app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
include AccessHelper
# You want to get exceptions in development, but not in production.
unless Rails.application.config.consider_all_requests_local
rescue_from ActionView::MissingTemplate do |_exception|
redirect_to root_path
end
end
# forcing SSL only in the production mode
force_ssl if Rails.env.production?
helper_method :current_user, :current_user_role?
protect_from_forgery with: :exception
before_action :set_time_zone
before_action :authorize
before_action :filter_utf8
before_action :set_locale
def set_locale
I18n.locale = user_locale
end
def user_locale
# Checks whether the user is logged in, else the default locale is used
if logged_in?
# If the current user has set his preferred language, the locale is set according to their preference
if !current_user.locale.nil?
if current_user.locale != 'no_pref'
return current_user.locale
# If the user doesn't have any preference, the locale is taken from the course locale, if the current page is a course specific page or else default locale is used
elsif current_user_role? && current_user_role.student? && respond_to?(:controller_locale)
return controller_locale
end
else
return I18n.default_locale
end
end
I18n.default_locale
end
def locale_for_student
# Gets participant using student from params
participant_id = params[:id] || params[:student_id]
if !participant_id.nil?
participant = AssignmentParticipant.find_by(id: participant_id)
# If id or student_id not correct, revert to locale based on courses.
return locale_from_user_courses if participant.nil?
# Find assignment from participant and find locale from the assignment
assignment = participant.assignment
return assignment.course.locale unless assignment.course.nil? || assignment.course.locale.nil?
else
return locale_from_user_courses
end
I18n.default_locale
end
def locale_from_user_courses
# If the page is a course or assignment page with no specific student id, every course of that student is checked and if
# the language for all these course are same, the page is displayed in that language
course_participants = CourseParticipant.where(user_id: current_user.id)
course_participants_locales = course_participants.map { |cp| cp.course.locale }
# If no tasks, then possible to have no courses assigned.
if course_participants_locales.uniq.length == 1 # && !@tasks.empty?
course = course_participants.first.course
return course.locale if course.locale?
end
I18n.default_locale
end
def filter_utf8
remove_non_utf8(params)
end
def self.verify(_args); end
def current_user_role?
current_user.role.name
end
def current_role_name
current_role.try :name
end
def current_role
current_user.try :role
end
helper_method :current_user_role?
def user_for_paper_trail
session[:user].try :id if session[:user]
end
def undo_link(message)
version = Version.where('whodunnit = ?', session[:user].id).last
return unless version.try(:created_at) && Time.now.in_time_zone - version.created_at < 5.0
link_name = params[:redo] == 'true' ? 'redo' : 'undo'
message + "<a href = #{url_for(controller: :versions, action: :revert, id: version.id, redo: !params[:redo])}>#{link_name}</a>"
end
def are_needed_authorizations_present?(id, *authorizations)
participant = Participant.find_by(id: id)
return false if participant.nil?
authorization = participant.authorization
!authorizations.include?(authorization)
end
private
def current_user
@current_user ||= session[:user]
end
helper_method :current_user
def current_user_role
current_user.role
end
# rubocop:disable Lint/DuplicateMethods
alias current_user_role? current_user_role
# rubocop:enable Lint/DuplicateMethods
def logged_in?
# Recommendation: rename to ever_logged_in? because that's how this actually works
current_user
end
def set_time_zone
Time.zone = current_user.timezonepref if current_user
end
def require_user
invalid_login_status('in') unless current_user
end
def require_no_user
invalid_login_status('out') if current_user
end
def invalid_login_status(status)
flash[:notice] = "You must be logged #{status} to access this page!"
redirect_back fallback_location: root_path
end
def available?(user, owner_id)
user.id == owner_id ||
user.admin? ||
user.super_admin?
end
def record_not_found
redirect_to controller: :tree_display, action: :list
end
def remove_non_utf8(hash)
# remove non-utf8 chars from hash
hash.each_pair do |_key, value|
if value.is_a?(Hash)
remove_non_utf8(value)
elsif value.is_a?(String)
encode_opts = {
invalid: :replace,
undef: :replace,
replace: ''
}
value.encode!(Encoding.find('UTF-8'), encode_opts)
end
end
end
protected
# Use this method to validate the current user in order to avoid allowing users
# to see unauthorized data.
# Ex: return unless current_user_id?(params[:user_id])
def current_user_id?(user_id)
current_user.try(:id) == user_id
end
def denied(reason = nil)
if reason
redirect_to "/denied?reason=#{reason}"
else
redirect_to '/denied'
end
end
end