Created
August 14, 2013 09:48
-
-
Save johanbrook/6229535 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class ApplicationController < ActionController::Base | |
| # Prevent CSRF attacks by raising an exception. | |
| # For APIs, you may want to use :null_session instead. | |
| protect_from_forgery with: :null_session | |
| # protect_from_forgery with: :exception # FIXME: Shouldn't need to uncomment this, but getting csrf exception when POST:ing to comments.json... even if sending "Content-Type: application/json" in header | |
| layout proc {|c| pjax_request? ? pjax_layout : "application"} | |
| helper_method :pjax_request? | |
| helper_method :current_user, :is_loggedin? | |
| before_filter :strip_pjax_param, :if => :pjax_request? | |
| before_filter :set_pjax_url, :if => :pjax_request? | |
| private | |
| def current_user | |
| @current_user ||= User.find_by(id: session[:user_id]) if session[:user_id] | |
| end | |
| def is_loggedin? | |
| not current_user.nil? | |
| end | |
| def authorize | |
| session[:redirect] = root_path | |
| redirect_to login_path, :alert => "Not authorized" unless is_loggedin? | |
| end | |
| def set_flow_layout | |
| set_layout_unless_pjax "flow_layout" | |
| end | |
| def set_layout_unless_pjax(name) | |
| self.class.layout proc {|c| pjax_request? ? pjax_layout : name} | |
| end | |
| def pjax_request? | |
| env['HTTP_X_PJAX'].present? and request.xhr? | |
| end | |
| def pjax_layout | |
| false | |
| end | |
| def strip_pjax_param | |
| params.delete(:_pjax) | |
| request.env['QUERY_STRING'] = request.env['QUERY_STRING'].sub(/_pjax=[^&]+&?/, '') | |
| request.env.delete('rack.request.query_string') | |
| request.env.delete('rack.request.query_hash') | |
| request.env.delete('action_dispatch.request.query_parameters') | |
| request.instance_variable_set('@original_fullpath', nil) | |
| request.instance_variable_set('@fullpath', nil) | |
| end | |
| def set_pjax_url | |
| response.headers['X-PJAX-URL'] = request.url | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class FlowsController < ApplicationController | |
| before_action :set_flow, only: [:show, :edit, :update, :destroy] | |
| before_action :set_flow_layout, only: [:show, :edit] | |
| before_action :authorize | |
| # GET /flows | |
| # GET /flows.json | |
| def index | |
| @flows = Flow.all | |
| end | |
| private | |
| # Use callbacks to share common setup or constraints between actions. | |
| def set_flow | |
| @flow = Flow.find(params[:id]) | |
| end | |
| # Never trust parameters from the scary internet, only allow the white list through. | |
| def flow_params | |
| params.require(:flow).permit(:title, :description, :project_id) | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Du kan också skriva