demarches-normaliennes/app/controllers/application_controller.rb
2018-02-05 10:35:51 +01:00

138 lines
3.1 KiB
Ruby

class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :load_navbar_left_pannel_partial_url
before_action :set_raven_context
before_action :authorize_request_for_profiler
before_action :staging_authenticate
def staging_authenticate
if StagingAuthService.enabled? && !authenticate_with_http_basic { |username, password| StagingAuthService.authenticate(username, password) }
request_http_basic_authentication
end
end
def authorize_request_for_profiler
if administration_signed_in?
Rack::MiniProfiler.authorize_request
end
end
def default_url_options
return { protocol: 'https' } if Rails.env.staging? || Rails.env.production?
{}
end
def load_navbar_left_pannel_partial_url
controller = request.controller_class
method = params[:action]
service = RenderPartialService.new(controller, method)
@navbar_url = service.navbar
@left_pannel_url = service.left_panel
@facade_data_view = nil
end
protected
def authenticate_gestionnaire!
if gestionnaire_signed_in?
super
else
redirect_to new_user_session_path
end
end
def authenticate_administrateur!
if administrateur_signed_in?
super
else
redirect_to new_user_session_path
end
end
private
def logged_users
@logged_users ||= [
current_user,
current_gestionnaire,
current_administrateur,
current_administration
].compact
end
def logged_user_roles
roles = logged_users.map { |logged_user| logged_user.class.name }
roles.any? ? roles.join(', ') : 'Guest'
end
def logged_user_info
logged_user = logged_users.first
if logged_user
{
id: logged_user.id,
email: logged_user.email
}
end
end
def set_raven_context
context = {
ip_address: request.ip,
roles: logged_user_roles
}
context.merge!(logged_user_info || {})
Raven.user_context(context)
end
def append_info_to_payload(payload)
payload.merge!({
user_agent: request.user_agent,
current_user: logged_user_info,
current_user_roles: logged_user_roles
}.compact)
if browser.known?
payload.merge!({
browser: browser.name,
browser_version: browser.version.to_s,
platform: browser.platform.name,
})
end
end
def permit_smart_listing_params
# FIXME: remove when
# https://github.com/Sology/smart_listing/issues/134
# is fixed
self.params = params.permit(
# Dossiers
:liste,
dossiers_smart_listing:
[
:page,
:per_page,
{ sort: [:id, :'procedure.libelle', :state, :updated_at] }
],
# Gestionnaires
gestionnaires_smart_listing:
[
:page,
:per_page,
{ sort: [:email] }
],
# Procédures
procedures_smart_listing:
[
:page,
:per_page,
{ sort: [:id, :libelle, :published_at] }
]
)
# END OF FIXME
end
end