metamaps--metamaps/app/controllers/application_controller.rb

73 lines
1.7 KiB
Ruby
Raw Normal View History

2012-09-23 02:39:12 +00:00
class ApplicationController < ActionController::Base
protect_from_forgery
2015-11-03 14:22:53 +00:00
before_filter :get_invite_link
2015-12-22 18:16:03 +00:00
# this is for global login
include ContentHelper
2015-12-22 18:16:03 +00:00
2012-09-23 02:39:12 +00:00
helper_method :user
helper_method :authenticated?
helper_method :admin?
2015-12-22 18:16:03 +00:00
2014-10-07 21:46:09 +00:00
def after_sign_in_path_for(resource)
2015-12-20 10:36:57 +00:00
unsafe_uri = request.env["REQUEST_URI"]
2015-12-21 13:38:02 +00:00
if unsafe_uri.starts_with?('http') && !unsafe_uri.starts_with?('https')
2015-12-20 10:36:57 +00:00
protocol = 'http'
else
protocol = 'https'
end
sign_in_url = url_for(:action => 'new', :controller => 'sessions', :only_path => false, :protocol => protocol)
2014-10-07 21:46:09 +00:00
if request.referer == sign_in_url
super
elsif params[:uv_login] == "1"
"http://support.metamaps.cc/login_success?sso=" + current_sso_token
2014-10-07 21:46:09 +00:00
else
stored_location_for(resource) || request.referer || root_path
end
end
2015-12-22 18:16:03 +00:00
2012-09-23 02:39:12 +00:00
private
def require_no_user
if authenticated?
redirect_to edit_user_path(user), notice: "You must be logged out."
2012-09-23 02:39:12 +00:00
return false
end
end
2015-12-22 18:16:03 +00:00
2012-09-23 02:39:12 +00:00
def require_user
unless authenticated?
redirect_to new_user_session_path, notice: "You must be logged in."
2012-09-23 02:39:12 +00:00
return false
end
end
2015-12-22 18:16:03 +00:00
def require_admin
unless authenticated? && admin?
redirect_to root_url, notice: "You need to be an admin for that."
return false
end
end
2015-12-22 18:16:03 +00:00
2012-09-23 02:39:12 +00:00
def user
current_user
end
2015-12-22 18:16:03 +00:00
2012-09-23 02:39:12 +00:00
def authenticated?
current_user
end
2015-12-22 18:16:03 +00:00
def admin?
current_user && current_user.admin
end
2015-11-03 14:22:53 +00:00
def get_invite_link
unsafe_uri = request.env["REQUEST_URI"]
valid_url = /^https?:\/\/([\w\.-]+)(:\d{1,5})?\/?$/
2015-12-20 10:36:57 +00:00
safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "//metamaps.cc/"
2015-11-04 05:14:14 +00:00
@invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "")
2015-11-03 14:22:53 +00:00
end
2012-09-23 02:39:12 +00:00
end