Merge remote-tracking branch 'origin/invitations' into next
[shapado:shapado.git] / lib / shapado / controllers / access.rb
1 module Shapado
2   module Controllers
3     module Access
4       def self.included(base)
5         base.class_eval do
6           helper_method :logged_in?
7         end
8       end
9
10       def logged_in?
11         user_signed_in?
12       end
13
14       def check_group_access
15         if ((!current_group.registered_only || is_bot?) && !current_group.private) || devise_controller? || (params[:controller] == "users" && action_name == "new" )
16           return
17         end
18
19         if logged_in?
20           if !current_user.user_of?(@current_group)
21             if cookie = cookie[:accept_invitation]
22               current_user.accept_invitation(cookie)
23             end
24             raise Goalie::Forbidden
25           end
26         else
27           respond_to do |format|
28             format.json { render :json => {:message => "Permission denied" }}
29             format.html { redirect_to new_user_session_path }
30           end
31         end
32       end
33
34       def admin_required
35         unless current_user.admin?
36           raise Goalie::Forbidden
37         end
38       end
39
40       def moderator_required
41         unless current_user.mod_of?(current_group)
42           raise Goalie::Forbidden
43         end
44       end
45
46       def owner_required
47         unless current_user.owner_of?(current_group)
48           raise Goalie::Forbidden
49         end
50       end
51
52       def login_required
53         respond_to do |format|
54           format.js do
55             if warden.authenticate(:scope => :user).nil?
56               return render(:json => {:message => t("global.please_login"),
57                                                 :success => false,
58                                                 :status => :unauthenticate}.to_json)
59             end
60           end
61           format.any { warden.authenticate!(:scope => :user) }
62         end
63       end
64
65       def after_sign_in_path_for(resource)
66         if current_user.admin?
67           Jobs::Activities.async.on_admin_connect(request.remote_ip, current_user.id).commit!
68         end
69         if current_user.facebook_login? && current_user.facebook_friends.empty?
70           Jobs::Users.async.get_facebook_friends(current_user.id).commit!
71         end
72         if current_user.twitter_login? && current_user.twitter_friends.empty?
73           Jobs::Users.async.get_twitter_friends(current_user.id).commit!
74         end
75         if current_user.identica_login? && current_user.identica_friends.empty?
76           Jobs::Users.async.get_identica_friends(current_user.id).commit!
77         end
78         if current_user.linked_in_login? && current_user.linked_in_friends.empty?
79           Jobs::Users.async.get_linked_in_friends(current_user.id).commit!
80         end
81         '/close_popup'
82         #return
83         #if return_to = session.delete("return_to")
84         #  return_to
85         #else
86         #  super
87         #end
88       end
89     end
90   end
91 end