app/controllers/application_controller.rb

require 'uri'

class ApplicationController < ActionController::Base
  include ApplicationHelper
  include Pundit::Authorization

  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized

  before_action :configure_devise_permitted_parameters, if: :devise_controller?
  before_action :check_tenant_is_private, if: :should_check_tenant_is_private?
  
  prepend_before_action :load_tenant_data

  # Override Devise after sign in path
  def after_sign_in_path_for(resource)
    if resource.admin? && resource.sign_in_count == 1
      root_path(tour: true)
    else
      super
    end
  end

  # Override Devise after sign out path
  def after_sign_out_path_for(resource_or_scope)
    if Current.tenant.tenant_setting.is_private
      new_user_session_path
    else
      super
    end
  end

  protected

    def configure_devise_permitted_parameters
      additional_permitted_parameters = [:full_name, :notifications_enabled, :invitation_token]

      devise_parameter_sanitizer.permit(:sign_up, keys: additional_permitted_parameters)
      devise_parameter_sanitizer.permit(:account_update, keys: additional_permitted_parameters)
    end

    def load_tenant_data
      # Set default locale
      I18n.locale = I18n.default_locale

      current_tenant = get_tenant_from_request(request)
      return unless current_tenant

      if current_tenant.status == "pending" and controller_name != "confirmation" and action_name != "show"
        redirect_to pending_tenant_path; return
      end

      if current_tenant.status == "blocked"
        redirect_to blocked_tenant_path; return
      end

      Current.tenant = current_tenant

      # Load tenant data
      @tenant = Current.tenant_or_raise!
      @tenant_setting = TenantSetting.first_or_create
      @tenant_billing = TenantBilling.first_or_create
      @boards = Board.select(:id, :name, :slug).order(order: :asc)

      # Set tenant locale
      I18n.locale = @tenant.locale
    end

    def load_oauths
      @o_auths = OAuth
        .include_defaults
        .where(is_enabled: true)
        .order(created_at: :asc)
    end

    def check_tenant_subscription
      return if Current.tenant.tenant_billing.has_active_subscription?

      render json: {
        error: 'Your subscription has expired. Please renew it to continue using the service.'
      }, status: :forbidden
    end

    def check_tenant_is_private
      return unless Current.tenant.tenant_setting.is_private
      return if user_signed_in?

      flash[:alert] = t('errors.not_logged_in')
      redirect_to new_user_session_path
    end

  private

    def user_not_authorized
      logger.error { "User not authorized: #{user_signed_in? ? current_user.inspect : 'unlogged user'}" }

      render json: {
        error: t('errors.unauthorized')
      }, status: :unauthorized
    end

    def should_check_tenant_is_private?
      controller_name == 'posts' ||
      controller_name == 'boards' ||
      controller_name == 'comments' ||
      (controller_name == 'static_pages' && action_name == 'root') ||
      (controller_name == 'static_pages' && action_name == 'roadmap')
    end
end
Add custom domains (#314) 2024-03-24 12:54:02 +01:00			`require 'uri'`

Setup Rails project and dockerize 2019-08-18 14:51:37 +02:00			`class ApplicationController < ActionController::Base`
Add custom domains (#314) 2024-03-24 12:54:02 +01:00			`include ApplicationHelper`
Improve rails controllers (#118) 2022-06-10 12:03:33 +02:00			`include Pundit::Authorization`

			`rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized`

Add invitation system (#398) 2024-09-06 20:27:15 +02:00			`before_action :configure_devise_permitted_parameters, if: :devise_controller?`
Add private feedback space setting (#392) 2024-08-29 22:14:04 +02:00			`before_action :check_tenant_is_private, if: :should_check_tenant_is_private?`

Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00			`prepend_before_action :load_tenant_data`
Add full name to users 2019-08-19 15:45:44 +02:00
Add tour and other improvements (#348) * Add tour * Add instructions to set password for OAuth users * Tenant signup improvement * Fix bug on user soft delete * Slighlty darken background color * Add a stronger confirmation for board deletion 2024-05-21 19:10:18 +02:00			`# Override Devise after sign in path`
			`def after_sign_in_path_for(resource)`
			`if resource.admin? && resource.sign_in_count == 1`
			`root_path(tour: true)`
			`else`
			`super`
			`end`
			`end`

Add private feedback space setting (#392) 2024-08-29 22:14:04 +02:00			`# Override Devise after sign out path`
			`def after_sign_out_path_for(resource_or_scope)`
			`if Current.tenant.tenant_setting.is_private`
			`new_user_session_path`
			`else`
			`super`
			`end`
			`end`

Add full name to users 2019-08-19 15:45:44 +02:00			`protected`

Add invitation system (#398) 2024-09-06 20:27:15 +02:00			`def configure_devise_permitted_parameters`
			`additional_permitted_parameters = [:full_name, :notifications_enabled, :invitation_token]`
Add users management to site settings (#126) 2022-06-24 14:39:35 +02:00
			`devise_parameter_sanitizer.permit(:sign_up, keys: additional_permitted_parameters)`
			`devise_parameter_sanitizer.permit(:account_update, keys: additional_permitted_parameters)`
Add full name to users 2019-08-19 15:45:44 +02:00			`end`
Add Boards 2019-08-22 17:09:13 +02:00
Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00			`def load_tenant_data`
Various improvements (#332) * Fix locale fallbacks * Make header links relative * Improve like button style * Other small improvements... 2024-05-09 19:23:45 +02:00			`# Set default locale`
			`I18n.locale = I18n.default_locale`

Add custom domains (#314) 2024-03-24 12:54:02 +01:00			`current_tenant = get_tenant_from_request(request)`
Fix custom domains (#318) * Configure trusted proxies * Fix tenant signup route not working * Use HTTP_X_FORWARDED_HOST if present * Update reserved subdomains 2024-03-24 18:06:36 +01:00			`return unless current_tenant`
Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00
Add custom domains (#314) 2024-03-24 12:54:02 +01:00			`if current_tenant.status == "pending" and controller_name != "confirmation" and action_name != "show"`
			`redirect_to pending_tenant_path; return`
			`end`
Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00
Add custom domains (#314) 2024-03-24 12:54:02 +01:00			`if current_tenant.status == "blocked"`
			`redirect_to blocked_tenant_path; return`
Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00			`end`

			`Current.tenant = current_tenant`

			`# Load tenant data`
			`@tenant = Current.tenant_or_raise!`
Move tenant settings on separate model (#196) 2023-02-04 15:43:15 +01:00			`@tenant_setting = TenantSetting.first_or_create`
Add billing (#329) 2024-05-03 18:11:07 +02:00			`@tenant_billing = TenantBilling.first_or_create`
Add slugs for Posts, Boards and OAuths (#321) 2024-04-05 18:23:31 +02:00			`@boards = Board.select(:id, :name, :slug).order(order: :asc)`
Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00
Various improvements (#332) * Fix locale fallbacks * Make header links relative * Improve like button style * Other small improvements... 2024-05-09 19:23:45 +02:00			`# Set tenant locale`
Add Site settings > General (#133) 2022-07-18 10:47:54 +02:00			`I18n.locale = @tenant.locale`
Add Boards 2019-08-22 17:09:13 +02:00			`end`
Improve rails controllers (#118) 2022-06-10 12:03:33 +02:00
Add OAuth2 authentication (#147) - Added Site settings > Authentication section - Create/edit/delete your custom oauth2 configurations - Login or signup with oauth2 2022-08-05 18:15:17 +02:00			`def load_oauths`
Add default OAuths (#259) 2024-01-22 14:45:48 +01:00			`@o_auths = OAuth`
			`.include_defaults`
Add OAuth2 authentication (#147) - Added Site settings > Authentication section - Create/edit/delete your custom oauth2 configurations - Login or signup with oauth2 2022-08-05 18:15:17 +02:00			`.where(is_enabled: true)`
			`.order(created_at: :asc)`
			`end`

Add billing (#329) 2024-05-03 18:11:07 +02:00			`def check_tenant_subscription`
			`return if Current.tenant.tenant_billing.has_active_subscription?`

			`render json: {`
			`error: 'Your subscription has expired. Please renew it to continue using the service.'`
			`}, status: :forbidden`
			`end`

Add private feedback space setting (#392) 2024-08-29 22:14:04 +02:00			`def check_tenant_is_private`
			`return unless Current.tenant.tenant_setting.is_private`
			`return if user_signed_in?`

			`flash[:alert] = t('errors.not_logged_in')`
			`redirect_to new_user_session_path`
			`end`

Improve rails controllers (#118) 2022-06-10 12:03:33 +02:00			`private`

			`def user_not_authorized`
Improve logging (#274) * Add some custom log messages * Add original URL and remote IP to each log entry 2024-02-04 16:05:41 +01:00			`logger.error { "User not authorized: #{user_signed_in? ? current_user.inspect : 'unlogged user'}" }`

Improve rails controllers (#118) 2022-06-10 12:03:33 +02:00			`render json: {`
Change locales structure (#144) 2022-07-23 13:32:40 +02:00			`error: t('errors.unauthorized')`
Improve rails controllers (#118) 2022-06-10 12:03:33 +02:00			`}, status: :unauthorized`
			`end`
Add private feedback space setting (#392) 2024-08-29 22:14:04 +02:00
			`def should_check_tenant_is_private?`
			`controller_name == 'posts' \|\|`
			`controller_name == 'boards' \|\|`
			`controller_name == 'comments' \|\|`
			`(controller_name == 'static_pages' && action_name == 'root') \|\|`
			`(controller_name == 'static_pages' && action_name == 'roadmap')`
			`end`
Setup Rails project and dockerize 2019-08-18 14:51:37 +02:00			`end`