Class: Caboose::ApplicationController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• Caboose::ApplicationController

Defined in:

app/controllers/caboose/application_controller.rb

Direct Known Subclasses

ApplicationController, AbOptionsController, AbVariantsController, AdminController, BillingAddressesController, BlockTypeCategoriesController, BlockTypeSourcesController, BlockTypeStoreController, BlockTypesController, BlocksController, CalendarsController, CartController, CategoriesController, CheckoutController, DomainsController, EventGroupsController, EventsController, FontsController, GiftCardsController, GoogleSpreadsheetsController, InvoicePackagesController, InvoiceTransactionsController, InvoicesController, LineItemsController, LoginController, LoginLogsController, LogoutController, MediaCategoriesController, MediaController, ModalController, ModificationValueInputFieldsController, ModificationValuesController, ModificationsController, MyAccountController, MyAccountInvoicesController, MyAccountLineItemsController, PageCustomFieldValuesController, PageCustomFieldsController, PagePermissionsController, PagesController, PermissionsController, PostCategoriesController, PostCustomFieldValuesController, PostCustomFieldsController, PostsController, ProductImagesController, ProductsController, RedirectsController, RegisterController, RetargetingController, ReviewsController, RolesController, SettingsController, ShippingAddressesController, ShippingPackagesController, SitesController, SmtpController, SnsController, SocialController, StackableGroupsController, StationController, StoreController, SubscriptionsController, TheCheckoutController, UsersController, VariantsController, VendorsController

Instance Method Summary

• #add_ga_event(cat, action, label = nil, value = nil) ⇒ Object
• #admin_add ⇒ Object
• #admin_bulk_add ⇒ Object
• #admin_bulk_delete ⇒ Object
• #admin_bulk_update ⇒ Object
• #admin_delete ⇒ Object
• #admin_edit ⇒ Object
• #admin_index ⇒ Object

  Standard methods used by model binder.

• #admin_json ⇒ Object
• #admin_json_single ⇒ Object
• #admin_update ⇒ Object
• #before_action ⇒ Object

  To be overridden by the child controllers.

• #before_before_action ⇒ Object
• #hashify_query_string ⇒ Object

  Redirects/Converts querystrings into hashes.

• #init_cart ⇒ Object

  Initialize the cart in the session.

• #logged_in? ⇒ Boolean

  Returns whether or not a user is logged in.

• #logged_in_user ⇒ Object

  Returns the currently logged in user.

• #login_user(user, remember = false) ⇒ Object

  Logs in a user.

• #logout_user ⇒ Object

  Logs a user out.

• #parse_url_params ⇒ Object

  Parses any parameters in the URL and adds them to the params.

• #reject_param(url, param) ⇒ Object

  Removes a given parameter from a URL querystring.

• #under_construction_or_forwarding_domain? ⇒ Boolean

  Make sure we’re not under construction or on a forwarded domain.

• #user_is_allowed(resource, action, json = false) ⇒ Object

  DEPRECATED: Use user_is_allowed_to(action, resource).

• #user_is_allowed_to(action, resource, json = false) ⇒ Object

  Checks to see if a user has permission to perform action on resource.

• #validate_cookie ⇒ Object

  Checks to see if a remember me cookie value is present.

• #validate_token ⇒ Object

  Checks to see if a token is given.

• #var(name) ⇒ Object

  def auth_or_error(message) if (!logged_in?) redirect_to “/login?return_url=#requestrequest.request_uri” and return false end redirect_to “/error?message=#message” end.

• #verify_logged_in ⇒ Object

  Redirects to login if not logged in.

Instance Method Details

#add_ga_event(cat, action, label = nil, value = nil) ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 91

def add_ga_event(cat, action, label = nil, value = nil)
  # Category String Required  Typically the object that was interacted with (e.g. button)
  # Action   String Required  The type of interaction (e.g. click)
  # Label    String Option    Useful for categorizing events (e.g. nav buttons)
  # Value    Number Option    Values must be non-negative. Useful to pass counts (e.g. 4 times)
  @ga_events << [cat, action, label, value]
end

#admin_add ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 296

def admin_add()         raise 'This method should be overridden.' end

#admin_bulk_add ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 297

def admin_bulk_add()    raise 'This method should be overridden.' end

#admin_bulk_delete ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 299

def admin_bulk_delete() raise 'This method should be overridden.' end

#admin_bulk_update ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 295

def admin_bulk_update() raise 'This method should be overridden.' end

#admin_delete ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 298

def admin_delete()      raise 'This method should be overridden.' end

#admin_edit ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 293

def admin_edit()        raise 'This method should be overridden.' end

#admin_index ⇒ Object

Standard methods used by model binder

# File 'app/controllers/caboose/application_controller.rb', line 290

def admin_index()       raise 'This method should be overridden.' end

#admin_json ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 291

def admin_json()        raise 'This method should be overridden.' end

#admin_json_single ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 292

def admin_json_single() raise 'This method should be overridden.' end

#admin_update ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 294

def admin_update()      raise 'This method should be overridden.' end

#before_action ⇒ Object

To be overridden by the child controllers

# File 'app/controllers/caboose/application_controller.rb', line 119

def before_action      
end

#before_before_action ⇒ Object

# File 'app/controllers/caboose/application_controller.rb', line 11

def before_before_action           
  
  # Modify the built-in params array with URL params if necessary
  parse_url_params if Caboose.use_url_params
  
  @use_page_cache = !request.fullpath.starts_with?('/admin')
        
  # Get the site we're working with      
  @domain = Domain.where(:domain => request.host_with_port).first      
  @site = @domain ? @domain.site : nil      
  if @domain.nil? || @site.nil?
    Caboose.log("Error: No site configured for #{request.host_with_port}")
  end
  
  # Set the site in any mailers
  CabooseMailer.site = @site
    
  # Make sure someone is logged in
  if !logged_in? && @site                
    elo = User.logged_out_user(@site.id)        
    login_user(elo) if elo
  end
  
  session['use_redirect_urls'] = true if session['use_redirect_urls'].nil?
  
  # Initialize AB Testing
  AbTesting.init(request.session_options[:id]) if Caboose.use_ab_testing            
  
  # Try to find the page
  @request = request      
  @page = Page.new
  @crumbtrail = Crumbtrail.new      
  @subnav       = {}
  @actions      = {}
  @tasks        = {}
  @page_tasks   = {}
  @is_real_page = false
  @ga_events    = []      
  
  #if @find_page
    @page = Page.page_with_uri(request.host_with_port, request.fullpath)
    @crumb_trail  = Caboose::Page.crumb_trail(@page)		    
  #end
  
  # Sets an instance variable of the logged in user
  @logged_in_user = logged_in_user  
  
  # Initialize the card
  init_cart if @site && @site.use_store && !@domain.under_construction
  
  before_action
end

#hashify_query_string ⇒ Object

Redirects/Converts querystrings into hashes

# File 'app/controllers/caboose/application_controller.rb', line 281

def hashify_query_string
  if request.query_string && request.query_string.length > 0
    redirect_to request.url.gsub('?', '#')
    return true
  end
  return false
end

#init_cart ⇒ Object

Initialize the cart in the session

# File 'app/controllers/caboose/application_controller.rb', line 65

def init_cart            
  # Check if the cart ID is defined and that it exists in the database
  create_new_invoice = false
  if session[:cart_id]
    @invoice = Caboose::Invoice.where(:id => session[:cart_id]).first
    create_new_invoice = true if @invoice.nil? || @invoice.status != 'cart'                    
  else                        
    create_new_invoice = true                         
  end

  if create_new_invoice # Create an invoice to associate with the session        
    @invoice = Caboose::Invoice.new        
    @invoice.site_id          = @site ? @site.id : nil
    @invoice.status           = Caboose::Invoice::STATUS_CART
    @invoice.financial_status = Caboose::Invoice::STATUS_PENDING
    @invoice.date_created     = DateTime.now
    @invoice.referring_site   = request.env['HTTP_REFERER']
    @invoice.landing_page     = request.fullpath
    @invoice.landing_page_ref = params[:ref] || nil
    @invoice.payment_terms    = @site.store_config.default_payment_terms
    @invoice.save
    # Save the cart ID in the session
    session[:cart_id] = @invoice.id
  end                  
end

#logged_in? ⇒ Boolean

Returns whether or not a user is logged in

Returns:

• (Boolean)

# File 'app/controllers/caboose/application_controller.rb', line 143

def logged_in?
  validate_token
  validate_cookie
  return true if !session["app_user"].nil? && session["app_user"] != false && session["app_user"].id != -1 && session["app_user"].id != User.logged_out_user_id(@site.id)
  return false
end

#logged_in_user ⇒ Object

Returns the currently logged in user

# File 'app/controllers/caboose/application_controller.rb', line 176

def logged_in_user
  if (!logged_in?)
    return User.logged_out_user(@site.id)
  end
  #return nil if !logged_in?
  return Caboose::User.where(:id => session["app_user"].id).first
end

#login_user(user, remember = false) ⇒ Object

Logs in a user

# File 'app/controllers/caboose/application_controller.rb', line 130

def login_user(user, remember = false)
  session["app_user"] = Caboose::StdClass.new({      
    :id         => user.id         ,
    :site_id    => user.site_id    ,
    :first_name => user.first_name ,
    :last_name  => user.last_name  ,
    :username   => user.username   ,
    :email      => user.email                             
  })  
  cookies.permanent[:caboose_user_id] = user.id if remember
end

#logout_user ⇒ Object

Logs a user out

# File 'app/controllers/caboose/application_controller.rb', line 123

def logout_user
  cookies.delete(:caboose_user_id)
  session["app_user"] = nil
  reset_session
end

#parse_url_params ⇒ Object

Parses any parameters in the URL and adds them to the params

# File 'app/controllers/caboose/application_controller.rb', line 100

def parse_url_params      
  return if !Caboose.use_url_params      
  url = "#{request.fullpath}"
  url[0] = "" if url.starts_with?('/')      
  url = url.split('?')[0] if url.include?('?')      
  arr = url.split('/')      
  i = arr.count - 1
  while i >= 1 do
    k = arr[i-1]
    v = arr[i]    
    if v && v.length > 0
      v = v.gsub('%20', ' ')
      params[k] = v
    end
    i = i-2
  end      
end

#reject_param(url, param) ⇒ Object

Removes a given parameter from a URL querystring

# File 'app/controllers/caboose/application_controller.rb', line 258

def reject_param(url, param)
  arr = url.split('?')
  return url if (arr.count == 1)
  qs = arr[1].split('&').reject { |pair| pair.split(/[=;]/).first == param }
  url2 = arr[0]
  url2 += "?" + qs.join('&') if qs.count > 0 
  return url2
end

#under_construction_or_forwarding_domain? ⇒ Boolean

Make sure we’re not under construction or on a forwarded domain

Returns:

• (Boolean)

# File 'app/controllers/caboose/application_controller.rb', line 302

def under_construction_or_forwarding_domain?
        
  d = Caboose::Domain.where(:domain => request.host_with_port).first
  if d.nil?
    Caboose.log("Could not find domain for #{request.host_with_port}\nAdd this domain to the caboose site.")
  elsif d.under_construction == true
    if d.site.under_construction_html && d.site.under_construction_html.strip.length > 0 
      render :text => d.site.under_construction_html
    else 
      render :file => 'caboose/application/under_construction', :layout => false
    end
    return true
  # See if we're on a forwarding domain
  elsif d.primary == false && d.forward_to_primary == true
    pd = d.site.primary_domain
    if pd && pd.domain != request.host
      url = "#{request.protocol}#{pd.domain}"
      if d.forward_to_uri && d.forward_to_uri.strip.length > 0
        url << d.forward_to_uri
      elsif request.fullpath && request.fullpath.strip.length > 0 && request.fullpath.strip != '/'
        url << request.fullpath
      end
      redirect_to url
      return true
    end
  # Check for a 301 redirect
  else
    new_url = PermanentRedirect.match(@site.id, request.fullpath)        
    if new_url
      redirect_to new_url, :status => 301
      return true
    end        
  end
  return false
end

#user_is_allowed(resource, action, json = false) ⇒ Object

DEPRECATED: Use user_is_allowed_to(action, resource)

Checks to see if a user has permission to perform the given action on the given resource. Redirects to login if not logged in. Redirects to error page with message if not allowed.

# File 'app/controllers/caboose/application_controller.rb', line 190

def user_is_allowed(resource, action, json = false)
  if !logged_in?
    if json
      render :json => false
    else
      redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    end
    return false
  end
  
  @user = logged_in_user
  if !@user.is_allowed(resource, action)        
    if json
      render :json => false
    else
      @error = "You don't have permission to " + action + " " + resource
      @return_url = request.fullpath
      render :template => "caboose/extras/error"
    end
    return false
  end
  
  return true    
end

#user_is_allowed_to(action, resource, json = false) ⇒ Object

Checks to see if a user has permission to perform action on resource

Redirects to login if not logged in Redirects to error page with message if not allowed

useful for creating super-readable code, for example:

> return unless user_is_allowed_to 'edit', 'pages'

Even your mom could read that code.

# File 'app/controllers/caboose/application_controller.rb', line 224

def user_is_allowed_to(action, resource, json = false)
  unless logged_in?
    if json
      render :json => { :error => 'Not logged in.' }
    else
      redirect_to "/login?return_url=" + URI.encode(request.fullpath)
    end
    return false
  end

  @user = logged_in_user
  unless @user.is_allowed(resource, action)
    if json
      render :json => { :error => "You don't have permission." }
    else          
      @error = "You don't have permission to #{action} #{resource}"
      @return_url = request.fullpath
      render :template => "caboose/extras/error"
    end
    return false
  end
  return true
end

#validate_cookie ⇒ Object

Checks to see if a remember me cookie value is present.

# File 'app/controllers/caboose/application_controller.rb', line 164

def validate_cookie     
  if cookies[:caboose_user_id]
    user = User.where(:id => cookies[:caboose_user_id]).first
    if user        
      login_user(user)
      return true
    end
  end
  return false
end

#validate_token ⇒ Object

Checks to see if a token is given. If so, it tries to validate the token and log the user in.

# File 'app/controllers/caboose/application_controller.rb', line 152

def validate_token
  token = params[:token]
  return false if token.nil?
  
  user = User.validate_token(token)
  return false if user.nil?
 
  login_user(user)
  return true
end

#var(name) ⇒ Object

def auth_or_error(message)

if (!logged_in?)
  redirect_to "/login?return_url=#{request.request_uri}" and return false
end
redirect_to "/error?message=#{message}"

end

# File 'app/controllers/caboose/application_controller.rb', line 274

def var(name)
  s = Setting.where(:name => name).first
  return "" if s.nil?    
  return s.value
end

#verify_logged_in ⇒ Object

Redirects to login if not logged in.

# File 'app/controllers/caboose/application_controller.rb', line 249

def verify_logged_in
  if !logged_in?
    redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)
    return false
  end      
  return true    
end