raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-24 20:36:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2b989f49eaaa1674f8a47f9fb6dc2ddeabc85a25
openfoodnetwork/app/controllers/application_controller.rb
Maikel Linke 2b989f49ea Enable iframes in development environment
2017-10-06 14:24:28 +11:00

141 lines
4.1 KiB
Ruby
Raw Blame History

require 'open_food_network/referer_parser'
class ApplicationController < ActionController::Base
protect_from_forgery
prepend_before_filter :restrict_iframes
include EnterprisesHelper
helper CssSplitter::ApplicationHelper
def redirect_to(options = {}, response_status = {})
::Rails.logger.error("Redirected by #{caller(1).first rescue "unknown"}")
super(options, response_status)
end
def set_checkout_redirect
referer_path = OpenFoodNetwork::RefererParser::path(request.referer)
if referer_path
session["spree_user_return_to"] = [main_app.checkout_path].include?(referer_path) ? referer_path : root_path
end
end
def shopfront_session
session[:safari_fix] = true
render 'shop/shopfront_session', layout: false
end
def enable_embedded_styles
session[:embedded_shopfront] = true
render json: {}, status: 200
end
def disable_embedded_styles
session.delete :embedded_shopfront
session.delete :shopfront_redirect
render json: {}, status: 200
end
protected
def after_sign_in_path_for(resource_or_scope)
return session[:shopfront_redirect] if session[:shopfront_redirect]
stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope)
end
def after_sign_out_path_for(_resource_or_scope)
session[:shopfront_redirect] ? session[:shopfront_redirect] : root_path
end
private
def restrict_iframes
response.headers['X-Frame-Options'] = 'DENY'
response.headers['Content-Security-Policy'] = "frame-ancestors 'none'"
end
def enable_embedded_shopfront
whitelist = Spree::Config[:embedded_shopfronts_whitelist]
return unless Spree::Config[:enable_embedded_shopfronts] && whitelist.present?
return if request.referer && URI(request.referer).scheme != 'https' && !Rails.env.test? && !Rails.env.development?
response.headers.delete 'X-Frame-Options'
response.headers['Content-Security-Policy'] = "frame-ancestors #{whitelist}"
check_embedded_request
set_embedded_layout
end
def check_embedded_request
return unless params[:embedded_shopfront]
# Show embedded shopfront CSS
session[:embedded_shopfront] = true
# Get shopfront slug and set redirect path
if params[:controller] == 'enterprises' && params[:action] == 'shop' && params[:id]
slug = params[:id]
session[:shopfront_redirect] = '/' + slug + '/shop?embedded_shopfront=true'
end
end
def set_embedded_layout
return unless session[:embedded_shopfront]
@shopfront_layout = 'embedded'
end
def action
params[:action].to_sym
end
def require_distributor_chosen
unless @distributor = current_distributor
redirect_to spree.root_path
false
end
end
def require_order_cycle
unless current_order_cycle
redirect_to main_app.shop_path
end
end
def check_hub_ready_for_checkout
# This condition is more rigourous than required by development to avoid coupling this
# condition to every controller spec
if current_distributor && current_order &&
current_distributor.respond_to?(:ready_for_checkout?) &&
!current_distributor.ready_for_checkout?
current_order.empty!
current_order.set_distribution! nil, nil
flash[:info] = "The hub you have selected is temporarily closed for orders. Please try again later."
redirect_to root_url
end
end
def check_order_cycle_expiry
if current_order_cycle.andand.closed?
session[:expired_order_cycle_id] = current_order_cycle.id
current_order.empty!
current_order.set_order_cycle! nil
flash[:info] = "The order cycle you've selected has just closed. Please try again!"
redirect_to root_url
end
end
# All render calls within the block will be performed with the specified format
# Useful for rendering html within a JSON response, particularly if the specified
# template or partial then goes on to render further partials without specifying
# their format.
def with_format(format, &block)
old_formats = formats
self.formats = [format]
block.call
self.formats = old_formats
nil
end
end
Reference in New Issue View Git Blame Copy Permalink