Class: Caboose::ApplicationController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• Caboose::ApplicationController

Defined in:

app/controllers/caboose/application_controller.rb

Direct Known Subclasses

ApplicationController, AbOptionsController, AbVariantsController, AdminController, BillingAddressesController, BlockTypeCategoriesController, BlockTypeSourcesController, BlockTypeStoreController, BlockTypesController, BlocksController, CalendarsController, CartController, CategoriesController, CheckoutController, DomainsController, EventGroupsController, EventsController, GiftCardsController, GoogleSpreadsheetsController, ImagesController, LineItemsController, LoginController, LogoutController, MediaCategoriesController, ModalController, ModificationValuesController, ModificationsController, MyAccountController, MyAccountLineItemsController, MyAccountOrdersController, OrderPackagesController, OrdersController, PagePermissionsController, PagesController, PermissionsController, PostsController, ProductImagesController, ProductsController, RedirectsController, RegisterController, RetargetingController, ReviewsController, RolesController, SettingsController, ShippingAddressesController, ShippingPackagesController, SitesController, SmtpController, SocialController, StackableGroupsController, StationController, StoreController, UsersController, VariantsController, VendorsController

Instance Method Summary

• #admin_add ⇒ Object
• #admin_bulk_add ⇒ Object
• #admin_bulk_delete ⇒ Object
• #admin_bulk_update ⇒ Object
• #admin_delete ⇒ Object
• #admin_edit ⇒ Object
• #admin_index ⇒ Object

  Standard methods used by model binder.

• #admin_json ⇒ Object
• #admin_json_single ⇒ Object
• #admin_update ⇒ Object
• #before_action ⇒ Object

  To be overridden by the child controllers.

• #before_before_action ⇒ Object
• #hashify_query_string ⇒ Object

  Redirects/Converts querystrings into hashes.

• #init_cart ⇒ Object

  Initialize the cart in the session.

• #logged_in? ⇒ Boolean

  Returns whether or not a user is logged in.

• #logged_in_user ⇒ Object

  Returns the currently logged in user.

• #login_user(user, remember = false) ⇒ Object

  Logs in a user.

• #logout_user ⇒ Object

  Logs a user out.

• #parse_url_params ⇒ Object

  Parses any parameters in the URL and adds them to the params.

• #reject_param(url, param) ⇒ Object

  Removes a given parameter from a URL querystring.

• #under_construction_or_forwarding_domain? ⇒ Boolean

  Make sure we’re not under construction or on a forwarded domain.

• #user_is_allowed(resource, action) ⇒ Object

  DEPRECATED: Use user_is_allowed_to(action, resource).

• #user_is_allowed_to(action, resource) ⇒ Object

  Checks to see if a user has permission to perform action on resource.

• #validate_cookie ⇒ Object

  Checks to see if a remember me cookie value is present.

• #validate_token ⇒ Object

  Checks to see if a token is given.

• #var(name) ⇒ Object

  def auth_or_error(message) if (!logged_in?) redirect_to “/login?return_url=#requestrequest.request_uri” and return false end redirect_to “/error?message=#message” end.

• #verify_logged_in ⇒ Object

  Redirects to login if not logged in.

Instance Method Details

#admin_add ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 254

def admin_add()         raise 'This method should be overridden.' end

#admin_bulk_add ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 255

def admin_bulk_add()    raise 'This method should be overridden.' end

#admin_bulk_delete ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 257

def admin_bulk_delete() raise 'This method should be overridden.' end

#admin_bulk_update ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 253

def admin_bulk_update() raise 'This method should be overridden.' end

#admin_delete ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 256

def admin_delete()      raise 'This method should be overridden.' end

#admin_edit ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 251

def admin_edit()        raise 'This method should be overridden.' end

#admin_index ⇒ Object

Standard methods used by model binder

# File 'app/controllers/caboose/application_controller.rb', line 248

def admin_index()       raise 'This method should be overridden.' end

#admin_json ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 249

def admin_json()        raise 'This method should be overridden.' end

#admin_json_single ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 250

def admin_json_single() raise 'This method should be overridden.' end

#admin_update ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 252

def admin_update()      raise 'This method should be overridden.' end

#before_action ⇒ Object

To be overridden by the child controllers

# File 'app/controllers/caboose/application_controller.rb', line 102

def before_action      
end

#before_before_action ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 11

def before_before_action            
  # Modify the built-in params array with URL params if necessary
  parse_url_params if Caboose.use_url_params
  
  @use_page_cache = !request.fullpath.starts_with?('/admin')
  
  # Get the site we're working with      
  domain = Domain.where(:domain => request.host_with_port).first
  @site = domain ? domain.site : nil
    
  # Make sure someone is logged in
  if !logged_in?      
    elo = User.find(User::LOGGED_OUT_USER_ID)        
    login_user(elo)
  end
  
  session['use_redirect_urls'] = true if session['use_redirect_urls'].nil?
  
  # Initialize AB Testing
  AbTesting.init(request.session_options[:id]) if Caboose.use_ab_testing            
  
  # Try to find the page
  @request = request
  @page = Page.new
  @crumbtrail = Crumbtrail.new      
  @subnav       = {}
  @actions      = {}
  @tasks        = {}
  @page_tasks   = {}
  @is_real_page = false
  
  #if @find_page
    @page = Page.page_with_uri(request.host_with_port, request.fullpath)
    @crumb_trail  = Caboose::Page.crumb_trail(@page)		    
  #end
  
  # Sets an instance variable of the logged in user
  @logged_in_user = logged_in_user  
  
  # Initialize the card
  init_cart if @site && @site.use_store && !domain.under_construction
  
  before_action
end

#hashify_query_string ⇒ Object

Redirects/Converts querystrings into hashes

# File 'app/controllers/caboose/application_controller.rb', line 239

def hashify_query_string
  if request.query_string && request.query_string.length > 0
    redirect_to request.url.gsub('?', '#')
    return true
  end
  return false
end

#init_cart ⇒ Object

Initialize the cart in the session

# File 'app/controllers/caboose/application_controller.rb', line 57

def init_cart            
  # Check if the cart ID is defined and that it exists in the database
  create_new_order = false
  if session[:cart_id]
    @order = Caboose::Order.where(:id => session[:cart_id]).first
    create_new_order = true if @order.nil? || @order.status != 'cart'                    
  else                        
    create_new_order = true                         
  end

  if create_new_order # Create an order to associate with the session        
    @order = Caboose::Order.new        
    @order.site_id          = @site ? @site.id : nil
    @order.status           = Caboose::Order::STATUS_CART
    @order.financial_status = Caboose::Order::STATUS_PENDING
    @order.date_created     = DateTime.now
    @order.referring_site   = request.env['HTTP_REFERER']
    @order.landing_page     = request.fullpath
    @order.landing_page_ref = params[:ref] || nil
    @order.save
    # Save the cart ID in the session
    session[:cart_id] = @order.id
  end                  
end

#logged_in? ⇒ Boolean

Returns whether or not a user is logged in

Returns:

• (Boolean)

# File 'app/controllers/caboose/application_controller.rb', line 119

def logged_in?
  validate_token
  validate_cookie
  return true if !session["app_user"].nil? && session["app_user"] != false && session["app_user"].id != -1 && session["app_user"].id != User::LOGGED_OUT_USER_ID     
  return false
end

#logged_in_user ⇒ Object

Returns the currently logged in user

# File 'app/controllers/caboose/application_controller.rb', line 150

def logged_in_user
  if (!logged_in?)
    return User.logged_out_user
  end
  #return nil if !logged_in?
  return session["app_user"]
end

#login_user(user, remember = false) ⇒ Object

Logs in a user

# File 'app/controllers/caboose/application_controller.rb', line 113

def login_user(user, remember = false)
  session["app_user"] = user
  cookies.permanent[:caboose_user_id] = user.id if remember
end

#logout_user ⇒ Object

Logs a user out

# File 'app/controllers/caboose/application_controller.rb', line 106

def logout_user
  cookies.delete(:caboose_user_id)
  session["app_user"] = nil
  reset_session
end

#parse_url_params ⇒ Object

Parses any parameters in the URL and adds them to the params

# File 'app/controllers/caboose/application_controller.rb', line 83

def parse_url_params      
  return if !Caboose.use_url_params      
  url = "#{request.fullpath}"
  url[0] = "" if url.starts_with?('/')      
  url = url.split('?')[0] if url.include?('?')      
  arr = url.split('/')      
  i = arr.count - 1
  while i >= 1 do
    k = arr[i-1]
    v = arr[i]    
    if v && v.length > 0
      v = v.gsub('%20', ' ')
      params[k] = v
    end
    i = i-2
  end      
end

#reject_param(url, param) ⇒ Object

Removes a given parameter from a URL querystring

# File 'app/controllers/caboose/application_controller.rb', line 216

def reject_param(url, param)
  arr = url.split('?')
  return url if (arr.count == 1)
  qs = arr[1].split('&').reject { |pair| pair.split(/[=;]/).first == param }
  url2 = arr[0]
  url2 += "?" + qs.join('&') if qs.count > 0 
  return url2
end

#under_construction_or_forwarding_domain? ⇒ Boolean

Make sure we’re not under construction or on a forwarded domain

Returns:

• (Boolean)

# File 'app/controllers/caboose/application_controller.rb', line 260

def under_construction_or_forwarding_domain?
  
  d = Caboose::Domain.where(:domain => request.host_with_port).first
  if d.nil?
    Caboose.log("Could not find domain for #{request.host_with_port}\nAdd this domain to the caboose site.")
  elsif d.under_construction == true
    if d.site.under_construction_html && d.site.under_construction_html.strip.length > 0 
      render :text => d.site.under_construction_html
    else 
      render :file => 'caboose/application/under_construction', :layout => false
    end
    return true
  # See if we're on a forwarding domain
  elsif d.primary == false && d.forward_to_primary == true
    pd = d.site.primary_domain
    if pd && pd.domain != request.host
      url = "#{request.protocol}#{pd.domain}"
      if request.fullpath && request.fullpath.strip.length > 0 && request.fullpath.strip != '/'
        url << request.fullpath
      end
      redirect_to url
      return true
    end
  # Check for a 301 redirect
  else
    new_url = PermanentRedirect.match(@site.id, request.fullpath)        
    if new_url
      redirect_to new_url, :status => 301
      return true
    end        
  end
  return false
end

#user_is_allowed(resource, action) ⇒ Object

DEPRECATED: Use user_is_allowed_to(action, resource)

Checks to see if a user has permission to perform the given action on the given resource. Redirects to login if not logged in. Redirects to error page with message if not allowed.

# File 'app/controllers/caboose/application_controller.rb', line 164

def user_is_allowed(resource, action)
  if (!logged_in?)
    redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    return false
  end
  
  @user = logged_in_user
  if (!@user.is_allowed(resource, action))
    @error = "You don't have permission to " + action + " " + resource
    @return_url = request.fullpath
    render :template => "caboose/extras/error"
    return false
  end
  
  return true    
end

#user_is_allowed_to(action, resource) ⇒ Object

Checks to see if a user has permission to perform action on resource

Redirects to login if not logged in Redirects to error page with message if not allowed

useful for creating super-readable code, for example:

> return unless user_is_allowed_to 'edit', 'pages'

Even your mom could read that code.

# File 'app/controllers/caboose/application_controller.rb', line 190

def user_is_allowed_to(action, resource)
  unless logged_in?
    redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    return false
  end

  @user = logged_in_user
  unless @user.is_allowed(resource, action)
    @error = "You don't have permission to #{action} #{resource}"
    @return_url = request.fullpath
    render :template => "caboose/extras/error"
    return false
  end
  return true
end

#validate_cookie ⇒ Object

Checks to see if a remember me cookie value is present.

# File 'app/controllers/caboose/application_controller.rb', line 140

def validate_cookie
  if cookies[:caboose_user_id] && User.exists?(cookies[:caboose_user_id])
    user = User.find(cookies[:caboose_user_id])
    login_user(user)
    return true
  end
  return false
end

#validate_token ⇒ Object

Checks to see if a token is given. If so, it tries to validate the token and log the user in.

# File 'app/controllers/caboose/application_controller.rb', line 128

def validate_token
  token = params[:token]
  return false if token.nil?
  
  user = User.validate_token(token)
  return false if user.nil?
 
  login_user(user)
  return true
end

#var(name) ⇒ Object

def auth_or_error(message)

if (!logged_in?)
  redirect_to "/login?return_url=#{request.request_uri}" and return false
end
redirect_to "/error?message=#{message}"

end

# File 'app/controllers/caboose/application_controller.rb', line 232

def var(name)
  s = Setting.where(:name => name).first
  return "" if s.nil?    
  return s.value
end

#verify_logged_in ⇒ Object

Redirects to login if not logged in.

# File 'app/controllers/caboose/application_controller.rb', line 207

def verify_logged_in
  if !logged_in?
    redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)
    return false
  end      
  return true    
end