Download as
Browse Code »

Commit f678092a250e2d5fe937dff638e67b155a5ae687

Authored by Braulio Bhavamitra
1 parent a96fed84
Exists in profile_api_improvements and in 1 other branch fix_sign_up_form

concerns: Organize existing concerns in application controller

Showing 10 changed files with 292 additions and 291 deletions   Show diff stats
app/concerns/authenticated_system.rb
View file @a96fed8
@@ -1,169 +0,0 @@ @@ -1,169 +0,0 @@
1 -module AuthenticatedSystem  
2 -  
3 - protected  
4 -  
5 - extend ActiveSupport::Concern  
6 -  
7 - included do  
8 - if self < ActionController::Base  
9 - around_filter :user_set_current  
10 - before_filter :override_user  
11 - before_filter :login_from_cookie  
12 - end  
13 -  
14 - # Inclusion hook to make #current_user and #logged_in?  
15 - # available as ActionView helper methods.  
16 - helper_method :current_user, :logged_in?  
17 - end  
18 -  
19 - # Returns true or false if the user is logged in.  
20 - # Preloads @current_user with the user model if they're logged in.  
21 - def logged_in?  
22 - current_user != nil  
23 - end  
24 -  
25 - # Accesses the current user from the session.  
26 - def current_user user_id = session[:user]  
27 - @current_user ||= begin  
28 - user = User.find_by id: user_id if user_id  
29 - user.session = session if user  
30 - User.current = user  
31 - user  
32 - end  
33 - end  
34 -  
35 - # Store the given user in the session.  
36 - def current_user=(new_user)  
37 - if new_user.nil?  
38 - session.delete(:user)  
39 - else  
40 - session[:user] = new_user.id  
41 - new_user.session = session  
42 - new_user.register_login  
43 - end  
44 - @current_user = User.current = new_user  
45 - end  
46 -  
47 - # See impl. from http://stackoverflow.com/a/2513456/670229  
48 - def user_set_current  
49 - User.current = current_user  
50 - yield  
51 - ensure  
52 - # to address the thread variable leak issues in Puma/Thin webserver  
53 - User.current = nil  
54 - end  
55 -  
56 - # Check if the user is authorized.  
57 - #  
58 - # Override this method in your controllers if you want to restrict access  
59 - # to only a few actions or if you want to check if the user  
60 - # has the correct rights.  
61 - #  
62 - # Example:  
63 - #  
64 - # # only allow nonbobs  
65 - # def authorize?  
66 - # current_user.login != "bob"  
67 - # end  
68 - def authorized?  
69 - true  
70 - end  
71 -  
72 - # Filter method to enforce a login requirement.  
73 - #  
74 - # To require logins for all actions, use this in your controllers:  
75 - #  
76 - # before_filter :login_required  
77 - #  
78 - # To require logins for specific actions, use this in your controllers:  
79 - #  
80 - # before_filter :login_required, :only => [ :edit, :update ]  
81 - #  
82 - # To skip this in a subclassed controller:  
83 - #  
84 - # skip_before_filter :login_required  
85 - #  
86 - def login_required  
87 - username, passwd = get_auth_data  
88 - if username && passwd  
89 - self.current_user ||= User.authenticate(username, passwd) || nil  
90 - end  
91 - if logged_in? && authorized?  
92 - true  
93 - else  
94 - if params[:require_login_popup]  
95 - render :json => { :require_login_popup => true }  
96 - else  
97 - access_denied  
98 - end  
99 - end  
100 - end  
101 -  
102 - # Redirect as appropriate when an access request fails.  
103 - #  
104 - # The default action is to redirect to the login screen.  
105 - #  
106 - # Override this method in your controllers if you want to have special  
107 - # behavior in case the user is not authorized  
108 - # to access the requested action. For example, a popup window might  
109 - # simply close itself.  
110 - def access_denied  
111 - respond_to do |accepts|  
112 - accepts.html do  
113 - if request.xhr?  
114 - render :text => _('Access denied'), :status => 401  
115 - else  
116 - store_location  
117 - redirect_to :controller => '/account', :action => 'login'  
118 - end  
119 - end  
120 - accepts.xml do  
121 - headers["Status"] = "Unauthorized"  
122 - headers["WWW-Authenticate"] = %(Basic realm="Web Password")  
123 - render :text => "Could't authenticate you", :status => '401 Unauthorized'  
124 - end  
125 - end  
126 - false  
127 - end  
128 -  
129 - # Store the URI of the current request in the session.  
130 - #  
131 - # We can return to this location by calling #redirect_back_or_default.  
132 - def store_location(location = request.url)  
133 - session[:return_to] = location  
134 - end  
135 -  
136 - # Redirect to the URI stored by the most recent store_location call or  
137 - # to the passed default.  
138 - def redirect_back_or_default(default)  
139 - if session[:return_to]  
140 - redirect_to(session.delete(:return_to))  
141 - else  
142 - redirect_to(default)  
143 - end  
144 - end  
145 -  
146 - def override_user  
147 - return if params[:override_user].blank?  
148 - return unless logged_in? and user.is_admin? environment  
149 - @current_user = nil  
150 - current_user params[:override_user]  
151 - end  
152 -  
153 - # When called with before_filter :login_from_cookie will check for an :auth_token  
154 - # cookie and log the user back in if apropriate  
155 - def login_from_cookie  
156 - return if cookies[:auth_token].blank? or logged_in?  
157 - user = User.where(remember_token: cookies[:auth_token]).first  
158 - self.current_user = user if user and user.remember_token?  
159 - end  
160 -  
161 - private  
162 - @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)  
163 - # gets BASIC auth info  
164 - def get_auth_data  
165 - auth_key = @@http_auth_headers.detect { |h| request.env.has_key?(h) }  
166 - auth_data = request.env[auth_key].to_s.split unless auth_key.blank?  
167 - return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil]  
168 - end  
169 -end  
app/controllers/application_controller.rb
  Diff comments   View file @f678092
@@ -14,6 +14,20 @@ class ApplicationController &lt; ActionController::Base @@ -14,6 +14,20 @@ class ApplicationController &lt; ActionController::Base
14 before_filter :redirect_to_current_user 14 before_filter :redirect_to_current_user
15 15
16 before_filter :set_session_theme 16 before_filter :set_session_theme
  17 +
  18 + # FIXME: only include necessary methods
  19 + include ApplicationHelper
  20 +
  21 + # concerns
  22 + include PermissionCheck
  23 + include CustomDesign
  24 + include NeedsProfile
  25 +
  26 + # implementations
  27 + include FindByContents
  28 + include Noosfero::Plugin::HotSpot
  29 + include SearchTermHelper
  30 +
17 def set_session_theme 31 def set_session_theme
18 if params[:theme] 32 if params[:theme]
19 session[:theme] = environment.theme_ids.include?(params[:theme]) ? params[:theme] : nil 33 session[:theme] = environment.theme_ids.include?(params[:theme]) ? params[:theme] : nil
@@ -48,7 +62,6 @@ class ApplicationController &lt; ActionController::Base @@ -48,7 +62,6 @@ class ApplicationController &lt; ActionController::Base
48 end 62 end
49 end 63 end
50 64
51 - include ApplicationHelper  
52 layout :get_layout 65 layout :get_layout
53 def get_layout 66 def get_layout
54 return false if request.format == :js or request.xhr? 67 return false if request.format == :js or request.xhr?
@@ -74,9 +87,6 @@ class ApplicationController &lt; ActionController::Base @@ -74,9 +87,6 @@ class ApplicationController &lt; ActionController::Base
74 helper :document 87 helper :document
75 helper :language 88 helper :language
76 89
77 - include DesignHelper  
78 - include PermissionCheck  
79 -  
80 before_filter :set_locale 90 before_filter :set_locale
81 def set_locale 91 def set_locale
82 FastGettext.available_locales = environment.available_locales 92 FastGettext.available_locales = environment.available_locales
@@ -89,8 +99,6 @@ class ApplicationController &lt; ActionController::Base @@ -89,8 +99,6 @@ class ApplicationController &lt; ActionController::Base
89 end 99 end
90 end 100 end
91 101
92 - include NeedsProfile  
93 -  
94 attr_reader :environment 102 attr_reader :environment
95 103
96 # declares that the given <tt>actions</tt> cannot be accessed by other HTTP 104 # declares that the given <tt>actions</tt> cannot be accessed by other HTTP
@@ -151,8 +159,6 @@ class ApplicationController &lt; ActionController::Base @@ -151,8 +159,6 @@ class ApplicationController &lt; ActionController::Base
151 end 159 end
152 end 160 end
153 161
154 - include Noosfero::Plugin::HotSpot  
155 -  
156 # FIXME this filter just loads @plugins to children controllers and helpers 162 # FIXME this filter just loads @plugins to children controllers and helpers
157 def init_noosfero_plugins 163 def init_noosfero_plugins
158 plugins 164 plugins
@@ -184,9 +190,6 @@ class ApplicationController &lt; ActionController::Base @@ -184,9 +190,6 @@ class ApplicationController &lt; ActionController::Base
184 end 190 end
185 end 191 end
186 192
187 - include SearchTermHelper  
188 - include FindByContents  
189 -  
190 def find_suggestions(query, context, asset, options={}) 193 def find_suggestions(query, context, asset, options={})
191 plugins.dispatch_first(:find_suggestions, query, context, asset, options) 194 plugins.dispatch_first(:find_suggestions, query, context, asset, options)
192 end 195 end
app/controllers/concerns/authenticated_system.rb 0 → 100644
  Diff comments   View file @f678092
@@ -0,0 +1,169 @@ @@ -0,0 +1,169 @@
  1 +module AuthenticatedSystem
  2 +
  3 + protected
  4 +
  5 + extend ActiveSupport::Concern
  6 +
  7 + included do
  8 + if self < ActionController::Base
  9 + around_filter :user_set_current
  10 + before_filter :override_user
  11 + before_filter :login_from_cookie
  12 + end
  13 +
  14 + # Inclusion hook to make #current_user and #logged_in?
  15 + # available as ActionView helper methods.
  16 + helper_method :current_user, :logged_in?
  17 + end
  18 +
  19 + # Returns true or false if the user is logged in.
  20 + # Preloads @current_user with the user model if they're logged in.
  21 + def logged_in?
  22 + current_user != nil
  23 + end
  24 +
  25 + # Accesses the current user from the session.
  26 + def current_user user_id = session[:user]
  27 + @current_user ||= begin
  28 + user = User.find_by id: user_id if user_id
  29 + user.session = session if user
  30 + User.current = user
  31 + user
  32 + end
  33 + end
  34 +
  35 + # Store the given user in the session.
  36 + def current_user=(new_user)
  37 + if new_user.nil?
  38 + session.delete(:user)
  39 + else
  40 + session[:user] = new_user.id
  41 + new_user.session = session
  42 + new_user.register_login
  43 + end
  44 + @current_user = User.current = new_user
  45 + end
  46 +
  47 + # See impl. from http://stackoverflow.com/a/2513456/670229
  48 + def user_set_current
  49 + User.current = current_user
  50 + yield
  51 + ensure
  52 + # to address the thread variable leak issues in Puma/Thin webserver
  53 + User.current = nil
  54 + end
  55 +
  56 + # Check if the user is authorized.
  57 + #
  58 + # Override this method in your controllers if you want to restrict access
  59 + # to only a few actions or if you want to check if the user
  60 + # has the correct rights.
  61 + #
  62 + # Example:
  63 + #
  64 + # # only allow nonbobs
  65 + # def authorize?
  66 + # current_user.login != "bob"
  67 + # end
  68 + def authorized?
  69 + true
  70 + end
  71 +
  72 + # Filter method to enforce a login requirement.
  73 + #
  74 + # To require logins for all actions, use this in your controllers:
  75 + #
  76 + # before_filter :login_required
  77 + #
  78 + # To require logins for specific actions, use this in your controllers:
  79 + #
  80 + # before_filter :login_required, :only => [ :edit, :update ]
  81 + #
  82 + # To skip this in a subclassed controller:
  83 + #
  84 + # skip_before_filter :login_required
  85 + #
  86 + def login_required
  87 + username, passwd = get_auth_data
  88 + if username && passwd
  89 + self.current_user ||= User.authenticate(username, passwd) || nil
  90 + end
  91 + if logged_in? && authorized?
  92 + true
  93 + else
  94 + if params[:require_login_popup]
  95 + render :json => { :require_login_popup => true }
  96 + else
  97 + access_denied
  98 + end
  99 + end
  100 + end
  101 +
  102 + # Redirect as appropriate when an access request fails.
  103 + #
  104 + # The default action is to redirect to the login screen.
  105 + #
  106 + # Override this method in your controllers if you want to have special
  107 + # behavior in case the user is not authorized
  108 + # to access the requested action. For example, a popup window might
  109 + # simply close itself.
  110 + def access_denied
  111 + respond_to do |accepts|
  112 + accepts.html do
  113 + if request.xhr?
  114 + render :text => _('Access denied'), :status => 401
  115 + else
  116 + store_location
  117 + redirect_to :controller => '/account', :action => 'login'
  118 + end
  119 + end
  120 + accepts.xml do
  121 + headers["Status"] = "Unauthorized"
  122 + headers["WWW-Authenticate"] = %(Basic realm="Web Password")
  123 + render :text => "Could't authenticate you", :status => '401 Unauthorized'
  124 + end
  125 + end
  126 + false
  127 + end
  128 +
  129 + # Store the URI of the current request in the session.
  130 + #
  131 + # We can return to this location by calling #redirect_back_or_default.
  132 + def store_location(location = request.url)
  133 + session[:return_to] = location
  134 + end
  135 +
  136 + # Redirect to the URI stored by the most recent store_location call or
  137 + # to the passed default.
  138 + def redirect_back_or_default(default)
  139 + if session[:return_to]
  140 + redirect_to(session.delete(:return_to))
  141 + else
  142 + redirect_to(default)
  143 + end
  144 + end
  145 +
  146 + def override_user
  147 + return if params[:override_user].blank?
  148 + return unless logged_in? and user.is_admin? environment
  149 + @current_user = nil
  150 + current_user params[:override_user]
  151 + end
  152 +
  153 + # When called with before_filter :login_from_cookie will check for an :auth_token
  154 + # cookie and log the user back in if apropriate
  155 + def login_from_cookie
  156 + return if cookies[:auth_token].blank? or logged_in?
  157 + user = User.where(remember_token: cookies[:auth_token]).first
  158 + self.current_user = user if user and user.remember_token?
  159 + end
  160 +
  161 + private
  162 + @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)
  163 + # gets BASIC auth info
  164 + def get_auth_data
  165 + auth_key = @@http_auth_headers.detect { |h| request.env.has_key?(h) }
  166 + auth_data = request.env[auth_key].to_s.split unless auth_key.blank?
  167 + return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil]
  168 + end
  169 +end
app/controllers/concerns/custom_design.rb 0 → 100644
  Diff comments   View file @f678092
@@ -0,0 +1,50 @@ @@ -0,0 +1,50 @@
  1 +module CustomDesign
  2 +
  3 + extend ActiveSupport::Concern
  4 +
  5 + included do
  6 + extend ClassMethods
  7 + include InstanceMethods
  8 + before_filter :load_custom_design if self.respond_to? :before_filter
  9 + end
  10 +
  11 + module ClassMethods
  12 +
  13 + def no_design_blocks
  14 + @no_design_blocks = true
  15 + end
  16 +
  17 + def use_custom_design options = {}
  18 + @custom_design = options
  19 + end
  20 +
  21 + def custom_design
  22 + @custom_design ||= {}
  23 + end
  24 +
  25 + def uses_design_blocks?
  26 + !@no_design_blocks
  27 + end
  28 +
  29 + end
  30 +
  31 + module InstanceMethods
  32 +
  33 + protected
  34 +
  35 + def uses_design_blocks?
  36 + !@no_design_blocks && self.class.uses_design_blocks?
  37 + end
  38 +
  39 + def load_custom_design
  40 + # see also: LayoutHelper#body_classes
  41 + @layout_template = self.class.custom_design[:layout_template]
  42 + end
  43 +
  44 + def custom_design
  45 + @custom_design || self.class.custom_design
  46 + end
  47 +
  48 + end
  49 +
  50 +end
app/controllers/concerns/needs_profile.rb 0 → 100644
  Diff comments   View file @f678092
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
  1 +module NeedsProfile
  2 +
  3 + module ClassMethods
  4 + def needs_profile
  5 + before_filter :load_profile
  6 + end
  7 + end
  8 +
  9 + def self.included(including)
  10 + including.send(:extend, NeedsProfile::ClassMethods)
  11 + end
  12 +
  13 + def boxes_holder
  14 + profile || environment # prefers profile, but defaults to environment
  15 + end
  16 +
  17 + def profile
  18 + @profile
  19 + end
  20 +
  21 + protected
  22 +
  23 + def load_profile
  24 + if params[:profile]
  25 + params[:profile].downcase!
  26 + @profile ||= environment.profiles.where(identifier: params[:profile]).first
  27 + end
  28 +
  29 + if @profile
  30 + profile_hostname = @profile.hostname
  31 + if profile_hostname && profile_hostname != request.host
  32 + params.delete(:profile)
  33 + redirect_to(Noosfero.url_options.merge(params).merge(:host => profile_hostname))
  34 + end
  35 + else
  36 + render_not_found
  37 + end
  38 + end
  39 +
  40 +end
app/helpers/design_helper.rb
View file @a96fed8
@@ -1,50 +0,0 @@ @@ -1,50 +0,0 @@
1 -module DesignHelper  
2 -  
3 - extend ActiveSupport::Concern  
4 -  
5 - included do  
6 - extend ClassMethods  
7 - include InstanceMethods  
8 - before_filter :load_custom_design if self.respond_to? :before_filter  
9 - end  
10 -  
11 - module ClassMethods  
12 -  
13 - def no_design_blocks  
14 - @no_design_blocks = true  
15 - end  
16 -  
17 - def use_custom_design options = {}  
18 - @custom_design = options  
19 - end  
20 -  
21 - def custom_design  
22 - @custom_design ||= {}  
23 - end  
24 -  
25 - def uses_design_blocks?  
26 - !@no_design_blocks  
27 - end  
28 -  
29 - end  
30 -  
31 - module InstanceMethods  
32 -  
33 - protected  
34 -  
35 - def uses_design_blocks?  
36 - !@no_design_blocks && self.class.uses_design_blocks?  
37 - end  
38 -  
39 - def load_custom_design  
40 - # see also: LayoutHelper#body_classes  
41 - @layout_template = self.class.custom_design[:layout_template]  
42 - end  
43 -  
44 - def custom_design  
45 - @custom_design || self.class.custom_design  
46 - end  
47 -  
48 - end  
49 -  
50 -end  
config/initializers/00_dependencies.rb
  Diff comments   View file @f678092
@@ -25,6 +25,5 @@ require &#39;acts_as_customizable&#39; @@ -25,6 +25,5 @@ require &#39;acts_as_customizable&#39;
25 require 'route_if' 25 require 'route_if'
26 require 'maybe_add_http' 26 require 'maybe_add_http'
27 require 'set_profile_region_from_city_state' 27 require 'set_profile_region_from_city_state'
28 -require 'needs_profile'  
29 require 'white_list_filter' 28 require 'white_list_filter'
30 29
lib/needs_profile.rb
View file @a96fed8
@@ -1,40 +0,0 @@ @@ -1,40 +0,0 @@
1 -module NeedsProfile  
2 -  
3 - module ClassMethods  
4 - def needs_profile  
5 - before_filter :load_profile  
6 - end  
7 - end  
8 -  
9 - def self.included(including)  
10 - including.send(:extend, NeedsProfile::ClassMethods)  
11 - end  
12 -  
13 - def boxes_holder  
14 - profile || environment # prefers profile, but defaults to environment  
15 - end  
16 -  
17 - def profile  
18 - @profile  
19 - end  
20 -  
21 - protected  
22 -  
23 - def load_profile  
24 - if params[:profile]  
25 - params[:profile].downcase!  
26 - @profile ||= environment.profiles.where(identifier: params[:profile]).first  
27 - end  
28 -  
29 - if @profile  
30 - profile_hostname = @profile.hostname  
31 - if profile_hostname && profile_hostname != request.host  
32 - params.delete(:profile)  
33 - redirect_to(Noosfero.url_options.merge(params).merge(:host => profile_hostname))  
34 - end  
35 - else  
36 - render_not_found  
37 - end  
38 - end  
39 -  
40 -end  
test/unit/custom_design_test.rb 0 → 100644
  Diff comments   View file @f678092
@@ -0,0 +1,19 @@ @@ -0,0 +1,19 @@
  1 +require_relative "../test_helper"
  2 +
  3 +class CustomDesignTest < ActionView::TestCase
  4 +
  5 + include CustomDesign
  6 + include ActionView::Helpers::TagHelper
  7 +
  8 + def setup
  9 + end
  10 +
  11 + should 'allow class instance customization of custom design' do
  12 + self.class.use_custom_design boxes_limit: 1
  13 + assert_equal({boxes_limit: 1}, self.custom_design)
  14 + @custom_design = {boxes_limit: 2}
  15 + assert_equal({boxes_limit: 2}, self.custom_design)
  16 +
  17 + end
  18 +
  19 +end
test/unit/design_helper_test.rb
View file @a96fed8
@@ -1,20 +0,0 @@ @@ -1,20 +0,0 @@
1 -require_relative "../test_helper"  
2 -require 'boxes_helper'  
3 -  
4 -class DesignHelperTest < ActionView::TestCase  
5 -  
6 - include DesignHelper  
7 - include ActionView::Helpers::TagHelper  
8 -  
9 - def setup  
10 - end  
11 -  
12 - should 'allow class instance customization of custom design' do  
13 - self.class.use_custom_design boxes_limit: 1  
14 - assert_equal({boxes_limit: 1}, self.custom_design)  
15 - @custom_design = {boxes_limit: 2}  
16 - assert_equal({boxes_limit: 2}, self.custom_design)  
17 -  
18 - end  
19 -  
20 -end