Merge branch 'feat/extract_controller_concerns' into rails-v5

app/controllers/application_controller.rb

@@ -2,23 +2,11 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class ApplicationController < ActionController::Base
+  include Controllers::Locale
+  include Controllers::Nonprofit::Authorization
   before_action :set_locale, :redirect_to_maintenance
-
   protect_from_forgery
 
-  helper_method \
-    :current_role?,
-    :current_nonprofit_user?,
-    :administered_nonprofit
-
-  def set_locale
-    if params[:locale] && Settings.available_locales.include?(params[:locale])
-      I18n.locale = params[:locale]
-    else
-      I18n.locale = Settings.language
-    end
-  end
-
   def redirect_to_maintenance
     if Settings&.maintenance&.maintenance_mode && !current_user
       unless self.class == Users::SessionsController &&
@@ -74,62 +62,6 @@ class ApplicationController < ActionController::Base
     session[:pw_token] == token && Chronic.parse(session[:pw_timestamp]) >= 5.minutes.ago.utc
   end
 
-  def store_location
-    referrer = request.fullpath
-    no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, %r{.*auth/facebook.*}]
-    unless request.format.symbol == :json || no_redirects.map { |p| referrer.match(p) }.any?
-      session[:previous_url] = referrer
-    end
-  end
-
-  def block_with_sign_in(msg = nil)
-    store_location
-    if current_user
-      flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}"
-      redirect_to root_path
-    else
-      msg ||= 'We need to sign you in before you can do that.'
-      redirect_to new_user_session_path, flash: { error: msg }
-    end
-  end
-
-  def authenticate_user!(_options = {})
-    block_with_sign_in unless current_user
-  end
-
-  def authenticate_confirmed_user!
-    if !current_user
-      block_with_sign_in
-    elsif !current_user.confirmed? && !current_role?(%i[super_associate super_admin])
-      redirect_to new_user_confirmation_path, flash: { error: 'You need to confirm your account to do that.' }
-    end
-  end
-
-  def authenticate_super_associate!
-    unless current_role?(:super_admin) || current_role?(:super_associate)
-      block_with_sign_in 'Please login.'
-    end
-  end
-
-  def authenticate_super_admin!
-    block_with_sign_in 'Please login.' unless current_role?(:super_admin)
-  end
-
-  def current_role?(role_names, host_id = nil)
-    return false unless current_user
-
-    role_names = Array(role_names)
-    key = "current_role_user_#{current_user_id}_names_#{role_names.join('_')}_host_#{host_id}"
-    QueryRoles.user_has_role?(current_user.id, role_names, host_id)
-  end
-
-  def administered_nonprofit
-    return nil unless current_user
-
-    key = "administered_nonprofit_user_#{current_user_id}_nonprofit"
-    Nonprofit.where(id: QueryRoles.host_ids(current_user_id, %i[nonprofit_admin nonprofit_associate])).last
-  end
-
   # devise config
 
   def after_sign_in_path_for(_resource)

app/controllers/billing_subscriptions_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class BillingSubscriptionsController < ApplicationController
-  include Controllers::NonprofitHelper
+  include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
   before_action :authenticate_nonprofit_admin!
 

app/controllers/campaign_gift_options_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class CampaignGiftOptionsController < ApplicationController
-  include Controllers::CampaignHelper
+  include Controllers::Campaign::Current
+  include Controllers::Campaign::Authorization
 
   before_action :authenticate_campaign_editor!, only: %i[create destroy update update_order]
 

app/controllers/campaigns/campaign_gift_options_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Campaigns
   class CampaignGiftOptionsController < ApplicationController
-    include Controllers::CampaignHelper
+    include Controllers::Campaign::Current
+  include Controllers::Campaign::Authorization
 
     before_action :authenticate_campaign_editor!, only: %i[create destroy update update_order report]
 

app/controllers/campaigns/donations_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Campaigns
   class DonationsController < ApplicationController
-    include Controllers::CampaignHelper
+    include Controllers::Campaign::Current
+  include Controllers::Campaign::Authorization
 
     before_action :authenticate_campaign_editor!, only: [:index]
 

app/controllers/campaigns/supporters_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Campaigns
   class SupportersController < ApplicationController
-    include Controllers::CampaignHelper
+    include Controllers::Campaign::Current
+  include Controllers::Campaign::Authorization
 
     before_action :authenticate_campaign_editor!, only: [:index]
 

app/controllers/campaigns_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class CampaignsController < ApplicationController
-  include Controllers::CampaignHelper
+  include Controllers::Campaign::Current
+  include Controllers::Campaign::Authorization
 
   helper_method :current_campaign_editor?
   before_action :authenticate_confirmed_user!, only: %i[create name_and_id duplicate]

app/controllers/concerns/controllers/campaign/authorization.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Campaign::Authorization
+    extend ActiveSupport::Concern
+    include Controllers::Nonprofit::Authorization
+
+    included do
+        private
+        def current_campaign_editor?
+            !params[:preview] && (current_nonprofit_user? || current_role?(:campaign_editor, current_campaign.id) || current_role?(:super_admin))
+        end
+        def authenticate_campaign_editor!
+            unless current_campaign_editor?
+                reject_with_sign_in 'You need to be a campaign editor to do that.'
+            end
+        end
+    end
+end

app/controllers/concerns/controllers/campaign/current.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Campaign::Current
+    extend ActiveSupport::Concern
+    include Controllers::Nonprofit::Current
+
+    included do
+        private
+        def current_campaign
+            @campaign ||= FetchCampaign.with_params params, current_nonprofit
+            raise ActionController::RoutingError, 'Campaign not found' if @campaign.nil?
+        
+            @campaign
+        end
+    end
+end

app/controllers/concerns/controllers/event/authorization.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Event::Authorization
+    extend ActiveSupport::Concern
+    include Controllers::Nonprofit::Authorization
+
+    included do
+        private
+
+        def current_event_admin?
+            current_nonprofit_admin?
+        end
+
+        def current_event_editor?
+            !params[:preview] && (current_nonprofit_user? || current_role?(:event_editor, current_event.id) || current_role?(:super_admin))
+        end
+
+        def authenticate_event_editor!
+            unless current_event_editor?
+                reject_with_sign_in 'You need to be the event organizer or a nonprofit administrator before doing that.'
+            end
+        end
+    end
+end

app/controllers/concerns/controllers/event/current.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Event::Current
+    extend ActiveSupport::Concern
+    include Controllers::Nonprofit::Current
+
+    included do
+        private
+        def current_event
+            @event ||= FetchEvent.with_params params, current_nonprofit
+            raise ActionController::RoutingError, 'Event not found' if @event.nil?
+
+            @event
+        end
+    end
+end

app/controllers/concerns/controllers/locale.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Locale
+    extend ActiveSupport::Concern
+
+    included do 
+        before_action :set_locale
+
+        def set_locale
+            if params[:locale] && Settings.available_locales.include?(params[:locale])
+              I18n.locale = params[:locale]
+            else
+              I18n.locale = Settings.language
+            end
+        end
+    end
+end

app/controllers/concerns/controllers/nonprofit/authorization.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Nonprofit::Authorization
+    extend ActiveSupport::Concern
+    include Controllers::User::Authorization
+
+    included do
+        private
+        def authenticate_nonprofit_user!(type: :web)
+            reject_with_sign_in 'Please sign in' unless current_nonprofit_user?
+        end
+
+        def authenticate_nonprofit_admin!
+            reject_with_sign_in 'Please sign in' unless current_nonprofit_admin?
+        end
+
+        def current_nonprofit_user?
+            return false if params[:preview]
+            return false unless current_nonprofit_without_exception
+
+            @current_user_role ||= current_role?(%i[nonprofit_admin nonprofit_associate], current_nonprofit_without_exception.id) || current_role?(:super_admin)
+        end
+
+        def current_nonprofit_admin?
+            return false if !current_user || current_user.roles.empty?
+
+            @current_admin_role ||= current_role?(:nonprofit_admin, current_nonprofit.id) || current_role?(:super_admin)
+        end
+    end
+end

app/controllers/concerns/controllers/nonprofit/current.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::Nonprofit::Current
+    extend ActiveSupport::Concern
+    included do
+        private
+        def current_nonprofit
+            @nonprofit = current_nonprofit_without_exception
+            raise ActionController::RoutingError, 'Nonprofit not found' if @nonprofit.nil?
+
+            @nonprofit
+        end
+
+        def current_nonprofit_without_exception
+            key = "current_nonprofit_#{current_user_id}_params_#{[params[:state_code], params[:city], params[:name], params[:nonprofit_id], params[:id]].join('_')}"
+            FetchNonprofit.with_params params, administered_nonprofit
+        end
+    end
+end

app/controllers/concerns/controllers/user/authorization.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+module Controllers::User::Authorization
+  extend ActiveSupport::Concern
+
+  included do
+    helper_method :current_role?, :administered_nonprofit
+    private
+    def authenticate_user!(type= :html)
+      reject_with_sign_in unless current_user
+    end
+
+    def reject_with_sign_in(msg=nil, type= :html)
+      if type == :html
+        block_with_sign_in(msg)
+      else
+        render text: msg, status: :unauthorized
+      end
+    end
+
+    def block_with_sign_in(msg = nil)
+      store_location
+      if current_user
+        flash[:notice] = "It looks like you're not allowed to access that page. If this seems like a mistake, please contact #{Settings.mailer.email}"
+        redirect_to root_path
+      else
+        msg ||= 'We need to sign you in before you can do that.'
+        redirect_to new_user_session_path, flash: { error: msg }
+      end
+    end
+
+    def current_role?(role_names, host_id = nil)
+      return false unless current_user
+
+      role_names = Array(role_names)
+      key = "current_role_user_#{current_user_id}_names_#{role_names.join('_')}_host_#{host_id}"
+      QueryRoles.user_has_role?(current_user.id, role_names, host_id)
+    end
+
+    def authenticate_confirmed_user!
+      if !current_user
+        reject_with_sign_in
+      elsif !current_user.confirmed? && !current_role?(%i[super_associate super_admin])
+        redirect_to new_user_confirmation_path, flash: { error: 'You need to confirm your account to do that.' }
+      end
+    end
+  
+    def authenticate_super_associate!
+      unless current_role?(:super_admin) || current_role?(:super_associate)
+        reject_with_sign_in 'Please login.'
+      end
+    end
+  
+    def authenticate_super_admin!
+      reject_with_sign_in 'Please login.' unless current_role?(:super_admin)
+    end
+
+    def store_location
+      referrer = request.fullpath
+      no_redirects = ['/users', '/signup', '/signin', '/users/sign_in', '/users/sign_up', '/users/password', '/users/sign_out', /.*\.json.*/, %r{.*auth/facebook.*}]
+      unless request.format.symbol == :json || no_redirects.map { |p| referrer.match(p) }.any?
+        session[:previous_url] = referrer
+      end
+    end
+
+    def administered_nonprofit
+      return nil unless current_user
+  
+      key = "administered_nonprofit_user_#{current_user_id}_nonprofit"
+      Nonprofit.where(id: QueryRoles.host_ids(current_user_id, %i[nonprofit_admin nonprofit_associate])).last
+    end
+  end
+end

app/controllers/email_settings_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class EmailSettingsController < ApplicationController
-  include Controllers::NonprofitHelper
+  include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
   before_action :authenticate_nonprofit_user!
 
   def index

app/controllers/event_discounts_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class EventDiscountsController < ApplicationController
-  include Controllers::EventHelper
+  include Controllers::Event::Current
+  include Controllers::Event::Authorization
   before_action :authenticate_event_editor!, except: [:index]
 
   def create

app/controllers/events_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class EventsController < ApplicationController
-  include Controllers::EventHelper
+  include Controllers::Event::Current
+  include Controllers::Event::Authorization
 
   helper_method :current_event_editor?
   before_action :authenticate_nonprofit_user!, only: :name_and_id

app/controllers/maps_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class MapsController < ApplicationController
-  include Controllers::NonprofitHelper
+  include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
   before_action :authenticate_super_associate!, only: :all_supporters
   before_action :authenticate_nonprofit_user!, only: %i[all_npo_supporters specific_npo_supporters]

app/controllers/nonprofits/activities_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class ActivitiesController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     # get /nonprofits/:nonprofit_id/supporters/:supporter_id/activities

app/controllers/nonprofits/bank_accounts_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class BankAccountsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_admin!
 

app/controllers/nonprofits/button_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class ButtonController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_user!
 

app/controllers/nonprofits/cards_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class CardsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!
 

app/controllers/nonprofits/charges_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class ChargesController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!, only: :index
 

app/controllers/nonprofits/custom_field_joins_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class CustomFieldJoinsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     def index

app/controllers/nonprofits/custom_field_masters_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class CustomFieldMastersController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     def index

app/controllers/nonprofits/donations_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class DonationsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!, only: %i[index update]
     before_action :authenticate_campaign_editor!, only: [:create_offsite]

app/controllers/nonprofits/email_lists_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class EmailListsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!
 

app/controllers/nonprofits/imports_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class ImportsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!
     # post /nonprofits/:nonprofit_id/imports

app/controllers/nonprofits/miscellaneous_np_infos_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class MiscellaneousNpInfosController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     helper_method :current_nonprofit_user?
     before_action :authenticate_nonprofit_user!

app/controllers/nonprofits/nonprofit_keys_controller.rb

@@ -4,7 +4,8 @@
 
 module Nonprofits
   class NonprofitKeysController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     # get /nonprofits/:nonprofit_id/nonprofit_keys

app/controllers/nonprofits/payments_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class PaymentsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!
 

app/controllers/nonprofits/payouts_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class PayoutsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_admin!, only: :create
     before_action :authenticate_nonprofit_user!, only: %i[index show]

app/controllers/nonprofits/recurring_donations_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class RecurringDonationsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!, except: [:create]
 

app/controllers/nonprofits/refunds_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class RefundsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!
 

app/controllers/nonprofits/reports_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class ReportsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     def end_of_year

app/controllers/nonprofits/supporter_emails_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class SupporterEmailsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     def create

app/controllers/nonprofits/supporter_notes_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class SupporterNotesController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!, except: [:create]
 

app/controllers/nonprofits/supporters_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class SupportersController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
     before_action :authenticate_nonprofit_user!, except: %i[new create]
 

app/controllers/nonprofits/tag_joins_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class TagJoinsController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     def index

app/controllers/nonprofits/tag_masters_controller.rb

@@ -3,7 +3,8 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 module Nonprofits
   class TagMastersController < ApplicationController
-    include Controllers::NonprofitHelper
+    include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
     before_action :authenticate_nonprofit_user!
 
     def index

app/controllers/nonprofits_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class NonprofitsController < ApplicationController
-  include Controllers::NonprofitHelper
+  include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
   helper_method :current_nonprofit_user?
   before_action :authenticate_nonprofit_user!, only: %i[dashboard dashboard_metrics dashboard_todos payment_history profile_todos recurring_donation_stats update verify_identity]

app/controllers/roles_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class RolesController < ApplicationController
-  include Controllers::NonprofitHelper
+  include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
   before_action :authenticate_nonprofit_admin!
 

app/controllers/settings_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class SettingsController < ApplicationController
-  include Controllers::NonprofitHelper
+  include Controllers::Nonprofit::Current
+  include Controllers::Nonprofit::Authorization
 
   helper_method :current_nonprofit_user?
   before_action :authenticate_user!

app/controllers/ticket_levels_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class TicketLevelsController < ApplicationController
-  include Controllers::EventHelper
+  include Controllers::Event::Current
+  include Controllers::Event::Authorization
 
   before_action :authenticate_event_editor!, except: %i[index show]
 

app/controllers/tickets_controller.rb

@@ -2,7 +2,8 @@
 
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class TicketsController < ApplicationController
-  include Controllers::EventHelper
+  include Controllers::Event::Current
+  include Controllers::Event::Authorization
 
   helper_method :current_event_admin?, :current_event_editor?
   before_action :authenticate_event_editor!, except: %i[create add_note]

lib/controllers/campaign_helper.rb

@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
-module Controllers::CampaignHelper
-  include Controllers::NonprofitHelper
-
-  private
-
-  def current_campaign
-    @campaign ||= FetchCampaign.with_params params, current_nonprofit
-    raise ActionController::RoutingError, 'Campaign not found' if @campaign.nil?
-
-    @campaign
-  end
-
-  def current_campaign_editor?
-    !params[:preview] && (current_nonprofit_user? || current_role?(:campaign_editor, current_campaign.id) || current_role?(:super_admin))
-  end
-
-  def authenticate_campaign_editor!
-    unless current_campaign_editor?
-      block_with_sign_in 'You need to be a campaign editor to do that.'
-    end
-  end
-end

lib/controllers/event_helper.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
-module Controllers::EventHelper
-  include Controllers::NonprofitHelper
-
-  private
-
-  def current_event_admin?
-    current_nonprofit_admin?
-  end
-
-  def current_event_editor?
-    !params[:preview] && (current_nonprofit_user? || current_role?(:event_editor, current_event.id) || current_role?(:super_admin))
-  end
-
-  def authenticate_event_editor!
-    unless current_event_editor?
-      block_with_sign_in 'You need to be the event organizer or a nonprofit administrator before doing that.'
-    end
-  end
-
-  def current_event
-    @event ||= FetchEvent.with_params params, current_nonprofit
-    raise ActionController::RoutingError, 'Event not found' if @event.nil?
-
-    @event
-  end
-end

lib/controllers/nonprofit_helper.rb

@@ -1,53 +0,0 @@
-# frozen_string_literal: true
-
-# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
-module Controllers::NonprofitHelper
-  private
-
-  def authenticate_nonprofit_user!
-    block_with_sign_in 'Please sign in' unless current_nonprofit_user?
-  end
-
-  def authenticate_nonprofit_admin!
-    block_with_sign_in 'Please sign in' unless current_nonprofit_admin?
-  end
-
-  def current_nonprofit_user?
-    return false if params[:preview]
-    return false unless current_nonprofit_without_exception
-
-    @current_user_role ||= current_role?(%i[nonprofit_admin nonprofit_associate], current_nonprofit_without_exception.id) || current_role?(:super_admin)
-  end
-
-  def current_nonprofit_admin?
-    return false if !current_user || current_user.roles.empty?
-
-    @current_admin_role ||= current_role?(:nonprofit_admin, current_nonprofit.id) || current_role?(:super_admin)
-  end
-
-  def current_nonprofit
-    @nonprofit = current_nonprofit_without_exception
-    raise ActionController::RoutingError, 'Nonprofit not found' if @nonprofit.nil?
-
-    @nonprofit
-  end
-
-  def current_nonprofit_without_exception
-    key = "current_nonprofit_#{current_user_id}_params_#{[params[:state_code], params[:city], params[:name], params[:nonprofit_id], params[:id]].join('_')}"
-    FetchNonprofit.with_params params, administered_nonprofit
-  end
-
-  def donation_stub
-    return current_nonprofit_without_exception.donations.last unless current_nonprofit_without_exception.donations.empty?
-
-    OpenStruct.new(
-      amount: 2000,
-      created_at: Time.zone.now,
-      nonprofit: current_nonprofit_without_exception,
-      campaign: nil,
-      designation: "Donor's designation here",
-      dedication: "Donor's dedication here",
-      id: 1
-    )
-  end
-end