in 'Please login.' unless current_role?(:super_admin)
end
def store_location
referrer = request.fullpath
no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, %r{.*auth/facebook.*}]
unless request.format.symbol == :json || no_redirects.map { |p| referrer.match(p) }.any?
session[:previous_url] = referrer
end
end
def administered_nonprofit
return nil unless current_user
key = "administered_nonprofit_user_#{current_user_id}_nonprofit"
Nonprofit.where(id: QueryRoles.host_ids(current_user_id, %i[nonprofit_admin nonprofit_associate])).last
end
end
end

3
app/controllers/email_settings_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class EmailSettingsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def index

3
app/controllers/event_discounts_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class EventDiscountsController < ApplicationController
include Controllers::EventHelper
include Controllers::Event::Current
include Controllers::Event::Authorization
before_action :authenticate_event_editor!, except: [:index]
def create

3
app/controllers/events_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class EventsController < ApplicationController
include Controllers::EventHelper
include Controllers::Event::Current
include Controllers::Event::Authorization
helper_method :current_event_editor?
before_action :authenticate_nonprofit_user!, only: :name_and_id

3
app/controllers/maps_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class MapsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_super_associate!, only: :all_supporters
before_action :authenticate_nonprofit_user!, only: %i[all_npo_supporters specific_npo_supporters]

3
app/controllers/nonprofits/activities_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class ActivitiesController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
# get /nonprofits/:nonprofit_id/supporters/:supporter_id/activities

3
app/controllers/nonprofits/bank_accounts_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class BankAccountsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_admin!

3
app/controllers/nonprofits/button_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class ButtonController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_user!

3
app/controllers/nonprofits/cards_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class CardsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!

3
app/controllers/nonprofits/charges_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class ChargesController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!, only: :index

3
app/controllers/nonprofits/custom_field_joins_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class CustomFieldJoinsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def index

3
app/controllers/nonprofits/custom_field_masters_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class CustomFieldMastersController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def index

3
app/controllers/nonprofits/donations_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class DonationsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!, only: %i[index update]
before_action :authenticate_campaign_editor!, only: [:create_offsite]

3
app/controllers/nonprofits/email_lists_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class EmailListsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!

3
app/controllers/nonprofits/imports_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class ImportsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
# post /nonprofits/:nonprofit_id/imports

3
app/controllers/nonprofits/miscellaneous_np_infos_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class MiscellaneousNpInfosController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
helper_method :current_nonprofit_user?
before_action :authenticate_nonprofit_user!

3
app/controllers/nonprofits/nonprofit_keys_controller.rb
View file

@ -4,7 +4,8 @@
module Nonprofits
class NonprofitKeysController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
# get /nonprofits/:nonprofit_id/nonprofit_keys

3
app/controllers/nonprofits/payments_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class PaymentsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!

3
app/controllers/nonprofits/payouts_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class PayoutsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_admin!, only: :create
before_action :authenticate_nonprofit_user!, only: %i[index show]

3
app/controllers/nonprofits/recurring_donations_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class RecurringDonationsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!, except: [:create]

3
app/controllers/nonprofits/refunds_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class RefundsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!

3
app/controllers/nonprofits/reports_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class ReportsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def end_of_year

3
app/controllers/nonprofits/supporter_emails_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class SupporterEmailsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def create

3
app/controllers/nonprofits/supporter_notes_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class SupporterNotesController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!, except: [:create]

3
app/controllers/nonprofits/supporters_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class SupportersController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!, except: %i[new create]

3
app/controllers/nonprofits/tag_joins_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class TagJoinsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def index

3
app/controllers/nonprofits/tag_masters_controller.rb
View file

@ -3,7 +3,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Nonprofits
class TagMastersController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_user!
def index

3
app/controllers/nonprofits_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class NonprofitsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
helper_method :current_nonprofit_user?
before_action :authenticate_nonprofit_user!, only: %i[dashboard dashboard_metrics dashboard_todos payment_history profile_todos recurring_donation_stats update verify_identity]

3
app/controllers/roles_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class RolesController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
before_action :authenticate_nonprofit_admin!

3
app/controllers/settings_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class SettingsController < ApplicationController
include Controllers::NonprofitHelper
include Controllers::Nonprofit::Current
include Controllers::Nonprofit::Authorization
helper_method :current_nonprofit_user?
before_action :authenticate_user!

3
app/controllers/ticket_levels_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class TicketLevelsController < ApplicationController
include Controllers::EventHelper
include Controllers::Event::Current
include Controllers::Event::Authorization
before_action :authenticate_event_editor!, except: %i[index show]

3
app/controllers/tickets_controller.rb
View file

@ -2,7 +2,8 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class TicketsController < ApplicationController
include Controllers::EventHelper
include Controllers::Event::Current
include Controllers::Event::Authorization
helper_method :current_event_admin?, :current_event_editor?
before_action :authenticate_event_editor!, except: %i[create add_note]

25
lib/controllers/campaign_helper.rb
View file

@ -1,25 +0,0 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::CampaignHelper
include Controllers::NonprofitHelper
private
def current_campaign
@campaign ||= FetchCampaign.with_params params, current_nonprofit
raise ActionController::RoutingError, 'Campaign not found' if @campaign.nil?
@campaign
end
def current_campaign_editor?
!params[:preview] && (current_nonprofit_user? || current_role?(:campaign_editor, current_campaign.id) || current_role?(:super_admin))
end
def authenticate_campaign_editor!
unless current_campaign_editor?
block_with_sign_in 'You need to be a campaign editor to do that.'
end
end
end

29
lib/controllers/event_helper.rb
View file

@ -1,29 +0,0 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::EventHelper
include Controllers::NonprofitHelper
private
def current_event_admin?
current_nonprofit_admin?
end
def current_event_editor?
!params[:preview] && (current_nonprofit_user? || current_role?(:event_editor, current_event.id) || current_role?(:super_admin))
end
def authenticate_event_editor!
unless current_event_editor?
block_with_sign_in 'You need to be the event organizer or a nonprofit administrator before doing that.'
end
end
def current_event
@event ||= FetchEvent.with_params params, current_nonprofit
raise ActionController::RoutingError, 'Event not found' if @event.nil?
@event
end
end

53
lib/controllers/nonprofit_helper.rb
View file

@ -1,53 +0,0 @@
# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
module Controllers::NonprofitHelper
private
def authenticate_nonprofit_user!
block_with_sign_in 'Please sign in' unless current_nonprofit_user?
end
def authenticate_nonprofit_admin!
block_with_sign_in 'Please sign in' unless current_nonprofit_admin?
end
def current_nonprofit_user?
return false if params[:preview]
return false unless current_nonprofit_without_exception
@current_user_role ||= current_role?(%i[nonprofit_admin nonprofit_associate], current_nonprofit_without_exception.id) || current_role?(:super_admin)
end
def current_nonprofit_admin?
return false if !current_user || current_user.roles.empty?
@current_admin_role ||= current_role?(:nonprofit_admin, current_nonprofit.id) || current_role?(:super_admin)
end
def current_nonprofit
@nonprofit = current_nonprofit_without_exception
raise ActionController::RoutingError, 'Nonprofit not found' if @nonprofit.nil?
@nonprofit
end
def current_nonprofit_without_exception
key = "current_nonprofit_#{current_user_id}_params_#{[params[:state_code], params[:city], params[:name], params[:nonprofit_id], params[:id]].join('_')}"
FetchNonprofit.with_params params, administered_nonprofit
end
def donation_stub
return current_nonprofit_without_exception.donations.last unless current_nonprofit_without_exception.donations.empty?
OpenStruct.new(
amount: 2000,
created_at: Time.zone.now,
nonprofit: current_nonprofit_without_exception,
campaign: nil,
designation: "Donor's designation here",
dedication: "Donor's dedication here",
id: 1
)
end
end