application_controller.rb 3.11 KB
Newer Older
gitlabhq's avatar
gitlabhq committed
1 2
class ApplicationController < ActionController::Base
  before_filter :authenticate_user!
3
  before_filter :reject_blocked!
4
  before_filter :set_current_user_for_observers
randx's avatar
randx committed
5
  before_filter :dev_tools if Rails.env == 'development'
6

gitlabhq's avatar
gitlabhq committed
7
  protect_from_forgery
8

gitlabhq's avatar
gitlabhq committed
9 10
  helper_method :abilities, :can?

11
  rescue_from Gitlab::Gitolite::AccessDenied do |exception|
Riyad Preukschas's avatar
Riyad Preukschas committed
12
    log_exception(exception)
Cyril's avatar
Cyril committed
13
    render "errors/gitolite", layout: "errors", status: 500
14 15
  end

16
  rescue_from Encoding::CompatibilityError do |exception|
Riyad Preukschas's avatar
Riyad Preukschas committed
17
    log_exception(exception)
Cyril's avatar
Cyril committed
18
    render "errors/encoding", layout: "errors", status: 500
19 20
  end

21
  rescue_from ActiveRecord::RecordNotFound do |exception|
Riyad Preukschas's avatar
Riyad Preukschas committed
22
    log_exception(exception)
Cyril's avatar
Cyril committed
23
    render "errors/not_found", layout: "errors", status: 404
gitlabhq's avatar
gitlabhq committed
24 25
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
26
  protected
gitlabhq's avatar
gitlabhq committed
27

Riyad Preukschas's avatar
Riyad Preukschas committed
28 29 30 31 32 33
  def log_exception(exception)
    application_trace = ActionDispatch::ExceptionWrapper.new(env, exception).application_trace
    application_trace.map!{ |t| "  #{t}\n" }
    logger.error "\n#{exception.class.name} (#{exception.message}):\n#{application_trace.join}"
  end

34 35
  def reject_blocked!
    if current_user && current_user.blocked
36
      sign_out current_user
37 38 39 40 41
      flash[:alert] = "Your account was blocked"
      redirect_to new_user_session_path
    end
  end

randx's avatar
randx committed
42 43 44 45 46 47 48 49 50 51
  def after_sign_in_path_for resource
    if resource.is_a?(User) && resource.respond_to?(:blocked) && resource.blocked
      sign_out resource
      flash[:alert] = "Your account was blocked"
      new_user_session_path
    else
      super
    end
  end

52
  def set_current_user_for_observers
53
    MergeRequestObserver.current_user = current_user
54 55 56
    IssueObserver.current_user = current_user
  end

gitlabhq's avatar
gitlabhq committed
57 58 59 60 61 62 63 64
  def abilities
    @abilities ||= Six.new
  end

  def can?(object, action, subject)
    abilities.allowed?(object, action, subject)
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
65
  def project
66 67 68 69
    id = params[:project_id] || params[:id]
    id = id.split("/") if id.include?("/")

    @project ||= current_user.projects.find_by_code(id)
70
    @project || render_404
gitlabhq's avatar
gitlabhq committed
71 72 73 74 75 76 77
  end

  def add_project_abilities
    abilities << Ability
  end

  def authorize_project!(action)
78
    return access_denied! unless can?(current_user, action, project)
gitlabhq's avatar
gitlabhq committed
79 80
  end

81
  def authorize_code_access!
82
    return access_denied! unless can?(current_user, :download_code, project)
83 84
  end

gitlabhq's avatar
gitlabhq committed
85
  def access_denied!
Cyril's avatar
Cyril committed
86
    render "errors/access_denied", layout: "errors", status: 404
87 88 89
  end

  def not_found!
Cyril's avatar
Cyril committed
90
    render "errors/not_found", layout: "errors", status: 404
91 92 93
  end

  def git_not_found!
Cyril's avatar
Cyril committed
94
    render "errors/git_not_found", layout: "errors", status: 404
gitlabhq's avatar
gitlabhq committed
95 96 97 98 99 100 101 102 103
  end

  def method_missing(method_sym, *arguments, &block)
    if method_sym.to_s =~ /^authorize_(.*)!$/
      authorize_project!($1.to_sym)
    else
      super
    end
  end
gitlabhq's avatar
gitlabhq committed
104

105
  def render_404
106
    render file: Rails.root.join("public", "404"), layout: false, status: "404"
gitlabhq's avatar
gitlabhq committed
107
  end
gitlabhq's avatar
gitlabhq committed
108 109

  def require_non_empty_project
110
    redirect_to @project if @project.empty_repo?
gitlabhq's avatar
gitlabhq committed
111
  end
112

113 114 115 116 117
  def no_cache_headers
    response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
    response.headers["Pragma"] = "no-cache"
    response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
  end
118

randx's avatar
randx committed
119 120 121
  def dev_tools
    Rack::MiniProfiler.authorize_request
  end
gitlabhq's avatar
gitlabhq committed
122
end