Class: RailsBaseApplicationController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• RailsBaseApplicationController

Includes:

RailsBase::AppearanceHelper, RailsBase::ApplicationHelper, RailsBase::CaptureReferenceHelper

Defined in:

app/controllers/rails_base_application_controller.rb

Direct Known Subclasses

RailsBase::AdminController, RailsBase::ErrorsController, RailsBase::Mfa::EvaluationController, RailsBase::Mfa::Register::SmsController, RailsBase::Mfa::Register::TotpController, RailsBase::Mfa::Validate::SmsController, RailsBase::Mfa::Validate::TotpController, RailsBase::SecondaryAuthenticationController, RailsBase::UserSettingsController

Constant Summary

Constants included from RailsBase::CaptureReferenceHelper

RailsBase::CaptureReferenceHelper::CAPTURE_ACTION_NAME, RailsBase::CaptureReferenceHelper::CAPTURE_CONTROLLER_PATH, RailsBase::CaptureReferenceHelper::CAPTURE_REFERRED_PATH

Constants included from RailsBase::AppearanceHelper

RailsBase::AppearanceHelper::APPEARANCE_MODE_ACTUAL_COOKIE, RailsBase::AppearanceHelper::APPEARANCE_MODE_COOKIE, RailsBase::AppearanceHelper::APPEARANCE_TEXT_CLASS, RailsBase::AppearanceHelper::VIEWPORT_EXTRA_LARGE, RailsBase::AppearanceHelper::VIEWPORT_EXTRA_SMALL, RailsBase::AppearanceHelper::VIEWPORT_LARGE, RailsBase::AppearanceHelper::VIEWPORT_MEDIUM, RailsBase::AppearanceHelper::VIEWPORT_MOBILE_MAX, RailsBase::AppearanceHelper::VIEWPORT_SIZES, RailsBase::AppearanceHelper::VIEWPORT_SMALL

Constants included from RailsBase::ApplicationHelper

RailsBase::ApplicationHelper::TIMEZONE_OFFSET_COOKIE, RailsBase::ApplicationHelper::TIMEZONE_SESSION_NAME

Instance Method Summary

• #admin_impersonation_session? ⇒ Boolean
• #admin_reset_impersonation_session! ⇒ Object
• #admin_user? ⇒ Boolean
• #capture_admin_action ⇒ Object
• #is_timeout_error? ⇒ Boolean
• #populate_admin_actions ⇒ Object
• #set_time_zone ⇒ Object

Methods included from RailsBase::CaptureReferenceHelper

#authenticate_user!, #capture_and_clear_reference_redirect!, #capture_clear_reference_from_sesssion!, #capture_reference, #redirect_from_reference, #reference_redirect, #skip_capture_reference!, #skip_capture_reference?, #use_capture_reference?

Methods included from RailsBase::AppearanceHelper

#appearance_mode_drop_down, #appearance_text_class, #footer_mode_case, #force_sticky_mode!

Methods included from RailsBase::ApplicationHelper

#admin_reset_session!, #browser, #is_mobile?, #is_safari?, #mfa_fallback?

Instance Method Details

#admin_impersonation_session? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/rails_base_application_controller.rb', line 53

def admin_impersonation_session?
  return false if current_user.nil?
  return false unless encrypted_val = session[RailsBase::Authentication::Constants::ADMIN_REMEMBER_REASON].presence

  token = admin_get_token(encrypted_val: encrypted_val)
  if token.failure?
    logger.warn "Failed to parse encrypted token. Either expired or was not present"
    flash[:alert] = 'Failed to retrieve Session token. Retry action'
    redirect_to RailsBase.url_routes.admin_base_path
    return false
  else
    logger.info "Found original_admin_user_id"
    @original_admin_user_id = token.user_id
  end
  true
end

#admin_reset_impersonation_session! ⇒ Object

# File 'app/controllers/rails_base_application_controller.rb', line 70

def admin_reset_impersonation_session!
  return unless admin_impersonation_session?

  # at this point we know there is an impersonation
  admin_user = User.find @original_admin_user_id
  admin_set_token_on_session(admin_user: admin_user, other_user: current_user)
end

#admin_user? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/rails_base_application_controller.rb', line 78

def admin_user?
  return if RailsBase.config.admin.view_admin_page?(current_user)

  session.clear
  sign_out(current_user)

  flash[:alert] = 'Unauthorized action. You have been signed out'
  redirect_to RailsBase.url_routes.unauthenticated_root_path
end

#capture_admin_action ⇒ Object

# File 'app/controllers/rails_base_application_controller.rb', line 96

def capture_admin_action
  # ToDo: Turn this into a service
  # ToDo: All admin actions come there here: Allow this to be confirugable on or off
  _controller = ActiveSupport::Inflector.camelize("#{params[:controller]}_controller")
  admin_user =
    if _controller == RailsBase::AdminController.to_s
      current_user
    else
      @original_admin_user_id ? User.find(@original_admin_user_id) : nil
    end

  # Means we are not in the admin controller or we are not impersonating
  return if admin_user.nil? || @_admin_action_struct == false

  # Admin action for all routes
  (RailsBase::Admin::ActionHelper.actions.dig(RailsBase::Admin::ActionHelper::ACTIONS_KEY) || []).each do |helper|
    Rails.logger.warn("Admin Action for every action")
    helper.call(req: request, params: params, admin_user: admin_user, user: current_user, struct: @_admin_action_struct)
  end

  # Admin action for all controller routes
  object = RailsBase::Admin::ActionHelper.actions.dig(_controller, RailsBase::Admin::ActionHelper::CONTROLLER_ACTIONS_KEY) || []
  object.each do |helper|
    Rails.logger.warn("Admin Action for #{_controller}")
    helper.call(req: request, params: params, admin_user: admin_user, user: current_user, struct: @_admin_action_struct)
  end

  # Admin action for all controller action specific routes
  (RailsBase::Admin::ActionHelper.actions.dig(_controller, params[:action].to_s) || []).each do |helper|
    Rails.logger.warn("Admin Action for #{_controller}##{params[:action]}")
    helper.call(req: request, params: params, admin_user: admin_user, user: current_user, struct: @_admin_action_struct)
  end
end

#is_timeout_error? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/rails_base_application_controller.rb', line 46

def is_timeout_error?
  return if current_user || !params.keys.include?('timeout')

  flash[:notice] = nil
  flash[:alert] = 'Your session expired. Please sign in again to continue.'
end

#populate_admin_actions ⇒ Object

# File 'app/controllers/rails_base_application_controller.rb', line 88

def populate_admin_actions
  return if session[RailsBase::Authentication::Constants::ADMIN_REMEMBER_REASON].present?
  return if current_user.nil?
  return unless request.fullpath == RailsBase.url_routes.authenticated_root_path

  @__admin_actions_array = AdminAction.get_cache_items(user: current_user, alltime: true)
end

#set_time_zone ⇒ Object

# File 'app/controllers/rails_base_application_controller.rb', line 22

def set_time_zone
  return unless RailsBase.config.user.tz_user_defined?
  return if current_user.nil?

  # esape this since this is not signed
  offset = cookies[TIMEZONE_OFFSET_COOKIE].to_i

  cookie_tz = ActiveSupport::TimeZone[((offset * -1) / 60.0)]

  if session_tz = session[TIMEZONE_SESSION_NAME]
    # if session exists
    if cookie_tz && session_tz != cookie_tz.name
      # if cookie exists and cookie_tz does not match, update db and session
      current_user.update_tz(tz_name: cookie_tz.name)
      session[TIMEZONE_SESSION_NAME] = cookie_tz.name
    end
  else
    # if session timezone does not exist, attempt to push to DB and set to session
    current_user.update_tz(tz_name: cookie_tz.name)
    session[TIMEZONE_SESSION_NAME] = cookie_tz.name
  end
  Thread.current[TIMEZONE_THREAD_NAME] = session[TIMEZONE_SESSION_NAME]
end