Merge branch 'master' into next
[shapado:shapado.git] / lib / shapado / controllers / access.rb
1 module Shapado
2   module Controllers
3     module Access
4       def self.included(base)
5         base.class_eval do
6           helper_method :logged_in?
7         end
8       end
9
10       def logged_in?
11         user_signed_in?
12       end
13
14       def check_group_access
15         if ((!current_group.registered_only || is_bot?) && !current_group.private) || devise_controller? || (params[:controller] == "users" && action_name == "new" )
16           return
17         end
18
19         if logged_in?
20           if !current_user.user_of?(@current_group)
21 #             if cookie = cookie[:accept_invitation] FIXME
22 #               current_user.accept_invitation(cookie)
23 #             end
24             raise Goalie::Forbidden
25           end
26         else
27           respond_to do |format|
28             format.json { render :json => {:message => "Permission denied" }}
29             format.html { redirect_to new_user_session_path }
30           end
31         end
32       end
33
34       def admin_required
35         unless current_user.admin?
36           raise Goalie::Forbidden
37         end
38       end
39
40       def moderator_required
41         unless current_user.mod_of?(current_group)
42           raise Goalie::Forbidden
43         end
44       end
45
46       def owner_required
47         unless current_user.owner_of?(current_group)
48           raise Goalie::Forbidden
49         end
50       end
51
52       def login_required
53         respond_to do |format|
54           format.js do
55             if warden.authenticate(:scope => :user).nil?
56               return render(:json => {:message => t("global.please_login"),
57                                                 :success => false,
58                                                 :status => :unauthenticate}.to_json)
59             end
60           end
61           format.any { warden.authenticate!(:scope => :user) }
62         end
63       end
64
65       def after_sign_in_path_for(resource)
66         if current_user.admin?
67           Jobs::Activities.async.on_admin_connect(request.remote_ip, current_user.id).commit!
68         end
69         current_user.check_social_friends
70         # check if cookie pp is set
71         # if true this means user logged in through popup
72         if cookies["pp"]
73           cookies.delete :pp
74           '/close_popup.html'
75         else
76           cookies.delete :pp
77           if return_to = stored_location_for(:user)
78             return_to
79           else
80             super
81           end
82         end
83       end
84     end
85   end
86 end