Class: Caboose::ApplicationController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• Caboose::ApplicationController

Defined in:

app/controllers/caboose/application_controller.rb

Direct Known Subclasses

AdminController, LoginController, LogoutController, PagesController, PermissionsController, PostsController, RegisterController, RolesController, SettingsController, StationController, UsersController

Instance Method Summary

• #before_action ⇒ Object

  To be overridden by the child controllers.

• #before_before_action ⇒ Object
• #logged_in? ⇒ Boolean

  Returns whether or not a user is logged in.

• #logged_in_user ⇒ Object

  Returns the currently logged in user.

• #login_user(user, remember = false) ⇒ Object

  Logs in a user.

• #reject_param(url, param) ⇒ Object

  Removes a given parameter from a URL querystring.

• #user_is_allowed(resource, action) ⇒ Object

  Checks to see if a user has permission to perform the given action on the given resource.

• #validate_cookie ⇒ Object

  Checks to see if a remember me cookie value is present.

• #validate_token ⇒ Object

  Checks to see if a token is given.

• #var(key) ⇒ Object

  def auth_or_error(message) if (!logged_in?) redirect_to “/login?return_url=#requestrequest.request_uri” and return false end redirect_to “/error?message=#message” end.

• #verify_logged_in ⇒ Object

  Redirects to login if not logged in.

Instance Method Details

#before_action ⇒ Object

To be overridden by the child controllers

# File 'app/controllers/caboose/application_controller.rb', line 28

def before_action      
end

#before_before_action ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 7

def before_before_action
  
  # Try to find the page 
  @page = Page.page_with_uri(request.fullpath)
  
  session['use_redirect_urls'] = true if session['use_redirect_urls'].nil?
  
  @crumb_trail  = Caboose::Page.crumb_trail(@page)
@subnav       = {}
  @actions      = {}
  @tasks        = {}
  @page_tasks   = {}
  @is_real_page = false
  
  # Sets an instance variable of the logged in user
  @logged_in_user = logged_in_user
  
  before_action
end

#logged_in? ⇒ Boolean

Returns whether or not a user is logged in

Returns:

• (Boolean)

# File 'app/controllers/caboose/application_controller.rb', line 38

def logged_in?
  validate_token
  validate_cookie
  return true if !session["app_user"].nil? && session["app_user"] != false && session["app_user"].id != -1    
  return false
end

#logged_in_user ⇒ Object

Returns the currently logged in user

# File 'app/controllers/caboose/application_controller.rb', line 69

def logged_in_user
  if (!logged_in?)
    return User.logged_out_user
  end
  #return nil if !logged_in?
  return session["app_user"]
end

#login_user(user, remember = false) ⇒ Object

Logs in a user

# File 'app/controllers/caboose/application_controller.rb', line 32

def login_user(user, remember = false)
  session["app_user"] = user
  cookies.permanent[:caboose_user_id] = user.id if remember
end

#reject_param(url, param) ⇒ Object

Removes a given parameter from a URL querystring

# File 'app/controllers/caboose/application_controller.rb', line 107

def reject_param(url, param)
  arr = url.split('?')
  return url if (arr.count == 1)
  qs = arr[1].split('&').reject { |pair| pair.split(/[=;]/).first == param }
  url2 = arr[0]
  url2 += "?" + qs.join('&') if qs.count > 0 
  return url2
end

#user_is_allowed(resource, action) ⇒ Object

Checks to see if a user has permission to perform the given action on the given resource. Redirects to login if not logged in. Redirects to error page with message if not allowed.

# File 'app/controllers/caboose/application_controller.rb', line 81

def user_is_allowed(resource, action)
  if (!logged_in?)
    redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    return false
  end
  
  @user = logged_in_user
  if (!@user.is_allowed(resource, action))
    @error = "You don't have permission to " + action + " " + resource
    render :template => "caboose/extras/error"
    return false
  end
  
  return true    
end

#validate_cookie ⇒ Object

Checks to see if a remember me cookie value is present.

# File 'app/controllers/caboose/application_controller.rb', line 59

def validate_cookie
  if cookies[:caboose_user_id] && User.exists?(cookies[:caboose_user_id])
    user = User.find(cookies[:caboose_user_id])
    login_user(user)
    return true
  end
  return false
end

#validate_token ⇒ Object

Checks to see if a token is given. If so, it tries to validate the token and log the user in.

# File 'app/controllers/caboose/application_controller.rb', line 47

def validate_token
  token = params[:token]
  return false if token.nil?
  
  user = User.validate_token(token)
  return false if user.nil?
 
  login_user(user)
  return true
end

#var(key) ⇒ Object

def auth_or_error(message)

if (!logged_in?)
  redirect_to "/login?return_url=#{request.request_uri}" and return false
end
redirect_to "/error?message=#{message}"

end

# File 'app/controllers/caboose/application_controller.rb', line 123

def var(key)
  v = Var.where(:key => key).first
    return "" if v.nil?    
  return v.val
end

#verify_logged_in ⇒ Object

Redirects to login if not logged in.

# File 'app/controllers/caboose/application_controller.rb', line 98

def verify_logged_in
  if (!logged_in?)
    redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    return false
  end      
  return true    
end