application.rb
1.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# his is the application's main controller. Features defined here are
# available in all controllers.
class ApplicationController < ActionController::Base
  helper :document
  
  design :holder => 'environment'
  # Be sure to include AuthenticationSystem in Application Controller instead
  include AuthenticatedSystem
  init_gettext 'noosfero'
  before_filter :detect_stuff_by_domain
  attr_reader :environment
  protected
  # TODO: move this logic somewhere else (Domain class?)
  def detect_stuff_by_domain
    @domain = Domain.find_by_name(request.host)
    if @domain.nil?
      @environment = Environment.default
    else
      @environment = @domain.environment
      @profile = @domain.profile
    end
  end
  before_filter :load_profile_from_params
  def load_profile_from_params
    if params[:profile]
      @profile ||= Profile.find_by_identifier(params[:profile])
    end
  end
  def profile
    @profile
  end
  def self.acts_as_environment_admin_controller
    before_filter :load_admin_controller
  end
  def load_admin_controller
    # TODO: check access control
  end
  # declares that the given <tt>actions</tt> cannot be accessed by other HTTP
  # method besides POST.
  def self.post_only(actions, redirect = { :action => 'index'})
    verify :method => :post, :only => actions, :redirect_to => redirect
  end
  # Declares the +permission+ need to be able to access +action+.
  #
  # * +action+ must be a symbol or string with the name of the action
  # * +permission+ must be a symbol or string naming the needed permission.
  # * +target+ is the object over witch the user would need the specified permission.
  def self.protect(actions, permission, target = nil)
    before_filter :only => actions do |c|
      unless c.send(:logged_in?) && c.send(:current_user).person.has_permission?(permission.to_s, c.send(target))
        c.send(:render, {:file => 'app/views/shared/access_denied.rhtml', :layout => true})
      end
    end
  end
end