2009-01-06 11:49:19 +01:00
|
|
|
class ApplicationController < ActionController::Base
|
2009-03-24 17:01:10 +01:00
|
|
|
|
2011-05-11 13:38:46 +02:00
|
|
|
protect_from_forgery
|
2009-08-13 16:32:38 +02:00
|
|
|
before_filter :select_foodcoop, :authenticate, :store_controller
|
2009-03-09 13:02:43 +01:00
|
|
|
after_filter :remove_controller
|
2011-05-11 13:38:46 +02:00
|
|
|
|
|
|
|
helper_method :current_user
|
2009-01-06 11:49:19 +01:00
|
|
|
|
|
|
|
# Returns the controller handling the current request.
|
|
|
|
def self.current
|
|
|
|
Thread.current[:application_controller]
|
|
|
|
end
|
2009-01-15 18:26:37 +01:00
|
|
|
|
|
|
|
# Use this method to call a rake task,,
|
|
|
|
# e.g. to deliver mails after there are created.
|
|
|
|
def call_rake(task, options = {})
|
2009-03-24 17:25:33 +01:00
|
|
|
options[:rails_env] ||= Foodsoft.env
|
2009-01-15 18:26:37 +01:00
|
|
|
args = options.map { |n, v| "#{n.to_s.upcase}='#{v}'" }
|
|
|
|
system "/usr/bin/rake #{task} #{args.join(' ')} --trace 2>&1 >> #{Rails.root}/log/rake.log &"
|
|
|
|
end
|
|
|
|
|
2009-01-06 11:49:19 +01:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def current_user
|
2011-05-11 13:38:46 +02:00
|
|
|
# check if there is a valid session and return the logged-in user (its object)
|
|
|
|
if session[:user_id] and params[:foodcoop]
|
|
|
|
# for shared-host installations. check if the cookie-subdomain fits to request.
|
|
|
|
@current_user ||= User.find(session[:user_id]) if params[:foodcoop] == Foodsoft.env
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
2010-03-20 02:26:30 +01:00
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def deny_access
|
|
|
|
self.return_to = request.request_uri
|
2011-05-11 13:38:46 +02:00
|
|
|
redirect_to login_url, :alert => 'Access denied!'
|
2010-03-20 02:26:30 +01:00
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2009-03-24 17:32:56 +01:00
|
|
|
private
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def authenticate(role = 'any')
|
|
|
|
# Attempt to retrieve authenticated user from controller instance or session...
|
2011-05-11 13:38:46 +02:00
|
|
|
if !current_user
|
2010-03-20 02:26:30 +01:00
|
|
|
# No user at all: redirect to login page.
|
2011-05-11 13:38:46 +02:00
|
|
|
session[:user_id] = nil
|
|
|
|
session['return_to'] = request.fullpath
|
|
|
|
redirect_to login_url, :alert => 'Authentication required!'
|
2010-03-20 02:26:30 +01:00
|
|
|
else
|
|
|
|
# We have an authenticated user, now check role...
|
|
|
|
# Roles gets the user through his memberships.
|
|
|
|
hasRole = case role
|
2011-05-18 15:52:06 +02:00
|
|
|
when "admin" then current_user.role_admin?
|
|
|
|
when "finance" then current_user.role_finance?
|
|
|
|
when "article_meta" then current_user.role_article_meta?
|
|
|
|
when "suppliers" then current_user.role_suppliers?
|
|
|
|
when "orders" then current_user.role_orders?
|
2010-03-20 02:26:30 +01:00
|
|
|
when "any" then true # no role required
|
|
|
|
else false # any unknown role will always fail
|
|
|
|
end
|
|
|
|
if hasRole
|
2011-05-11 13:38:46 +02:00
|
|
|
current_user
|
2009-01-06 11:49:19 +01:00
|
|
|
else
|
2010-03-20 02:26:30 +01:00
|
|
|
deny_access
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
2010-03-20 02:26:30 +01:00
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def authenticate_admin
|
|
|
|
authenticate('admin')
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def authenticate_finance
|
|
|
|
authenticate('finance')
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def authenticate_article_meta
|
|
|
|
authenticate('article_meta')
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def authenticate_suppliers
|
|
|
|
authenticate('suppliers')
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
def authenticate_orders
|
|
|
|
authenticate('orders')
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
# checks if the current_user is member of given group.
|
|
|
|
# if fails the user will redirected to startpage
|
|
|
|
def authenticate_membership_or_admin
|
|
|
|
@group = Group.find(params[:id])
|
|
|
|
unless @group.member?(@current_user) or @current_user.role_admin?
|
|
|
|
flash[:error] = "Diese Aktion ist nur für Mitglieder der Gruppe erlaubt!"
|
|
|
|
if request.xml_http_request?
|
|
|
|
render(:update) {|page| page.redirect_to root_path }
|
|
|
|
else
|
|
|
|
redirect_to root_path
|
2009-01-15 12:14:01 +01:00
|
|
|
end
|
|
|
|
end
|
2010-03-20 02:26:30 +01:00
|
|
|
end
|
2009-01-15 12:14:01 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
# Stores this controller instance as a thread local varibale to be accessible from outside ActionController/ActionView.
|
|
|
|
def store_controller
|
|
|
|
Thread.current[:application_controller] = self
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
# Sets the thread local variable that holds a reference to the current controller to nil.
|
|
|
|
def remove_controller
|
|
|
|
Thread.current[:application_controller] = nil
|
|
|
|
end
|
2009-01-08 16:33:27 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
# Get supplier in nested resources
|
|
|
|
def find_supplier
|
|
|
|
@supplier = Supplier.find(params[:supplier_id]) if params[:supplier_id]
|
|
|
|
end
|
2009-03-24 17:01:10 +01:00
|
|
|
|
2010-03-20 02:26:30 +01:00
|
|
|
# Set config and database connection for each request
|
|
|
|
# It uses the subdomain to select the appropriate section in the config files
|
|
|
|
# Use this method as a before filter (first filter!) in ApplicationController
|
|
|
|
def select_foodcoop
|
|
|
|
if Foodsoft.config[:multi_coop_install]
|
|
|
|
if !params[:foodcoop].blank?
|
2010-03-22 01:25:24 +01:00
|
|
|
begin
|
|
|
|
# Set Config
|
|
|
|
Foodsoft.env = params[:foodcoop]
|
|
|
|
# Set database-connection
|
|
|
|
ActiveRecord::Base.establish_connection(Foodsoft.database)
|
|
|
|
rescue => error
|
|
|
|
flash[:error] = error.to_s
|
|
|
|
redirect_to root_path
|
|
|
|
end
|
2010-03-20 02:26:30 +01:00
|
|
|
else
|
|
|
|
redirect_to root_path
|
2009-08-13 16:32:38 +02:00
|
|
|
end
|
2010-03-20 02:26:30 +01:00
|
|
|
else
|
|
|
|
# Deactivate routing filter
|
|
|
|
RoutingFilter::Foodcoop.active = false
|
2009-03-24 17:01:10 +01:00
|
|
|
end
|
2010-03-20 02:26:30 +01:00
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|