Class: ApplicationController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• ApplicationController

Defined in:

frontend/app/controllers/application_controller.rb,
public/app/controllers/application_controller.rb

Direct Known Subclasses

AccessionsController, AgentsController, ArchivalObjectsController, ArkNameController, ArkUpdateController, AssessmentAttributesController, AssessmentsController, BatchDeleteController, BatchMergeController, BulkArchivalObjectUpdaterController, BulkImportController, BulkImportTemplatesController, CiteController, ClassificationTermsController, ClassificationsController, CollectionManagementController, CollectionManagementRecordsController, ContainerProfilesController, ContainersController, CustomReportTemplatesController, DateCalculatorController, DigitalObjectComponentsController, DigitalObjectsController, EnumerationsController, EventsController, ExportsController, ExtentCalculatorController, GroupsController, IndexController, JobsController, LocalesController, LocationProfilesController, LocationsController, OaiConfigController, ObjectsController, PdfController, PreferencesController, RdeTemplatesController, RepositoriesController, RequestsController, ResolverController, ResourcesController, SearchController, SessionController, SpaceCalculatorController, SubjectsController, SystemInfoController, TestsController, TopContainersController, UpdateMonitorController, UsersController, UtilsController, WelcomeController

Class Method Summary

• .can_access?(context, method) ⇒ Boolean
• .permission_mappings ⇒ Object
• .session_can?(context, permission, repository = nil) ⇒ Boolean
• .session_repo(session, repo, repo_slug = nil) ⇒ Object

  ANW-617: To generate public URLs correctly in the show pages for various entities, we need access to the repository slug.

• .set_access_control(permission_mappings) ⇒ Object
• .user_preferences(session) ⇒ Object

Instance Method Summary

• #archivesspace ⇒ Object

Class Method Details

.can_access?(context, method) ⇒ Boolean

Returns:

• (Boolean)

# File 'frontend/app/controllers/application_controller.rb', line 44

def self.can_access?(context, method)
  permission_mappings.each do |permission, actions|
    if actions.include?(method) && !session_can?(context, permission)
      return false
    end
  end

  return true
end

.permission_mappings ⇒ Object

# File 'frontend/app/controllers/application_controller.rb', line 40

def self.permission_mappings
  Array(@permission_mappings)
end

.session_can?(context, permission, repository = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'frontend/app/controllers/application_controller.rb', line 375

def self.session_can?(context, permission, repository = nil)
  repository ||= context.session[:repo]

  return false if !context.session || !context.session[:user]

  permissions_s = context.send(:cookies).signed[:archivesspace_permissions]

  if permissions_s
    # Putting this check in for backwards compatibility with the uncompressed
    # cookies.  This can be removed at a future point once everyone's running
    # with compressed cookies.
    json = if permissions_s.start_with?('ZLIB:')
             Zlib::Inflate.inflate(permissions_s[5..-1])
           else
             permissions_s
           end

    permissions = ASUtils.json_parse(json)
  else
    return false
  end

  (Permissions.user_can?(permissions, repository, permission) ||
   Permissions.user_can?(permissions, ASConstants::Repository.GLOBAL, permission))
end

.session_repo(session, repo, repo_slug = nil) ⇒ Object

ANW-617: To generate public URLs correctly in the show pages for various entities, we need access to the repository slug. Since the JSON objects for these does not have this info, we load it into the session along with other repo data when a repo is selected for convienience.

# File 'frontend/app/controllers/application_controller.rb', line 340

def self.session_repo(session, repo, repo_slug = nil)
  session[:repo] = repo
  session[:repo_id] = JSONModel(:repository).id_for(repo)

  # if the slug has been passed in, we don't need to do a DB lookup.
  # if not, we go get it so links are generated correctly after login.
  if repo_slug
    session[:repo_slug] = repo_slug
  else
    full_repo_json = JSONModel(:repository).find(session[:repo_id])
    session[:repo_slug] = full_repo_json[:slug]
  end

  self.user_preferences(session)
end

.set_access_control(permission_mappings) ⇒ Object

# File 'frontend/app/controllers/application_controller.rb', line 55

def self.set_access_control(permission_mappings)
  @permission_mappings = permission_mappings

  skip_before_action :unauthorised_access, :only => Array(permission_mappings.values).flatten.uniq

  permission_mappings.each do |permission, actions|
    next if permission === :public

    before_action(:only => Array(actions)) {|c| user_must_have(permission)}
  end
end

.user_preferences(session) ⇒ Object

# File 'frontend/app/controllers/application_controller.rb', line 357

def self.user_preferences(session)
  session[:last_preference_refresh] = Time.now.to_i
  prefs = if session[:repo_id]
            JSONModel::HTTP::get_json("/repositories/#{session[:repo_id]}/current_preferences")['defaults']
          else
            JSONModel::HTTP::get_json("/current_global_preferences")['defaults']
          end
  session[:preferences] = prefs.reject { |k, _v|
    k.include? 'browse_column' or k.include? 'sort_column' or k.include? 'sort_direction'} if prefs
end

Instance Method Details

#archivesspace ⇒ Object

# File 'public/app/controllers/application_controller.rb', line 42

def archivesspace
  ArchivesSpaceClient.instance
end