Home Explore Help
Sign In
piratas
/
action-center-platform
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0552141317
Branches Tags
action-cente...
/
app
/
controllers
/
application_controller.rb

application_controller.rb 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. class ApplicationController < ActionController::Base
    2. 

  2.   include ApplicationHelper
    3. 

  3.   include RequestOriginValidation
    4. 

  4. 

  5.   # Prevent CSRF attacks by raising an exception.
    6. 

  6.   # For APIs, you may want to use :null_session instead.
    7. 

  7.   protect_from_forgery with: :exception
    8. 

  8.   before_filter :cors
    9. 

  9.   before_filter :configure_permitted_parameters, if: :devise_controller?
    10. 

  10.   before_filter :set_locale
    11. 

  11.   before_filter :user_conditional_logic
    12. 

  12. 

  13.   skip_before_action :set_ahoy_cookies
    14. 

  14.   skip_before_action :track_ahoy_visit
    15. 

  15.   skip_before_action :set_ahoy_request_store
    16. 

  16. 

  17.   def user_conditional_logic
    18. 

  18.     if user_signed_in?
    19. 

  19.       lock_users_with_expired_passwords! unless user_is_being_told_to_reset_pass_or_is_resetting_pass?
    20. 

  20.     end
    21. 

  21.   end
    22. 

  22. 

  23.   # This method seems to check if the request is coming from a domain listed in
    24. 

  24.   # `cors_allowed_domains` in application.yml, and if it is, the response gets
    25. 

  25.   # a header allowing the requesting domain to use this app's CRUD
    26. 

  26.   def cors
    27. 

  27.     if Actioncenter::Application.config.cors_allowed_domains.include? request.env["HTTP_ORIGIN"] or Actioncenter::Application.config.cors_allowed_domains.include? "*"
    28. 

  28.       response.headers["Access-Control-Allow-Origin"] = request.env["HTTP_ORIGIN"]
    29. 

  29.     end
    30. 

  30.   end
    31. 

  31. 

  32.   def self.manifest(value = nil)
    33. 

  33.     if value.nil?
    34. 

  34.       @manifest
    35. 

  35.     else
    36. 

  36.       @manifest = value
    37. 

  37.     end
    38. 

  38.   end
    39. 

  39. 

  40.   def manifest
    41. 

  41.     self.class.manifest || "application"
    42. 

  42.   end
    43. 

  43. 

  44.   # if the current_user's password is expired, force them to the reset page
    45. 

  45.   # or lock them out of secure areas
    46. 

  46.   def lock_users_with_expired_passwords!
    47. 

  47.     if current_user.password_expired?
    48. 

  48.       verifier = ActiveSupport::MessageVerifier.new(Rails.application.secrets.secret_key_base)
    49. 

  49.       redirect_to sessions_password_reset_path(continue: verifier.generate(request.path))
    50. 

  50.     end
    51. 

  51.   end
    52. 

  52. 

  53.   def user_is_being_told_to_reset_pass_or_is_resetting_pass?
    54. 

  54.     (params[:controller] == "sessions" && params[:action] == "password_reset") ||
    55. 

  55.       (params[:controller] == "registrations" && params[:action] == "update")
    56. 

  56.   end
    57. 

  57. 

  58.   protected
    59. 

  59. 

  60.   def configure_permitted_parameters
    61. 

  61.     devise_parameter_sanitizer.for(:sign_up) << :record_activity
    62. 

  62.     devise_parameter_sanitizer.for(:sign_up) << :subscribe
    63. 

  63.   end
    64. 

  64. 

  65.   def set_locale
    66. 

  66.     I18n.locale = http_accept_language.compatible_language_from(I18n.available_locales)
    67. 

  67.   end
    68. 

  68. end
    69. 

  69.