chinwagsocial/app/controllers/application_controller.rb

# frozen_string_literal: true

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  force_ssl if: "Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'"

  include Localized

  helper_method :current_account
  helper_method :single_user_mode?

  rescue_from ActionController::RoutingError, with: :not_found
  rescue_from ActiveRecord::RecordNotFound, with: :not_found
  rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity

  before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
  before_action :set_user_activity
  before_action :check_suspension, if: :user_signed_in?

  def raise_not_found
    raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"
  end

  private

  def store_current_location
    store_location_for(:user, request.url)
  end

  def require_admin!
    redirect_to root_path unless current_user&.admin?
  end

  def set_user_activity
    return unless !current_user.nil? && (current_user.current_sign_in_at.nil? || current_user.current_sign_in_at < 24.hours.ago)

    # Mark user as signed-in today
    current_user.update_tracked_fields(request)

    # If the sign in is after a two week break, we need to regenerate their feed
    RegenerationWorker.perform_async(current_user.account_id) if current_user.last_sign_in_at < 14.days.ago
  end

  def check_suspension
    head 403 if current_user.account.suspended?
  end

  protected

  def not_found
    respond_to do |format|
      format.any  { head 404 }
      format.html { render 'errors/404', layout: 'error', status: 404 }
    end
  end

  def gone
    respond_to do |format|
      format.any  { head 410 }
      format.html { render 'errors/410', layout: 'error', status: 410 }
    end
  end

  def unprocessable_entity
    respond_to do |format|
      format.any  { head 422 }
      format.html { render 'errors/422', layout: 'error', status: 422 }
    end
  end

  def single_user_mode?
    @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.first
  end

  def current_account
    @current_account ||= current_user.try(:account)
  end

  def cache_collection(raw, klass)
    return raw unless klass.respond_to?(:with_includes)

    raw                    = raw.cache_ids.to_a if raw.is_a?(ActiveRecord::Relation)
    uncached_ids           = []
    cached_keys_with_value = Rails.cache.read_multi(*raw.map(&:cache_key))

    raw.each do |item|
      uncached_ids << item.id unless cached_keys_with_value.key?(item.cache_key)
    end

    klass.reload_stale_associations!(cached_keys_with_value.values) if klass.respond_to?(:reload_stale_associations!)

    unless uncached_ids.empty?
      uncached = klass.where(id: uncached_ids).with_includes.map { |item| [item.id, item] }.to_h

      uncached.values.each do |item|
        Rails.cache.write(item.cache_key, item)
      end
    end

    raw.map { |item| cached_keys_with_value[item.cache_key] || uncached[item.id] }.compact
  end
end
Fix rubocop issues, introduce usage of frozen literal to improve performance 2016-11-16 02:56:29 +11:00			`# frozen_string_literal: true`

Initial commit 2016-02-21 08:53:20 +11:00			`class ApplicationController < ActionController::Base`
			`# Prevent CSRF attacks by raising an exception.`
			`# For APIs, you may want to use :null_session instead.`
			`protect_from_forgery with: :exception`
Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding admin status to users 2016-03-26 00:12:24 +11:00
Fixing more configuration issues with ActionCable 2016-08-19 02:39:35 +10:00			`force_ssl if: "Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'"`
Fix for force SSL issue with websockets 2016-08-19 01:48:57 +10:00
Fix #1165 - before_action was called before protect_from_forgery 2017-04-08 10:30:50 +10:00			`include Localized`
Make file attachment on MediaAttachment optional (#1865) Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true Clean up old media files when creating a new domain block with reject_media set to true Return remote_url in media attachments API if local file is not present Undo domain block action in admin UI Ability to enable reject_media from admin UI 2017-04-16 20:51:30 +10:00
			`helper_method :current_account`
			`helper_method :single_user_mode?`
Adding React.js, Redux, revamping dashboard 2016-08-25 01:56:44 +10:00
Fix local follows, 404 in logs 2016-09-08 10:40:51 +10:00			`rescue_from ActionController::RoutingError, with: :not_found`
			`rescue_from ActiveRecord::RecordNotFound, with: :not_found`
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-15 10:30:23 +11:00			`rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity`
Fix local follows, 404 in logs 2016-09-08 10:40:51 +10:00
Fix sign-in redirecting "back" to a missing image because missing static files hit the raise_not_found method 2016-10-07 00:42:00 +11:00			`before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?`
Make User#current_sign_in_at actually track when user was last active, by updating it at least every 24h if the user visits the site 2016-12-01 01:17:03 +11:00			`before_action :set_user_activity`
Add filters for suspended accounts 2016-12-07 04:03:30 +11:00			`before_action :check_suspension, if: :user_signed_in?`
Redirect after sign in to previous page (unless it's a sign in/up/etc page) 2016-10-03 02:11:08 +11:00
Fix local follows, 404 in logs 2016-09-08 10:40:51 +10:00			`def raise_not_found`
Improve code style 2016-09-30 05:28:21 +10:00			`raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"`
Fix local follows, 404 in logs 2016-09-08 10:40:51 +10:00			`end`

Redirect after sign in to previous page (unless it's a sign in/up/etc page) 2016-10-03 02:11:08 +11:00			`private`

			`def store_current_location`
			`store_location_for(:user, request.url)`
			`end`

Add simple admin overview of PuSH subscriptions 2016-11-29 04:45:13 +11:00			`def require_admin!`
			`redirect_to root_path unless current_user&.admin?`
			`end`

Make User#current_sign_in_at actually track when user was last active, by updating it at least every 24h if the user visits the site 2016-12-01 01:17:03 +11:00			`def set_user_activity`
Only call regeneration worker after first login after a 14 day break 2017-04-04 10:00:10 +10:00			`return unless !current_user.nil? && (current_user.current_sign_in_at.nil? \|\| current_user.current_sign_in_at < 24.hours.ago)`

			`# Mark user as signed-in today`
			`current_user.update_tracked_fields(request)`

			`# If the sign in is after a two week break, we need to regenerate their feed`
			`RegenerationWorker.perform_async(current_user.account_id) if current_user.last_sign_in_at < 14.days.ago`
Make User#current_sign_in_at actually track when user was last active, by updating it at least every 24h if the user visits the site 2016-12-01 01:17:03 +11:00			`end`

Add filters for suspended accounts 2016-12-07 04:03:30 +11:00			`def check_suspension`
			`head 403 if current_user.account.suspended?`
			`end`

Fix tests 2016-08-19 01:13:41 +10:00			`protected`

Fix local follows, 404 in logs 2016-09-08 10:40:51 +10:00			`def not_found`
			`respond_to do \|format\|`
Fix #86 - resolve layout breaking on zoom-out on accounts grid 2016-12-27 04:48:33 +11:00			`format.any { head 404 }`
Fix wrong HTTP status codes on error pages 2017-03-20 06:03:28 +11:00			`format.html { render 'errors/404', layout: 'error', status: 404 }`
Fix local follows, 404 in logs 2016-09-08 10:40:51 +10:00			`end`
			`end`

Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful 2016-10-05 22:26:44 +11:00			`def gone`
			`respond_to do \|format\|`
Fix #86 - resolve layout breaking on zoom-out on accounts grid 2016-12-27 04:48:33 +11:00			`format.any { head 410 }`
Fix wrong HTTP status codes on error pages 2017-03-20 06:03:28 +11:00			`format.html { render 'errors/410', layout: 'error', status: 410 }`
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-15 10:30:23 +11:00			`end`
			`end`

			`def unprocessable_entity`
			`respond_to do \|format\|`
			`format.any { head 422 }`
Fix wrong HTTP status codes on error pages 2017-03-20 06:03:28 +11:00			`format.html { render 'errors/422', layout: 'error', status: 422 }`
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful 2016-10-05 22:26:44 +11:00			`end`
			`end`

Give SINGLE_USER a chance to register (#1820) An attempt to open a brand new Mastodon instance configured as SINGLE_USER_MODE=true will cause an exception. Enable temporary registration if we have no users in the database Fixes #1817 2017-04-16 00:46:27 +10:00			`def single_user_mode?`
			`@single_user_mode \|\|= Rails.configuration.x.single_user_mode && Account.first`
			`end`

Fix tests 2016-08-19 01:13:41 +10:00			`def current_account`
Rename "publish" to "toot" in english locale, fix lightbox showing old image before loading new one, cache notifications API, fix missing follow button on public profiles 2016-11-23 19:20:34 +11:00			`@current_account \|\|= current_user.try(:account)`
Fix tests 2016-08-19 01:13:41 +10:00			`end`
Unify collection caching code 2016-11-30 01:49:39 +11:00
			`def cache_collection(raw, klass)`
Further abstract caching for includes 2016-12-01 01:57:56 +11:00			`return raw unless klass.respond_to?(:with_includes)`

Fix #248 - Reload all accounts when fetching from cache 2016-12-04 04:21:26 +11:00			`raw = raw.cache_ids.to_a if raw.is_a?(ActiveRecord::Relation)`
Unify collection caching code 2016-11-30 01:49:39 +11:00			`uncached_ids = []`
			`cached_keys_with_value = Rails.cache.read_multi(*raw.map(&:cache_key))`

			`raw.each do \|item\|`
			`uncached_ids << item.id unless cached_keys_with_value.key?(item.cache_key)`
			`end`

Fix #248 - Reload all accounts when fetching from cache 2016-12-04 04:21:26 +11:00			`klass.reload_stale_associations!(cached_keys_with_value.values) if klass.respond_to?(:reload_stale_associations!)`

Unify collection caching code 2016-11-30 01:49:39 +11:00			`unless uncached_ids.empty?`
			`uncached = klass.where(id: uncached_ids).with_includes.map { \|item\| [item.id, item] }.to_h`

			`uncached.values.each do \|item\|`
			`Rails.cache.write(item.cache_key, item)`
			`end`
			`end`

			`raw.map { \|item\| cached_keys_with_value[item.cache_key] \|\| uncached[item.id] }.compact`
			`end`
Initial commit 2016-02-21 08:53:20 +11:00			`end`