masto-fe/app/controllers/application_controller.rb

# frozen_string_literal: true

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  force_ssl if: :https_enabled?

  include Localized
  include UserTrackingConcern

  helper_method :current_account
  helper_method :single_user_mode?

  rescue_from ActionController::RoutingError, with: :not_found
  rescue_from ActiveRecord::RecordNotFound, with: :not_found
  rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity

  before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
  before_action :check_suspension, if: :user_signed_in?

  def raise_not_found
    raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"
  end

  private

  def https_enabled?
    Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'
  end

  def store_current_location
    store_location_for(:user, request.url)
  end

  def require_admin!
    redirect_to root_path unless current_user&.admin?
  end

  def check_suspension
    forbidden if current_user.account.suspended?
  end

  protected

  def forbidden
    respond_with_error(403)
  end

  def not_found
    respond_with_error(404)
  end

  def gone
    respond_with_error(410)
  end

  def unprocessable_entity
    respond_with_error(422)
  end

  def single_user_mode?
    @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.exists?
  end

  def current_account
    @current_account ||= current_user.try(:account)
  end

  def cache_collection(raw, klass)
    return raw unless klass.respond_to?(:with_includes)

    raw                    = raw.cache_ids.to_a if raw.is_a?(ActiveRecord::Relation)
    uncached_ids           = []
    cached_keys_with_value = Rails.cache.read_multi(*raw.map(&:cache_key))

    raw.each do |item|
      uncached_ids << item.id unless cached_keys_with_value.key?(item.cache_key)
    end

    klass.reload_stale_associations!(cached_keys_with_value.values) if klass.respond_to?(:reload_stale_associations!)

    unless uncached_ids.empty?
      uncached = klass.where(id: uncached_ids).with_includes.map { |item| [item.id, item] }.to_h

      uncached.values.each do |item|
        Rails.cache.write(item.cache_key, item)
      end
    end

    raw.map { |item| cached_keys_with_value[item.cache_key] || uncached[item.id] }.compact
  end

  def respond_with_error(code)
    respond_to do |format|
      format.any  { head code }
      format.html do
        set_locale
        render "errors/#{code}", layout: 'error', status: code
      end
    end
  end
end
Fix rubocop issues, introduce usage of frozen literal to improve performance 2016-11-15 15:56:29 +00:00			`# frozen_string_literal: true`

Initial commit 2016-02-20 21:53:20 +00:00			`class ApplicationController < ActionController::Base`
			`# Prevent CSRF attacks by raising an exception.`
			`# For APIs, you may want to use :null_session instead.`
			`protect_from_forgery with: :exception`
Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding admin status to users 2016-03-25 13:12:24 +00:00
Return force_ssl to the controller (#2380) 2017-04-24 00:44:05 +00:00			`force_ssl if: :https_enabled?`

Fix #1165 - before_action was called before protect_from_forgery 2017-04-08 00:30:50 +00:00			`include Localized`
Extract user tracking into concern (#2600) 2017-04-29 22:28:16 +00:00			`include UserTrackingConcern`
Make file attachment on MediaAttachment optional (#1865) Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true Clean up old media files when creating a new domain block with reject_media set to true Return remote_url in media attachments API if local file is not present Undo domain block action in admin UI Ability to enable reject_media from admin UI 2017-04-16 10:51:30 +00:00
			`helper_method :current_account`
			`helper_method :single_user_mode?`
Adding React.js, Redux, revamping dashboard 2016-08-24 15:56:44 +00:00
Fix local follows, 404 in logs 2016-09-08 00:40:51 +00:00			`rescue_from ActionController::RoutingError, with: :not_found`
			`rescue_from ActiveRecord::RecordNotFound, with: :not_found`
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-14 23:30:23 +00:00			`rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity`
Fix local follows, 404 in logs 2016-09-08 00:40:51 +00:00
Fix sign-in redirecting "back" to a missing image because missing static files hit the raise_not_found method 2016-10-06 13:42:00 +00:00			`before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?`
Add filters for suspended accounts 2016-12-06 17:03:30 +00:00			`before_action :check_suspension, if: :user_signed_in?`
Redirect after sign in to previous page (unless it's a sign in/up/etc page) 2016-10-02 15:11:08 +00:00
Fix local follows, 404 in logs 2016-09-08 00:40:51 +00:00			`def raise_not_found`
Improve code style 2016-09-29 19:28:21 +00:00			`raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"`
Fix local follows, 404 in logs 2016-09-08 00:40:51 +00:00			`end`

Redirect after sign in to previous page (unless it's a sign in/up/etc page) 2016-10-02 15:11:08 +00:00			`private`

Return force_ssl to the controller (#2380) 2017-04-24 00:44:05 +00:00			`def https_enabled?`
			`Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'`
			`end`

Redirect after sign in to previous page (unless it's a sign in/up/etc page) 2016-10-02 15:11:08 +00:00			`def store_current_location`
			`store_location_for(:user, request.url)`
			`end`

Add simple admin overview of PuSH subscriptions 2016-11-28 17:45:13 +00:00			`def require_admin!`
			`redirect_to root_path unless current_user&.admin?`
			`end`

Add filters for suspended accounts 2016-12-06 17:03:30 +00:00			`def check_suspension`
Show error message to suspended user (#3281) 2017-05-24 14:39:09 +00:00			`forbidden if current_user.account.suspended?`
Add filters for suspended accounts 2016-12-06 17:03:30 +00:00			`end`

Fix tests 2016-08-18 15:13:41 +00:00			`protected`

Error responses cleanup (#2692) * Use respond_with_error for forbidden errors * Wrap up common error code into single method 2017-05-01 20:24:36 +00:00			`def forbidden`
			`respond_with_error(403)`
Fix local follows, 404 in logs 2016-09-08 00:40:51 +00:00			`end`

Error responses cleanup (#2692) * Use respond_with_error for forbidden errors * Wrap up common error code into single method 2017-05-01 20:24:36 +00:00			`def not_found`
			`respond_with_error(404)`
Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-14 23:30:23 +00:00			`end`

Error responses cleanup (#2692) * Use respond_with_error for forbidden errors * Wrap up common error code into single method 2017-05-01 20:24:36 +00:00			`def gone`
			`respond_with_error(410)`
ActivityPub: Add basic, read-only support for Outboxes, Notes, and Create/Announce Activities (#2197) * Clean up collapsible components * Expose user Outboxes and AS2 representations of statuses * Save work thus far. * Fix bad merge. * Save my work * Clean up pagination. * First test working. * Add tests. * Add Forbidden error template. * Revert yarn.lock changes. * Fix code style deviations and use localized instead of hardcoded English text. 2017-04-23 03:21:10 +00:00			`end`

Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-14 23:30:23 +00:00			`def unprocessable_entity`
Error responses cleanup (#2692) * Use respond_with_error for forbidden errors * Wrap up common error code into single method 2017-05-01 20:24:36 +00:00			`respond_with_error(422)`
Catching more exceptions that slipped through, removing AR logging from production as it's very verbose and not very useful 2016-10-05 11:26:44 +00:00			`end`

Give SINGLE_USER a chance to register (#1820) An attempt to open a brand new Mastodon instance configured as SINGLE_USER_MODE=true will cause an exception. Enable temporary registration if we have no users in the database Fixes #1817 2017-04-15 14:46:27 +00:00			`def single_user_mode?`
Change "Account.any?" to "Account.exists?" (#3217) 2017-05-22 13:02:30 +00:00			`@single_user_mode \|\|= Rails.configuration.x.single_user_mode && Account.exists?`
Give SINGLE_USER a chance to register (#1820) An attempt to open a brand new Mastodon instance configured as SINGLE_USER_MODE=true will cause an exception. Enable temporary registration if we have no users in the database Fixes #1817 2017-04-15 14:46:27 +00:00			`end`

Fix tests 2016-08-18 15:13:41 +00:00			`def current_account`
Rename "publish" to "toot" in english locale, fix lightbox showing old image before loading new one, cache notifications API, fix missing follow button on public profiles 2016-11-23 08:20:34 +00:00			`@current_account \|\|= current_user.try(:account)`
Fix tests 2016-08-18 15:13:41 +00:00			`end`
Unify collection caching code 2016-11-29 14:49:39 +00:00
			`def cache_collection(raw, klass)`
Further abstract caching for includes 2016-11-30 14:57:56 +00:00			`return raw unless klass.respond_to?(:with_includes)`

Fix #248 - Reload all accounts when fetching from cache 2016-12-03 17:21:26 +00:00			`raw = raw.cache_ids.to_a if raw.is_a?(ActiveRecord::Relation)`
Unify collection caching code 2016-11-29 14:49:39 +00:00			`uncached_ids = []`
			`cached_keys_with_value = Rails.cache.read_multi(*raw.map(&:cache_key))`

			`raw.each do \|item\|`
			`uncached_ids << item.id unless cached_keys_with_value.key?(item.cache_key)`
			`end`

Fix #248 - Reload all accounts when fetching from cache 2016-12-03 17:21:26 +00:00			`klass.reload_stale_associations!(cached_keys_with_value.values) if klass.respond_to?(:reload_stale_associations!)`

Unify collection caching code 2016-11-29 14:49:39 +00:00			`unless uncached_ids.empty?`
			`uncached = klass.where(id: uncached_ids).with_includes.map { \|item\| [item.id, item] }.to_h`

			`uncached.values.each do \|item\|`
			`Rails.cache.write(item.cache_key, item)`
			`end`
			`end`

			`raw.map { \|item\| cached_keys_with_value[item.cache_key] \|\| uncached[item.id] }.compact`
			`end`
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method 2017-04-21 16:11:20 +00:00
			`def respond_with_error(code)`
Error responses cleanup (#2692) * Use respond_with_error for forbidden errors * Wrap up common error code into single method 2017-05-01 20:24:36 +00:00			`respond_to do \|format\|`
			`format.any { head code }`
			`format.html do`
			`set_locale`
			`render "errors/#{code}", layout: 'error', status: code`
			`end`
			`end`
Fix #2195 - Set locale to error pages (#2255) * Fix #2195 - Set locale to error pages * Fix #2195 - Cut duplicate process into one method 2017-04-21 16:11:20 +00:00			`end`
Initial commit 2016-02-20 21:53:20 +00:00			`end`