demarches-normaliennes/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  before_action :load_navbar_left_pannel_partial_url
  before_action :set_raven_context
  before_action :authorize_request_for_profiler

  before_action :staging_authenticate

  def staging_authenticate
    if StagingAuthService.enabled? && !authenticate_with_http_basic { |username, password| StagingAuthService.authenticate(username, password) }
      request_http_basic_authentication
    end
  end

  def authorize_request_for_profiler
    if administration_signed_in?
      Rack::MiniProfiler.authorize_request
    end
  end

  def default_url_options
    return { protocol: 'https' } if Rails.env.staging? || Rails.env.production?
    {}
  end

  def load_navbar_left_pannel_partial_url
    controller = request.controller_class
    method = params[:action]
    service = RenderPartialService.new(controller, method)
    @navbar_url = service.navbar
    @left_pannel_url = service.left_panel
    @facade_data_view = nil
  end

  protected

  def authenticate_gestionnaire!
    if gestionnaire_signed_in?
      super
    else
      redirect_to new_user_session_path
    end
  end

  def authenticate_administrateur!
    if administrateur_signed_in?
      super
    else
      redirect_to new_user_session_path
    end
  end

  private

  def logged_users
    @logged_users ||= [
      current_user,
      current_gestionnaire,
      current_administrateur,
      current_administration
    ].compact
  end

  def logged_user_roles
    roles = logged_users.map { |logged_user| logged_user.class.name }
    roles.any? ? roles.join(', ') : 'Guest'
  end

  def logged_user_info
    logged_user = logged_users.first

    if logged_user
      {
        id: logged_user.id,
        email: logged_user.email
      }
    end
  end

  def set_raven_context
    context = {
      ip_address: request.ip,
      roles: logged_user_roles
    }
    context.merge!(logged_user_info || {})

    Raven.user_context(context)
  end

  def append_info_to_payload(payload)
    payload.merge!({
      user_agent: request.user_agent,
      current_user: logged_user_info,
      current_user_roles: logged_user_roles
    }.compact)

    if browser.known?
      payload.merge!({
        browser: browser.name,
        browser_version: browser.version.to_s,
        platform: browser.platform.name,
      })
    end
  end

  def permit_smart_listing_params
    # FIXME: remove when
    # https://github.com/Sology/smart_listing/issues/134
    # is fixed
    self.params = params.permit(
      # Dossiers
      :liste,
      dossiers_smart_listing:
        [
          :page,
          :per_page,
          { sort: [:id, :'procedure.libelle', :state, :updated_at] }
        ],
      # Gestionnaires
      gestionnaires_smart_listing:
        [
          :page,
          :per_page,
          { sort: [:email] }
        ],
      # Procédures
      procedures_smart_listing:
        [
          :page,
          :per_page,
          { sort: [:id, :libelle, :published_at] }
        ]
    )
    # END OF FIXME
  end
end
First Commit 2015-08-10 11:05:06 +02:00			`class ApplicationController < ActionController::Base`
			`# Prevent CSRF attacks by raising an exception.`
			`# For APIs, you may want to use :null_session instead.`
			`protect_from_forgery with: :exception`
Awsome struct to share layouts between controllers and there methods 2016-11-22 16:03:32 +01:00			`before_action :load_navbar_left_pannel_partial_url`
[FIX #433] Add Raven Metadata on the current user/gestionnaire/admin ... 2017-06-28 07:08:25 +02:00			`before_action :set_raven_context`
Enable rack mini profiler when super admin is connected 2017-07-24 12:29:09 +02:00			`before_action :authorize_request_for_profiler`

[Closes #1170] Put tps-dev (staging) environement behind a BasicAuth 2018-01-16 16:31:47 +01:00			`before_action :staging_authenticate`

			`def staging_authenticate`
			`if StagingAuthService.enabled? && !authenticate_with_http_basic { \|username, password\| StagingAuthService.authenticate(username, password) }`
			`request_http_basic_authentication`
			`end`
			`end`

Enable rack mini profiler when super admin is connected 2017-07-24 12:29:09 +02:00			`def authorize_request_for_profiler`
Enable Rack mini profiler, on every environment 2017-09-07 14:05:02 +02:00			`if administration_signed_in?`
Enable rack mini profiler when super admin is connected 2017-07-24 12:29:09 +02:00			`Rack::MiniProfiler.authorize_request`
			`end`
			`end`
First Commit 2015-08-10 11:05:06 +02:00
Add default protocol for urls 2016-07-07 10:13:46 +02:00			`def default_url_options`
Enable the Layout/SpaceInsideHashLiteralBraces cop 2018-01-16 13:34:24 +01:00			`return { protocol: 'https' } if Rails.env.staging? \|\| Rails.env.production?`
Add default protocol for urls 2016-07-07 10:13:46 +02:00			`{}`
			`end`
Fix bug Chrome datepicker 2016-09-22 11:31:24 +02:00
Awsome struct to share layouts between controllers and there methods 2016-11-22 16:03:32 +01:00			`def load_navbar_left_pannel_partial_url`
			`controller = request.controller_class`
			`method = params[:action]`
			`service = RenderPartialService.new(controller, method)`
			`@navbar_url = service.navbar`
			`@left_pannel_url = service.left_panel`
			`@facade_data_view = nil`
			`end`
Fix some tests 2017-01-03 11:32:21 +01:00
			`protected`

			`def authenticate_gestionnaire!`
			`if gestionnaire_signed_in?`
			`super`
			`else`
			`redirect_to new_user_session_path`
			`end`
			`end`

			`def authenticate_administrateur!`
			`if administrateur_signed_in?`
			`super`
			`else`
			`redirect_to new_user_session_path`
			`end`
			`end`
[FIX #433] Add Raven Metadata on the current user/gestionnaire/admin ... 2017-06-28 07:08:25 +02:00
			`private`

Add user info to LogStasher 2018-01-17 14:40:31 +01:00			`def logged_users`
			`@logged_users \|\|= [`
[FIX #433] Add Raven Metadata on the current user/gestionnaire/admin ... 2017-06-28 07:08:25 +02:00			`current_user,`
			`current_gestionnaire,`
			`current_administrateur,`
			`current_administration`
			`].compact`
Add user info to LogStasher 2018-01-17 14:40:31 +01:00			`end`
[FIX #433] Add Raven Metadata on the current user/gestionnaire/admin ... 2017-06-28 07:08:25 +02:00
Add user info to LogStasher 2018-01-17 14:40:31 +01:00			`def logged_user_roles`
			`roles = logged_users.map { \|logged_user\| logged_user.class.name }`
			`roles.any? ? roles.join(', ') : 'Guest'`
			`end`
[FIX #433] Add Raven Metadata on the current user/gestionnaire/admin ... 2017-06-28 07:08:25 +02:00
Add user info to LogStasher 2018-01-17 14:40:31 +01:00			`def logged_user_info`
			`logged_user = logged_users.first`

			`if logged_user`
			`{`
			`id: logged_user.id,`
			`email: logged_user.email`
			`}`
			`end`
			`end`

			`def set_raven_context`
			`context = {`
			`ip_address: request.ip,`
			`roles: logged_user_roles`
			`}`
			`context.merge!(logged_user_info \|\| {})`
[FIX #433] Add Raven Metadata on the current user/gestionnaire/admin ... 2017-06-28 07:08:25 +02:00
			`Raven.user_context(context)`
			`end`
Add user info to LogStasher 2018-01-17 14:40:31 +01:00
			`def append_info_to_payload(payload)`
			`payload.merge!({`
			`user_agent: request.user_agent,`
			`current_user: logged_user_info,`
			`current_user_roles: logged_user_roles`
			`}.compact)`

			`if browser.known?`
			`payload.merge!({`
			`browser: browser.name,`
			`browser_version: browser.version.to_s,`
			`platform: browser.platform.name,`
			`})`
			`end`
			`end`
[#1374] Revert "Merge pull request #1373 from betagouv/fix_pagination" This reverts commit 5a56fe0182f8bad1cb7059a69513e514b0c25609, reversing changes made to 31aabcd6b619ef565f55c5ad8a1d5ef4c0ff948b. 2018-01-30 14:43:56 +01:00
			`def permit_smart_listing_params`
			`# FIXME: remove when`
			`# https://github.com/Sology/smart_listing/issues/134`
			`# is fixed`
			`self.params = params.permit(`
[Fix #1374] Add missing parameter Dossier pagination was only working for dossiers en construction. 2018-01-30 14:45:05 +01:00			`# Dossiers`
			`:liste,`
[#1374] Revert "Merge pull request #1373 from betagouv/fix_pagination" This reverts commit 5a56fe0182f8bad1cb7059a69513e514b0c25609, reversing changes made to 31aabcd6b619ef565f55c5ad8a1d5ef4c0ff948b. 2018-01-30 14:43:56 +01:00			`dossiers_smart_listing:`
			`[`
			`:page,`
			`:per_page,`
			`{ sort: [:id, :'procedure.libelle', :state, :updated_at] }`
			`],`
[Fix #1374] Add missing parameter Dossier pagination was only working for dossiers en construction. 2018-01-30 14:45:05 +01:00			`# Gestionnaires`
[#1374] Revert "Merge pull request #1373 from betagouv/fix_pagination" This reverts commit 5a56fe0182f8bad1cb7059a69513e514b0c25609, reversing changes made to 31aabcd6b619ef565f55c5ad8a1d5ef4c0ff948b. 2018-01-30 14:43:56 +01:00			`gestionnaires_smart_listing:`
			`[`
			`:page,`
			`:per_page,`
			`{ sort: [:email] }`
			`],`
[Fix #1374] Add missing parameter Dossier pagination was only working for dossiers en construction. 2018-01-30 14:45:05 +01:00			`# Procédures`
[#1374] Revert "Merge pull request #1373 from betagouv/fix_pagination" This reverts commit 5a56fe0182f8bad1cb7059a69513e514b0c25609, reversing changes made to 31aabcd6b619ef565f55c5ad8a1d5ef4c0ff948b. 2018-01-30 14:43:56 +01:00			`procedures_smart_listing:`
			`[`
			`:page,`
			`:per_page,`
			`{ sort: [:id, :libelle, :published_at] }`
			`]`
			`)`
			`# END OF FIXME`
			`end`
First Commit 2015-08-10 11:05:06 +02:00			`end`