2024-05-25 06:47:25 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2022-04-06 14:46:10 -04:00
|
|
|
class ApplicationController < ActionController::Base
|
2023-02-03 09:42:56 -05:00
|
|
|
include Pundit::Authorization
|
2024-05-25 06:47:25 -04:00
|
|
|
|
2025-09-13 05:58:50 -04:00
|
|
|
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
|
|
|
|
|
2025-09-21 07:51:26 -04:00
|
|
|
before_action :unread_notifications, :set_self_hosted_status, :store_client_header
|
2024-07-04 16:20:12 -04:00
|
|
|
|
2024-05-25 06:47:25 -04:00
|
|
|
protected
|
|
|
|
|
|
2024-07-04 16:20:12 -04:00
|
|
|
def unread_notifications
|
|
|
|
|
return [] unless current_user
|
|
|
|
|
|
|
|
|
|
@unread_notifications ||= Notification.where(user: current_user).unread
|
|
|
|
|
end
|
|
|
|
|
|
2024-07-16 16:26:16 -04:00
|
|
|
def authenticate_admin!
|
2024-11-08 11:56:14 -05:00
|
|
|
return if current_user&.admin?
|
2024-07-09 14:28:59 -04:00
|
|
|
|
2025-09-13 05:58:50 -04:00
|
|
|
user_not_authorized
|
2024-07-09 14:28:59 -04:00
|
|
|
end
|
2025-01-15 15:52:59 -05:00
|
|
|
|
|
|
|
|
def authenticate_self_hosted!
|
|
|
|
|
return if DawarichSettings.self_hosted?
|
|
|
|
|
|
2025-09-13 05:58:50 -04:00
|
|
|
user_not_authorized
|
2025-01-15 15:52:59 -05:00
|
|
|
end
|
2025-02-15 10:48:03 -05:00
|
|
|
|
2025-02-19 15:23:11 -05:00
|
|
|
def authenticate_active_user!
|
2025-04-04 15:12:42 -04:00
|
|
|
return if current_user&.active_until&.future?
|
2025-02-19 15:23:11 -05:00
|
|
|
|
|
|
|
|
redirect_to root_path, notice: 'Your account is not active.', status: :see_other
|
|
|
|
|
end
|
|
|
|
|
|
2025-04-04 16:16:52 -04:00
|
|
|
def authenticate_non_self_hosted!
|
|
|
|
|
return unless DawarichSettings.self_hosted?
|
|
|
|
|
|
2025-09-13 05:58:50 -04:00
|
|
|
user_not_authorized
|
2025-04-04 16:16:52 -04:00
|
|
|
end
|
|
|
|
|
|
2025-09-21 06:46:59 -04:00
|
|
|
def after_sign_in_path_for(resource)
|
2025-09-21 07:51:26 -04:00
|
|
|
client_type = request.headers['X-Dawarich-Client'] || session[:dawarich_client]
|
2025-09-21 06:46:59 -04:00
|
|
|
|
2025-09-21 07:51:26 -04:00
|
|
|
case client_type
|
2025-09-21 06:46:59 -04:00
|
|
|
when 'ios'
|
2025-09-21 07:51:26 -04:00
|
|
|
payload = { api_key: resource.api_key, exp: 5.minutes.from_now.to_i }
|
|
|
|
|
|
|
|
|
|
token = Subscription::EncodeJwtToken.new(
|
|
|
|
|
payload, ENV['AUTH_JWT_SECRET_KEY']
|
|
|
|
|
).call
|
|
|
|
|
|
2025-09-21 06:46:59 -04:00
|
|
|
ios_success_path(token:)
|
|
|
|
|
else
|
|
|
|
|
super
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2025-10-04 17:19:00 -04:00
|
|
|
def ensure_family_feature_enabled!
|
|
|
|
|
return if DawarichSettings.family_feature_enabled?
|
|
|
|
|
|
|
|
|
|
render json: { error: 'Family feature is not enabled' }, status: :forbidden
|
|
|
|
|
end
|
|
|
|
|
|
2025-02-15 10:48:03 -05:00
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def set_self_hosted_status
|
|
|
|
|
@self_hosted = DawarichSettings.self_hosted?
|
|
|
|
|
end
|
2025-09-13 05:58:50 -04:00
|
|
|
|
2025-09-21 07:51:26 -04:00
|
|
|
def store_client_header
|
|
|
|
|
return unless request.headers['X-Dawarich-Client']
|
|
|
|
|
|
|
|
|
|
session[:dawarich_client] = request.headers['X-Dawarich-Client']
|
|
|
|
|
end
|
|
|
|
|
|
2025-09-13 05:58:50 -04:00
|
|
|
def user_not_authorized
|
2025-10-22 14:39:02 -04:00
|
|
|
redirect_back fallback_location: root_path,
|
|
|
|
|
alert: 'You are not authorized to perform this action.',
|
|
|
|
|
status: :see_other
|
2025-09-13 05:58:50 -04:00
|
|
|
end
|
2022-04-06 14:46:10 -04:00
|
|
|
end
|
