Class: Caboose::ApplicationController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• Caboose::ApplicationController

Defined in:

app/controllers/caboose/application_controller.rb

Direct Known Subclasses

ApplicationController, AbOptionsController, AbVariantsController, AdminController, BlockTypeCategoriesController, BlockTypeSourcesController, BlockTypeStoreController, BlockTypesController, BlocksController, CalendarsController, CartController, CategoriesController, CheckoutController, DomainsController, EventGroupsController, EventsController, ImagesController, LoginController, LogoutController, MediaCategoriesController, ModalController, OrdersController, PagePermissionsController, PagesController, PermissionsController, PostsController, ProductImagesController, ProductsController, RedirectsController, RegisterController, ReviewsController, RolesController, SettingsController, SitesController, StationController, UsersController, VariantsController, VendorsController

Instance Method Summary

• #before_action ⇒ Object

  To be overridden by the child controllers.

• #before_before_action ⇒ Object
• #hashify_query_string ⇒ Object

  RedirectsConverts querystrings into hashes.

• #init_cart ⇒ Object

  Initialize the cart in the session.

• #logged_in? ⇒ Boolean

  Returns whether or not a user is logged in.

• #logged_in_user ⇒ Object

  Returns the currently logged in user.

• #login_user(user, remember = false) ⇒ Object

  Logs in a user.

• #logout_user ⇒ Object

  Logs a user out.

• #parse_url_params ⇒ Object

  Parses any parameters in the URL and adds them to the params.

• #reject_param(url, param) ⇒ Object

  Removes a given parameter from a URL querystring.

• #user_is_allowed(resource, action) ⇒ Object

  DEPRECATED: Use user_is_allowed_to(action, resource).

• #user_is_allowed_to(action, resource) ⇒ Object

  Checks to see if a user has permission to perform action on resource.

• #validate_cookie ⇒ Object

  Checks to see if a remember me cookie value is present.

• #validate_token ⇒ Object

  Checks to see if a token is given.

• #var(name) ⇒ Object

  def auth_or_error(message) if (!logged_in?) redirect_to “/login?return_url=#requestrequest.request_uri” and return false end redirect_to “/error?message=#message” end.

• #verify_logged_in ⇒ Object

  Redirects to login if not logged in.

Instance Method Details

#before_action ⇒ Object

To be overridden by the child controllers

# File 'app/controllers/caboose/application_controller.rb', line 98

def before_action      
end

#before_before_action ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 11

def before_before_action
  
  # Modify the built-in params array with URL params if necessary
  parse_url_params if Caboose.use_url_params
  
  # Get the site we're working with      
  domain = Domain.where(:domain => request.host_with_port).first
  @site = domain ? domain.site : nil
    
  # Make sure someone is logged in
  if !logged_in?      
    elo = User.find(User::LOGGED_OUT_USER_ID)        
    login_user(elo)
  end
  
  session['use_redirect_urls'] = true if session['use_redirect_urls'].nil?
  
  # Initialize AB Testing
  AbTesting.init(request.session_options[:id]) if Caboose.use_ab_testing            
  
  # Try to find the page 
  @page = Page.new
  @crumbtrail = Crumbtrail.new      
  @subnav       = {}
  @actions      = {}
  @tasks        = {}
  @page_tasks   = {}
  @is_real_page = false
  
  #if @find_page
    @page = Page.page_with_uri(request.host_with_port, request.fullpath)
    @crumb_trail  = Caboose::Page.crumb_trail(@page)		    
  #end
  
  # Sets an instance variable of the logged in user
  @logged_in_user = logged_in_user  
  
  # Initialize the card
  init_cart if Caboose::use_store
  
  before_action
end

#hashify_query_string ⇒ Object

RedirectsConverts querystrings into hashes

# File 'app/controllers/caboose/application_controller.rb', line 235

def hashify_query_string
  if request.query_string && request.query_string.length > 0
    redirect_to request.url.gsub('?', '#')
    return true
  end
  return false
end

#init_cart ⇒ Object

Initialize the cart in the session

# File 'app/controllers/caboose/application_controller.rb', line 55

def init_cart            
  # Check if the cart ID is defined and that it exists in the database
  if !session[:cart_id] || !Order.exists?(session[:cart_id])
    
    # Create an order to associate with the session
    order = Order.create(
      :status => 'cart',
      :financial_status => 'pending',
      :date_created => DateTime.now,
      :referring_site => request.env['HTTP_REFERER'],
      :landing_page => request.fullpath,
      :landing_page_ref => params[:ref] || nil
    )        
    order.update_attribute(:shipping_method_code, Caboose::store_shipping[:default_shipping_method_code]) if Caboose::store_shipping[:default_shipping_method_code]
    
    # Define the cart ID
    session[:cart_id] = order.id
  end
  
  # Log the order and set an instance variable up
  @order = Order.find(session[:cart_id])      
end

#logged_in? ⇒ Boolean

Returns whether or not a user is logged in

Returns:

• (Boolean)

# File 'app/controllers/caboose/application_controller.rb', line 115

def logged_in?
  validate_token
  validate_cookie
  return true if !session["app_user"].nil? && session["app_user"] != false && session["app_user"].id != -1 && session["app_user"].id != User::LOGGED_OUT_USER_ID     
  return false
end

#logged_in_user ⇒ Object

Returns the currently logged in user

# File 'app/controllers/caboose/application_controller.rb', line 146

def logged_in_user
  if (!logged_in?)
    return User.logged_out_user
  end
  #return nil if !logged_in?
  return session["app_user"]
end

#login_user(user, remember = false) ⇒ Object

Logs in a user

# File 'app/controllers/caboose/application_controller.rb', line 109

def login_user(user, remember = false)
  session["app_user"] = user
  cookies.permanent[:caboose_user_id] = user.id if remember
end

#logout_user ⇒ Object

Logs a user out

# File 'app/controllers/caboose/application_controller.rb', line 102

def logout_user
  cookies.delete(:caboose_user_id)
  session["app_user"] = nil
  reset_session
end

#parse_url_params ⇒ Object

Parses any parameters in the URL and adds them to the params

# File 'app/controllers/caboose/application_controller.rb', line 79

def parse_url_params      
  return if !Caboose.use_url_params      
  url = "#{request.fullpath}"
  url[0] = "" if url.starts_with?('/')      
  url = url.split('?')[0] if url.include?('?')      
  arr = url.split('/')      
  i = arr.count - 1
  while i >= 1 do
    k = arr[i-1]
    v = arr[i]    
    if v && v.length > 0
      v = v.gsub('%20', ' ')
      params[k] = v
    end
    i = i-2
  end      
end

#reject_param(url, param) ⇒ Object

Removes a given parameter from a URL querystring

# File 'app/controllers/caboose/application_controller.rb', line 212

def reject_param(url, param)
  arr = url.split('?')
  return url if (arr.count == 1)
  qs = arr[1].split('&').reject { |pair| pair.split(/[=;]/).first == param }
  url2 = arr[0]
  url2 += "?" + qs.join('&') if qs.count > 0 
  return url2
end

#user_is_allowed(resource, action) ⇒ Object

DEPRECATED: Use user_is_allowed_to(action, resource)

Checks to see if a user has permission to perform the given action on the given resource. Redirects to login if not logged in. Redirects to error page with message if not allowed.

# File 'app/controllers/caboose/application_controller.rb', line 160

def user_is_allowed(resource, action)
  if (!logged_in?)
    redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    return false
  end
  
  @user = logged_in_user
  if (!@user.is_allowed(resource, action))
    @error = "You don't have permission to " + action + " " + resource
    @return_url = request.fullpath
    render :template => "caboose/extras/error"
    return false
  end
  
  return true    
end

#user_is_allowed_to(action, resource) ⇒ Object

Checks to see if a user has permission to perform action on resource

Redirects to login if not logged in Redirects to error page with message if not allowed

useful for creating super-readable code, for example:

> return unless user_is_allowed_to 'edit', 'pages'

Even your mom could read that code.

# File 'app/controllers/caboose/application_controller.rb', line 186

def user_is_allowed_to(action, resource)
  unless logged_in?
    redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    return false
  end

  @user = logged_in_user
  unless @user.is_allowed(resource, action)
    @error = "You don't have permission to #{action} #{resource}"
    @return_url = request.fullpath
    render :template => "caboose/extras/error"
    return false
  end
  return true
end

#validate_cookie ⇒ Object

Checks to see if a remember me cookie value is present.

# File 'app/controllers/caboose/application_controller.rb', line 136

def validate_cookie
  if cookies[:caboose_user_id] && User.exists?(cookies[:caboose_user_id])
    user = User.find(cookies[:caboose_user_id])
    login_user(user)
    return true
  end
  return false
end

#validate_token ⇒ Object

Checks to see if a token is given. If so, it tries to validate the token and log the user in.

# File 'app/controllers/caboose/application_controller.rb', line 124

def validate_token
  token = params[:token]
  return false if token.nil?
  
  user = User.validate_token(token)
  return false if user.nil?
 
  login_user(user)
  return true
end

#var(name) ⇒ Object

def auth_or_error(message)

if (!logged_in?)
  redirect_to "/login?return_url=#{request.request_uri}" and return false
end
redirect_to "/error?message=#{message}"

end

# File 'app/controllers/caboose/application_controller.rb', line 228

def var(name)
  s = Setting.where(:name => name).first
  return "" if s.nil?    
  return s.value
end

#verify_logged_in ⇒ Object

Redirects to login if not logged in.

# File 'app/controllers/caboose/application_controller.rb', line 203

def verify_logged_in
  if !logged_in?
    redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)
    return false
  end      
  return true    
end