Class: Public::BaseController

Inherits:
Hicube::ApplicationController
  • Object
show all
Defined in:
app/controllers/hicube/public/base_controller.rb

Direct Known Subclasses

PagesController

Instance Method Summary collapse

Instance Method Details

#check_resource_params(options = {}) ⇒ Object

Check resource params are present based on the current controller name.



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'app/controllers/hicube/public/base_controller.rb', line 22

def check_resource_params(options = {})

  # Determine the name based on the current controller if not specified.
  resource_name = options[:name] || controller_name.singularize

  # Determine the class based on the resource name if not provided.
  #FIXME: Do not hardcode engine name
  resource_class = options[:class] || "Hicube::#{resource_name.singularize.camelize}".classify.constantize

  unless params.key?(resource_name)
    notify :error, ::I18n.t('messages.resource.missing_parameters',
      :type     => resource_class.model_name.human
    )

    case action_name.to_sym
    when :create
      redirect_to :action => :new
    when :update
      redirect_to :action => :edit, :id => params[:id]
    else
      redirect_to :action => :index
    end
  end
end

#initialise_current_userObject 



9
10
11
12
 
# File 'app/controllers/hicube/public/base_controller.rb', line 9

def initialise_current_user
  return unless user_signed_in?
  User.current = current_user
end

#load_resource(options = {}) ⇒ Object

Load the relevant resource based on the current controller name.



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
# File 'app/controllers/hicube/public/base_controller.rb', line 48

def load_resource(options = {})

  # Determine the name based on the current controller if not specified.
  resource_name = options[:name] || controller_name.singularize

  # Determine the class based on the resource name if not provided.
  # FIXME: Do not hard code engine name 
  resource_class = options[:class] || "Hicube::#{resource_name.singularize.camelize}".classify.constantize

  resource = resource_class.unscoped.find((params.has_key?(:id) ? params[:id] : 'index'))

  # # Confirm current user has permission to view resource.
  # unless resource.account == current_account
  #   # TODO: log an audit event.

  #   # SECURITY RISK: The user should not be able to distinguish between a
  #   # non-existant resource and another user's resource. This way you can't
  #   # probe to the system and determine another account's data.
  #   raise Mongoid::Errors::DocumentNotFound.new(resource_class, :id => params[:id])
  # end

  # Set an instance variable @resource_name to the resource.
  instance_variable_set("@#{resource_name}", resource)

  rescue Mongoid::Errors::DocumentNotFound => e
  notify :error, ::I18n.t('messages.resource.not_found',
    :type     => resource_class.model_name.human,
    :criteria => resource_class.human_attribute_name(:id),
    :value    => params[:id]
  )
  redirect_to :action => :index
end

#load_resources(options = {}) ⇒ Object

Load all relevant resources based on the current controller name.



82
83
84
85
86
87
88
89
90
 
# File 'app/controllers/hicube/public/base_controller.rb', line 82

def load_resources(options = {})

  # Determine the name based on the current controller if not specified.
  resource_name = options[:name] || controller_name.pluralize

  # Set an instance variable @name to contain the names for this user.
  #FIXME: Do not hard code Hicube here
  instance_variable_set("@#{resource_name}", "Hicube::#{resource_name.singularize.camelize}".classify.constantize.all)
end

#permit_resource_paramsObject 



15
16
17
18
19
 
# File 'app/controllers/hicube/public/base_controller.rb', line 15

def permit_resource_params
  resource = controller_name.singularize.to_sym
  method = "#{resource}_params"
  params[resource] &&= send(method) if respond_to?(method, true)
end