Orbit/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  protect_from_forgery

  include ParserFrontEnd, ParserBackEnd, ApplicationHelper
  include OrbitApp::ErrorHandlers::PageErrorHandler
  include OrbitApp::ErrorHandlers::ObjectAuthErrorHandler
  include OrbitApp::ErrorHandlers::ModuleAppErrorHandler

  rescue_from ObjectAuthError, :with => :render_object_auth_error
  rescue_from ModuleAppError, :with => :render_module_app_error
  rescue_from PageError, :with => :render_page_error

  layout :layout_by_resource

  helper :admin, :orbit_form
  before_filter :set_site, :set_locale, :prepare_for_mobile

  helper_attr :site_valid_locales

  def check_backend_openness
    if !Me.backend_openness_on
      redirect_to '/users/sign_in'   if not (authenticate_user! and is_member? )
    end
  end

  def site_restart
    Resque.enqueue(RestartServer)
  end

  def set_current_user
    User.current = current_or_guest_user
    UserActionRecoder.perform(current_or_guest_user,params.to_s)
  end

  def front_end_available(module_app_title='')
    app_controller = ModuleApp.first(conditions: {:key => module_app_title} )
    unless app_controller.enable_frontend?
      render :nothing => true
    end
  end

  def get_all_app_engines
    ary = ["vender/plugins/new_blog"]
    app_engines = ary.collect{|t|
      Rails::Engine.find t
    }
    app_engines.each{ |t|
     # t.
    }
  end

  def flaten_controller
    ary=[]
    Find.find(File.join(Rails.root , 'vendor/plugins/'))  { |name|
          require_dependency(name) if /_controller\.rb$/ =~ name
          ary << name
    }
    ary
  end

  # Find the parent for the given item
  def find_parent_item
    @parent_item  = Item.first(:conditions => { :id => BSON::ObjectId(params[:parent_id]) }) rescue nil
  end

  def auth_failed_in_backend
     #redirect_to admin_dashboards_url
     redirect_to root_path
  end

  def for_admin_only
    if is_admin?
      true
    else
    flash[:error] = t("access.denied.not_admin")
    auth_failed_in_backend
    end
  end

  def for_app_manager
    if is_manager?
      true
    else
      flash[:error] = t("access.denied.app.not_manager")
      auth_failed_in_backend
    end
  end

  def for_app_sub_manager
    if (@module_app.sub_managing_users.include?(current_or_guest_user) || is_manager?)
      true
    else
      flash[:error] = t("access.denied.app.not_sub_manager")
      auth_failed_in_backend
    end
  end

  def for_app_user
    if (@module_app.app_auth.auth_users.include?(current_or_guest_user) || for_app_sub_manager )
      true
    else
      flash[:error] = t("access.denied.app.not_authed_user")
      auth_failed_in_backend
    end
  end

  def check_object_premission(obj,title)
    flash[:error] = t("access.denied.object")
    auth_failed_in_backend unless (obj.get_object_auth_by_title(title).auth_users.include?(current_or_guest_user) || is_manager? || is_admin? )
  end

  # Render the page
  def render_page(args={})
    if @item
      respond_to do |format|
        format.html { render :text => parse_page_content(@item,args), :layout => 'page_layout' }
        format.rss { render_main_rss }
        format.mobile { redirect_to mobile_path(:app => params[:app]) }
      end
    else
      render :text => '404 Not Found'
    end
  end

  def render_share
    object_class = params[:model].classify.constantize
    @object = object_class.find(params[:id])
    module_app = ModuleApp.first(:conditions => {:key => params[:key]})
    @item = @object.share_item
    #@item = Item.where(module_app_id: module_app.id).all_of("tag" => {"$in" => [nil,'']},"category" => { "$in" => [nil,'']}).first
    #binding.pry
    @orig_url = "http://#{request.host_with_port}/#{@item.path}?id=#{@object.id}"
    render 'shared/render_share', :layout => false
  end

  protected

  # Set I18n.locale
  def set_locale
    # update session if passed
    session[:locale] = params[:locale] if params[:locale]
    browser_locale = condition = nil
    # check if locale is valid for non site pages
    if LIST[:forbidden_item_names].include?(env['PATH_INFO'].split('/')[1].to_s)
      condition = VALID_LOCALES.include?(session[:locale])
    elsif session[:locale]
      condition = @site_in_use_locales.include?(session[:locale])
    else
      browser_locale = request.env['HTTP_ACCEPT_LANGUAGE'].scan(/^[a-z]{2}/).first rescue nil
      condition = @site_in_use_locales.include?(browser_locale)
    end
    session[:locale] = condition ? (browser_locale || session[:locale]) : I18n.default_locale.to_s
    I18n.locale = session[:locale].to_sym
  end

  # Set the site variables
  def set_site
    # set site if exist or create site
    @site = Site.first || Site.create({:valid_locales => VALID_LOCALES, :in_use_locales => VALID_LOCALES})
    session[:site] = @site.id
    @site_in_use_locales = site_locales_default_head(@site.in_use_locales)
    @site_valid_locales = site_locales_default_head(@site.valid_locales)
  end

  def set_current_item
    session[:current_page] = params[:id] || @item.id rescue nil
  end

  def decrypt_data(encrypted_data, encrypted_key, encrypted_iv)
    site = Site.find(session[:site])
    if encrypted_data
      private_key = OpenSSL::PKey::RSA.new(site.private_key)
      cipher = OpenSSL::Cipher.new('aes-256-cbc')
      cipher.decrypt
      cipher.key = private_key.private_decrypt(encrypted_key)
      cipher.iv = private_key.private_decrypt(encrypted_iv)

      decrypted_data = cipher.update(encrypted_data)
      decrypted_data << cipher.final
    else
      ''
    end
  end

  def get_homepage
    Page.root
  end

  def layout_by_resource
    if devise_controller?
      "devise"
    else
      "application"
    end
  end

  def site_locales_default_head(locales)
    if locales[0].eql? I18n.locale.to_s
      locales
    else
      a = Array.new(locales)
      shift_out = a.delete(I18n.locale.to_s)
      [shift_out] + a
    end
  end
    # called (once) when the user logs in, insert any code your application needs
    # to hand off from guest_user to current_user.
    def logging_in
      # For example:
      # guest_comments = guest_user.comments.all
      # guest_comments.each do |comment|
        # comment.user_id = current_user.id
        # comment.save
      # end
    end


  def render_main_rss
    ret = ''
    ret << "/panel/#{@item.module_app.key}/front_end/#{@item.app_frontend_url}.rss"
    ret << "/#{params[:id]}" if params[:id] && !params[:id].eql?(@item.id.to_s)

    categories_str=params[:category].collect{|t| "category_id[]=#{t}"}.join('&')
    tags_str=params[:tag].collect{|t| "tag_id[]=#{t}"}.join('&')
    categories_str = "&#{categories_str}" unless categories_str.blank?
    tags_str = "&#{tags_str}" unless tags_str.blank?

    ret << "?inner=true#{categories_str}#{tags_str}&page_main=#{params[:page_main]}"
    redirect_to ret
  end

  def get_sorted_and_filtered(object_class, query = nil, objects = nil)
    objects ||= get_objects(object_class, query)
    object_class = object_class.classify.constantize
    if !params[:sort].blank?
      options = params[:sort_options]
      options = [options] if !options.class.eql?(Array)
      options.each do |option|
        if object_class.fields.include?(option)
          if object_class.fields[option].type.to_s.eql?('Object') && !object_class.relations[option].nil?
            objects = get_objects_from_referenced_objects(object_class.fields[option].options[:class_name].constantize, objects, option)
          else
            (objects = objects.order_by(option, params[:direction])) rescue nil
          end
        elsif object_class.relations.include?(option)
          case object_class.relations[option].macro
            when :references_one
              a = Array.new
              objects.each { |object| a << [get_string_value_from_object(object), object] }
              sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
              objects = sorted.collect {|x| x[1] }
            when :references_many, :references_and_referenced_in_many
              objects = get_objects_from_self(object_class, objects, option)
            when :referenced_in
              objects = get_objects_from_referenced_objects(object_class.relations[option].class_name.constantize, objects, "#{option}_id")
          end
        elsif option.eql?('tags')
          tag_array = @module_app.tags.inject([]){ |result, value|
            result << [value.name, value]
          }
          params[:direction].eql?('asc') ? tag_array.sort : tag_array.sort.reverse!
          sorted_objects = Array.new
          tag_array.each do |x|
            taggings = x[1].taggings
            taggings.each {|tagging| sorted_objects << tagging.taggable }
          end
          # debugger
          sorted_objects.flatten!
          sorted_objects.uniq!
          objects = get_with_nil(objects, option, sorted_objects)
        end
      end
    end
    if @filter
      @filter.each do |key, value|
        case key
          when 'status'
            a = Array.new
            objects.each do |object|
              value.each do |v|
                a << object if object[v]
              end
            end
            objects = a.uniq
          when 'categories'
            a = Array.new
            objects.each do |object|
              a << object if (value.include?(object.send("#{object.class.to_s.underscore}_category").id.to_s) rescue nil)
            end
            objects = a.uniq
          when 'tags'
            a = Array.new
            objects.each do |object|
              object.tags.each do |tag|
                a << object if value.include?(tag.id.to_s)
              end
            end
            objects = a.uniq
          end if value.size > 0
      end
    end
    Kaminari.paginate_array(filter_authorized_objects(objects)).page(params[:page]).per(10)
  end

  def get_viewable(object_class, query=nil)
    objects = get_objects(object_class,query).order_by(:created_at, :desc)
    Kaminari.paginate_array(objects).page(params[:page]).per(10)
  end

  def get_objects(object_class, query=nil)
    object_class = object_class.classify.constantize
    # debugger
    # a=1
    if query
      if object_class.include?(Mongoid::Sortable)
        objects = object_class.default_sort(params[:sort]).where(query)
      else
        objects = object_class.where(query)
      end
    else
      if object_class.include?(Mongoid::Sortable)
        objects = object_class.default_sort(params[:sort]).all
      else
        objects = object_class.all
      end
    end
    objects
  end

  def get_objects_from_referenced_objects(object_class, objects, option)
    referer_ids = objects.distinct(option)
    referenced_objects = object_class.find(referer_ids) rescue nil
    if referenced_objects
      a = Array.new
      referenced_objects.to_a.each { |referer| a << [get_string_value_from_object(referer), referer.id] }
      sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
      sorted_objects = sorted.collect {|x| objects.where(option => x[1]).entries }
      sorted_objects.flatten!
      sorted_objects.uniq!
      get_with_nil(objects, option, sorted_objects)
    else
      objects
    end
  end

  def get_objects_from_self(object_class, objects, option)
    referenced_class = object_class.relations[option].class_name.constantize
    referenced_objects = referenced_class.all rescue nil
    if referenced_objects
      reverse_relation = nil
      referenced_class.relations.each { |relation| reverse_relation = relation[1].name.to_s if relation[1].class_name.eql?(object_class.to_s) }
      a = Array.new
      referenced_objects.each { |referenced_object| a << [get_string_value_from_object(referenced_object), referenced_object] }
      a.compact!
      sorted = params[:direction].eql?('asc') ? a.sort : a.sort.reverse!
      sorted_objects = Array.new
      sorted.each {|x| sorted_objects << x[1].send(reverse_relation) }
      sorted_objects.flatten!
      sorted_objects.uniq!
      get_with_nil(objects, option, sorted_objects)
    else
      objects
    end
  end

  def get_string_value_from_object(object)
    s = object.name_translations[I18n.locale.to_s] unless s rescue nil
    s = object.title_translations[I18n.locale.to_s] unless s rescue nil
    s = object.name unless s rescue nil
    s = object.title unless s rescue nil
    s.downcase rescue ''
  end

  def get_with_nil(objects, option, sorted_objects)
    tmp = Array.new
    objects.each { |object| tmp << [get_string_value_from_object(object), object] if (object.send(option).blank? || (object.send(option).size == 0 rescue nil)) }
    sorted = params[:direction].eql?('asc') ? tmp.sort : tmp.sort.reverse!
    sorted_tmp = sorted.collect {|a| a[1] }
    a = params[:direction].eql?('asc') ? (sorted_tmp + sorted_objects) : (sorted_objects + sorted_tmp)
    a.flatten
  end


  def filter_authorized_objects(objects)
    if(!is_admin? || !is_manager?)
      objects.delete_if{ |object|
        if object.is_pending == true
          if check_permission(:manager)
            object.create_user_id != current_user.id
          else
            !object.send("#{object.class.to_s.underscore}_category").authed_users('fact_check').include?(current_user) rescue false
          end
        else
          false
        end
      }
    end
    objects
  end

  private

  def mobile_device?
    if session[:mobile_param]
      session[:mobile_param] == "1"
    else
      request.user_agent =~ /iPhone|iPod|Android/
    end
  end

  def prepare_for_mobile
    if @site.mobile_on
      session[:mobile_param] =  if request.path =~ /mobile/
                                  '1'
                                elsif params[:mobile]
                                  params[:mobile]
                                else
                                  session[:mobile_param]
                                end
      request.format = :mobile if mobile_device?
    end
  end

end