Foodsoft/foodsoft
1
1
Fork 0
Code Issues 36 Pull requests 5 Projects 1 Releases Wiki Activity

Merge branch 'routing-filter'

Browse source
This commit is contained in:
Benjamin Meichsner 2010-05-25 23:16:49 +02:00
commit 00d9f060cc
29 changed files with 282 additions and 260 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/admin_controller.rb → app/controllers/admin/base_controller.rb
View file

@ -1,7 +1,5 @@
class AdminController < ApplicationController
class Admin::BaseController < ApplicationController
before_filter :authenticate_admin
filter_parameter_logging :password, :password_confirmation # do not log passwort parameters
def index
@user = self.current_user

3
app/controllers/admin/ordergroups_controller.rb
View file

@ -1,5 +1,4 @@
class Admin::OrdergroupsController < ApplicationController
before_filter :authenticate_admin
class Admin::OrdergroupsController < Admin::BaseController
def index
if (params[:per_page] && params[:per_page].to_i > 0 && params[:per_page].to_i <= 100)

4
app/controllers/admin/users_controller.rb
View file

@ -1,6 +1,4 @@
class Admin::UsersController < ApplicationController
before_filter :authenticate_admin
filter_parameter_logging :password, :password_confirmation # do not log passwort parameters
class Admin::UsersController < Admin::BaseController
def index
if (params[:per_page] && params[:per_page].to_i > 0 && params[:per_page].to_i <= 100)

3
app/controllers/admin/workgroups_controller.rb
View file

@ -1,5 +1,4 @@
class Admin::WorkgroupsController < ApplicationController
before_filter :authenticate_admin
class Admin::WorkgroupsController < Admin::BaseController
def index
if (params[:per_page] && params[:per_page].to_i > 0 && params[:per_page].to_i <= 100)

216
app/controllers/application_controller.rb
View file

@ -1,5 +1,6 @@
class ApplicationController < ActionController::Base
filter_parameter_logging :password, :password_confirmation # do not log passwort parameters
before_filter :select_foodcoop, :authenticate, :store_controller
after_filter :remove_controller
@ -23,128 +24,137 @@ class ApplicationController < ActionController::Base
protected
def current_user
begin
# check if there is a valid session and return the logged-in user (its object)
if session['user_and_subdomain']
id, subdomain = session['user_and_subdomain'].split
# for shared-host installations. check if the cookie-subdomain fits to request.
return User.current_user = User.find(id) if request.subdomains.first == subdomain
end
rescue
reset_session
flash[:error]= _("An error has occurred. Please login again.")
redirect_to :controller => 'login'
def current_user
begin
# check if there is a valid session and return the logged-in user (its object)
if session[:user] and session[:foodcoop]
# for shared-host installations. check if the cookie-subdomain fits to request.
return User.current_user = User.find(session[:user]) if session[:foodcoop] == Foodsoft.env
end
rescue
reset_session
flash[:error]= _("An error has occurred. Please login again.")
redirect_to :controller => 'login'
end
end
def current_user=(user)
session['user_and_subdomain'] = [user.id, request.subdomains.first].join(" ")
end
def current_user=(user)
session[:user], session[:foodcoop] = user.id, Foodsoft.env
end
def return_to
session['return_to']
end
def return_to
session['return_to']
end
def return_to=(uri)
session['return_to'] = uri
end
def return_to=(uri)
session['return_to'] = uri
end
def deny_access
self.return_to = request.request_uri
redirect_to :controller => '/login', :action => 'denied'
return false
end
def deny_access
self.return_to = request.request_uri
redirect_to :controller => '/login', :action => 'denied'
return false
end
private
def authenticate(role = 'any')
# Attempt to retrieve authenticated user from controller instance or session...
if !(user = current_user)
# No user at all: redirect to login page.
self.return_to = request.request_uri
redirect_to :controller => '/login'
return false
def authenticate(role = 'any')
# Attempt to retrieve authenticated user from controller instance or session...
if !(user = current_user)
# No user at all: redirect to login page.
self.return_to = request.request_uri
redirect_to :controller => '/login'
return false
else
# We have an authenticated user, now check role...
# Roles gets the user through his memberships.
hasRole = case role
when "admin" then user.role_admin?
when "finance" then user.role_finance?
when "article_meta" then user.role_article_meta?
when "suppliers" then user.role_suppliers?
when "orders" then user.role_orders?
when "any" then true # no role required
else false # any unknown role will always fail
end
if hasRole
@current_user = user
else
# We have an authenticated user, now check role...
# Roles gets the user through his memberships.
hasRole = case role
when "admin" then user.role_admin?
when "finance" then user.role_finance?
when "article_meta" then user.role_article_meta?
when "suppliers" then user.role_suppliers?
when "orders" then user.role_orders?
when "any" then true # no role required
else false # any unknown role will always fail
end
if hasRole
@current_user = user
else
deny_access
end
end
deny_access
end
end
end
def authenticate_admin
authenticate('admin')
end
def authenticate_admin
authenticate('admin')
end
def authenticate_finance
authenticate('finance')
end
def authenticate_finance
authenticate('finance')
end
def authenticate_article_meta
authenticate('article_meta')
end
def authenticate_article_meta
authenticate('article_meta')
end
def authenticate_suppliers
authenticate('suppliers')
end
def authenticate_suppliers
authenticate('suppliers')
end
def authenticate_orders
authenticate('orders')
end
def authenticate_orders
authenticate('orders')
end
# checks if the current_user is member of given group.
# if fails the user will redirected to startpage
def authenticate_membership_or_admin
@group = Group.find(params[:id])
unless @group.member?(@current_user) or @current_user.role_admin?
flash[:error] = "Diese Aktion ist nur für Mitglieder der Gruppe erlaubt!"
if request.xml_http_request?
render(:update) {|page| page.redirect_to root_path }
else
# checks if the current_user is member of given group.
# if fails the user will redirected to startpage
def authenticate_membership_or_admin
@group = Group.find(params[:id])
unless @group.member?(@current_user) or @current_user.role_admin?
flash[:error] = "Diese Aktion ist nur für Mitglieder der Gruppe erlaubt!"
if request.xml_http_request?
render(:update) {|page| page.redirect_to root_path }
else
redirect_to root_path
end
end
end
# Stores this controller instance as a thread local varibale to be accessible from outside ActionController/ActionView.
def store_controller
Thread.current[:application_controller] = self
end
# Sets the thread local variable that holds a reference to the current controller to nil.
def remove_controller
Thread.current[:application_controller] = nil
end
# Get supplier in nested resources
def find_supplier
@supplier = Supplier.find(params[:supplier_id]) if params[:supplier_id]
end
# Set config and database connection for each request
# It uses the subdomain to select the appropriate section in the config files
# Use this method as a before filter (first filter!) in ApplicationController
def select_foodcoop
if Foodsoft.config[:multi_coop_install]
if !params[:foodcoop].blank?
begin
# Set Config
Foodsoft.env = params[:foodcoop]
# Set database-connection
ActiveRecord::Base.establish_connection(Foodsoft.database)
rescue => error
flash[:error] = error.to_s
redirect_to root_path
end
else
redirect_to root_path
end
else
# Deactivate routing filter
RoutingFilter::Foodcoop.active = false
end
# Stores this controller instance as a thread local varibale to be accessible from outside ActionController/ActionView.
def store_controller
Thread.current[:application_controller] = self
end
# Sets the thread local variable that holds a reference to the current controller to nil.
def remove_controller
Thread.current[:application_controller] = nil
end
# Get supplier in nested resources
def find_supplier
@supplier = Supplier.find(params[:supplier_id]) if params[:supplier_id]
end
# Set config and database connection for each request
# It uses the subdomain to select the appropriate section in the config files
# Use this method as a before filter (first filter!) in ApplicationController
def select_foodcoop
if Foodsoft.config[:multi_coop_install]
# Get subdomain
subdomain = request.subdomains.first
# Set Config
Foodsoft.env = subdomain
# Set database-connection
ActiveRecord::Base.establish_connection(Foodsoft.database(subdomain))
end
end
end
end

1
app/controllers/login_controller.rb
View file

@ -1,6 +1,5 @@
class LoginController < ApplicationController
skip_before_filter :authenticate # no authentication since this is the login page
filter_parameter_logging "password" # do not log "password" parameter
before_filter :validate_token, :only => [:password, :update_password]
verify :method => :post, :only => [:login, :reset_password, :new], :redirect_to => { :action => :index }

4
app/controllers/tasks_controller.rb
View file

@ -6,7 +6,7 @@ class TasksController < ApplicationController
@groups = Workgroup.all
end
def myTasks
def user
@unaccepted_tasks = @current_user.unaccepted_tasks
@accepted_tasks = @current_user.accepted_tasks
end
@ -78,7 +78,7 @@ class TasksController < ApplicationController
task.assignments.create(:user => current_user, :accepted => true)
end
flash[:notice] = "Du hast die Aufgabe übernommen"
redirect_to my_tasks_path
redirect_to user_tasks_path
end
# deletes assignment between current_user and given task

2
app/helpers/application_helper.rb
View file

@ -117,7 +117,7 @@ module ApplicationHelper
end
def tab_is_active?(tab)
tab[:active].detect {|c| c == controller.controller_path }
tab[:active].detect {|c| controller.controller_path.match(c) }
end
def icon(name, options={})

4
app/helpers/pages_helper.rb
View file

@ -7,9 +7,9 @@ module PagesHelper
def link_to_wikipage(page, text = nil)
if text == nil
link_to page.title, "/wiki/#{page.title}"
link_to page.title, wiki_page_path(page.permalink)
else
link_to text, "/wiki/#{page.title}"
link_to text, wiki_page_path(page.permalink)
end
end

12
app/models/mailer.rb
View file

@ -12,9 +12,9 @@ class Mailer < ActionMailer::Base
body :body => message.body,
:sender => message.sender.nick,
:recipients => recipient.nick,
:reply => "#{Foodsoft.config[:base_url]}/messages/reply/#{message.id}",
:link => "#{Foodsoft.config[:base_url]}/messages/show/#{message.id}",
:profile => "#{Foodsoft.config[:base_url]}/home/profile"
:reply => url_for(:controller => "messages", :action => "reply", :id => message.id),
:link => url_for(:controller => "messages", :action => "show", :id => message.id),
:profile => url_for(:controller => "home", :action => "profile")
end
# Sends an email with instructions on how to reset the password.
@ -23,7 +23,7 @@ class Mailer < ActionMailer::Base
prepare_system_message(user)
subject "[#{Foodsoft.config[:name]}] Neues Passwort für/ New password for #{user.nick}"
body :user => user,
:link => "#{Foodsoft.config[:base_url]}/login/password/#{user.id}?token=#{user.reset_password_token}"
:link => url_for(:controller => "login", :action => "password", :id => user.id, :token => user.reset_password_token)
end
# Sends an invite email.
@ -31,7 +31,7 @@ class Mailer < ActionMailer::Base
prepare_system_message(invite)
subject "Einladung in die Foodcoop #{Foodsoft.config[:name]} - Invitation to the Foodcoop"
body :invite => invite,
:link => "#{Foodsoft.config[:base_url]}/login/invite/#{invite.token}"
:link => url_for(:controller => "login", :action => "invite", :id => invite.token)
end
# Notify user of upcoming task.
@ -71,7 +71,7 @@ class Mailer < ActionMailer::Base
prepare_system_message(user)
subject "[#{Foodsoft.config[:name]}] #{task.name} braucht noch Leute!"
body :task => task, :user => user,
:task_url => File.join(Foodsoft.config[:base_url], "tasks/workgroup", task.workgroup_id.to_s)
:task_url => url_for(:controller => "tasks", :action => "workgroup", :id => task.workgroup_id)
end
protected

0
app/views/admin/index.html.haml → app/views/admin/base/index.html.haml
View file

2
app/views/home/_start_nav.haml
View file

@ -4,7 +4,7 @@
Foodcoop
%ul
%li= link_to "Mitglieder", foodcoop_users_path
%li= link_to "Meine Aufgaben", :controller => "home", :action => "tasks"
%li= link_to "Meine Aufgaben", user_tasks_path
%li= link_to "Nachricht schreiben", :controller => "messages", :action => "new"
// Orders

4
app/views/home/index.html.haml
View file

@ -21,11 +21,11 @@
- unless @unaccepted_tasks.empty?
%h3 Aufgaben übernehmen
Du bis für Aufgaben verantwortlich.
= link_to "Aufgaben übernehmen/ablehnen", my_tasks_path
= link_to "Aufgaben übernehmen/ablehnen", user_tasks_path
- unless @unassigned_tasks_number == 0
%h3 Offene Aufgaben
= "Es gibt #{@unassigned_tasks_number} #{link_to 'offene Aufgabe(n)', :controller => 'tasks'}"
%p{:style => "clear:both"}= link_to "Meine Aufgaben", my_tasks_path
%p{:style => "clear:both"}= link_to "Meine Aufgaben", user_tasks_path
- if @ordergroup
// Current orders

50
app/views/layouts/_main_tabnav.html.erb
View file

@ -3,56 +3,56 @@
tabs = [
{ :name => "Start", :url => root_path, :active => ["index", "home"],
:subnav => [
{ :name => "Meine Aufgaben", :url => "/home/tasks" },
{ :name => "Meine Bestellgruppe", :url => "/home/ordergroup", :access_denied? => (!u.ordergroup)},
{ :name => "Mein Profil", :url => "/home/profile"}
{ :name => "Meine Aufgaben", :url => user_tasks_path },
{ :name => "Meine Bestellgruppe", :url => my_ordergroup_path, :access_denied? => (!u.ordergroup)},
{ :name => "Mein Profil", :url => my_profile_path}
]
},
{ :name => "Foodcoop", :url => "/tasks",
{ :name => "Foodcoop", :url => tasks_path,
:active => ["foodcoop", "tasks", "messages", "foodcoop/ordergroups", "foodcoop/workgroups", "foodcoop/users"],
:subnav => [
{ :name => "Mitglieder", :url => "/foodcoop/users"},
{ :name => "Abeitsgruppen", :url => "/foodcoop/workgroups"},
{ :name => "Bestellgruppen", :url => "/foodcoop/ordergroups"},
{ :name => "Nachrichten", :url => "/messages"},
{ :name => "Aufgaben", :url => "/tasks"}
{ :name => "Mitglieder", :url => foodcoop_users_path},
{ :name => "Abeitsgruppen", :url => foodcoop_workgroups_path},
{ :name => "Bestellgruppen", :url => foodcoop_ordergroups_path},
{ :name => "Nachrichten", :url => messages_path},
{ :name => "Aufgaben", :url => tasks_path}
]
},
{ :name => "Wiki", :url => "/wiki", :active => ["pages", "wiki"],
{ :name => "Wiki", :url => wiki_path, :active => ["pages", "wiki"],
:subnav => [
{ :name => "Startseite", :url => "/wiki" },
{ :name => "Alle Seiten", :url => "/pages/all" }
{ :name => "Startseite", :url => wiki_path },
{ :name => "Alle Seiten", :url => all_pages_path }
]
},
{ :name => "Bestellungen", :url => u.ordergroup ? "/ordering/" : "/orders",
{ :name => "Bestellungen", :url => u.ordergroup ? ordering_path : orders_path,
:active => ["orders", "ordering"],
:subnav => [
{ :name => "Bestellen!", :url => "/ordering" },
{ :name => "Meine Bestellungen", :url => "/ordering/myOrders" },
{ :name => "Bestellverwaltung", :url => "/orders", :access_denied? => (!u.role_orders?) }
{ :name => "Bestellen!", :url => ordering_path },
{ :name => "Meine Bestellungen", :url => my_orders_path },
{ :name => "Bestellverwaltung", :url => orders_path, :access_denied? => (!u.role_orders?) }
]
},
{ :name => "Artikel", :url => "/suppliers",
{ :name => "Artikel", :url => suppliers_path,
:active => ["articles", "suppliers", "deliveries", "article_categories", "stockit", "stock_takings"],
:access_denied? => (!u.role_article_meta? && !u.role_suppliers?),
:subnav => [
{ :name => "Artikel", :url => supplier_articles_path(Supplier.first) },
{ :name => "Lager", :url => "/stockit" },
{ :name => "Lager", :url => stock_articles_path },
{ :name => "Lieferantinnen", :url => suppliers_path, :access_denied? => (!u.role_suppliers?) },
{ :name => "Kategorien", :url => "/article_categories"}
{ :name => "Kategorien", :url => article_categories_path }
]
},
{ :name => "Finanzen", :url => "/finance",
{ :name => "Finanzen", :url => finance_root_path,
:active => ["finance/invoices", "finance/transactions", "finance/balancing"],
:access_denied? => (!u.role_finance?),
:subnav => [
{ :name => "Konten verwalten", :url => "/finance/transactions" },
{ :name => "Bestellungen abrechnen", :url => "/finance/balancing/list" },
{ :name => "Konten verwalten", :url => finance_transactions_path },
{ :name => "Bestellungen abrechnen", :url => finance_balancing_path },
{ :name => "Rechnungen", :url => finance_invoices_path }
]
},
{ :name => "Administration", :url => "/admin",
:active => ["admin", "admin/users", "admin/ordergroups", "admin/workgroups"],
{ :name => "Administration", :url => admin_root_path,
:active => ["admin/"],
:access_denied? => (!u.role_admin?),
:subnav => [
{ :name => "Benutzerinnen", :url => admin_users_path },
@ -77,4 +77,4 @@
</li>
<% end -%>
<% end -%>
</ul>
</ul>

2
app/views/layouts/application.haml
View file

@ -15,7 +15,7 @@
#header
#logo
%a{:href => "/"}
- link_to root_path do
<span>food</span>soft
%span{:style => "color:white; font-size:45%; letter-spacing: -1px;"}= Foodsoft.config[:name]
#nav= render :partial => 'layouts/main_tabnav'

6
app/views/layouts/email.html.erb
View file

@ -1,6 +1,6 @@
<%= yield %>
--
FoodSoft: <%= @foodsoftUrl %>
Foodcoop-Homepage: <%= Foodsoft.config[:base_url] %>
Hilfe/Help: <%= Foodsoft.config[:help_url] %>
FoodSoft: <%= url_for(:controller => "home", :action => "index", :only_path => false) %>
Foodcoop-Homepage: <%= Foodsoft.config[:homepage] %>
Hilfe/Help: <%= Foodsoft.config[:help_url] %>

2
app/views/login/forgot_password.html.haml
View file

@ -15,4 +15,4 @@
= text_field 'login', 'email'
= submit_tag 'Neues Passwort anfordern'
|
= link_to 'Abbrechen', :action => 'login'
= link_to 'Abbrechen', login_path

2
app/views/login/password.html.haml
View file

@ -13,4 +13,4 @@
= form.password_field :password_confirmation
= form.submit 'Speichern'
|
= link_to 'Abbrechen', :action => 'login'
= link_to 'Abbrechen', login_path

2
app/views/mailer/not_enough_users_assigned.erb
View file

@ -7,5 +7,5 @@ Sofern Du Dich noch nicht für diese Aufgabe eingetragen hast ist das jetzt die
<%= @task_url %>
--
Deine Aufgaben: <%= Foodsoft.config[:base_url] %>/home/tasks
Deine Aufgaben: <%= url_for(:controller => "home", :actions => "user") %>

2
app/views/mailer/order_result.html.erb
View file

@ -9,6 +9,6 @@ Für Euch wurden die folgenden Artikel bestellt:
<% end -%>
Gesamtpreis: <%= @group_order.price %>
Bestellung online einsehen: <%= "#{Foodsoft.config[:base_url]}/ordering/my_order_result/#{@order.id}" %>
Bestellung online einsehen: <%= url_for(:controller => "ordering", :action => "my_order_result", :id => @order.id) %>
Viele Grüße von <%= Foodsoft.config[:name] %>

2
app/views/mailer/upcoming_tasks.html.erb
View file

@ -11,6 +11,6 @@ Aufgaben für die nächste Woche:
<% end -%>
<% end -%>
Meine Aufgaben: <%= Foodsoft.config[:base_url] %>/home/tasks
Meine Aufgaben: <%= url_for(:controller => "home", :actions => "user") %>
Viele Grüße von <%= Foodsoft.config[:name] %>

2
app/views/tasks/_nav.haml
View file

@ -8,7 +8,7 @@
%li
Seiten
%ul
%li= link_to "Meine Aufgaben", my_tasks_path
%li= link_to "Meine Aufgaben", user_tasks_path
%li= link_to "Alle Aufgaben", :action => "index"
%li= link_to "Erledigt Aufgaben (Archiv)", :action => "archive"

0
app/views/tasks/myTasks.haml → app/views/tasks/user.html.haml
View file