module CamaleonCms class CamaleonController < ApplicationController add_flash_types :warning add_flash_types :error add_flash_types :notice add_flash_types :info include CamaleonCms::CamaleonHelper include CamaleonCms::SessionHelper include CamaleonCms::SiteHelper include CamaleonCms::HtmlHelper include CamaleonCms::UserRolesHelper include CamaleonCms::ShortCodeHelper include CamaleonCms::PluginsHelper include CamaleonCms::ThemeHelper include CamaleonCms::HooksHelper include CamaleonCms::ContentHelper include CamaleonCms::CaptchaHelper include CamaleonCms::UploaderHelper include CamaleonCms::EmailHelper include Mobu::DetectMobile PluginRoutes.all_helpers.each { |h| include h.constantize } before_action :cama_site_check_existence, except: [:captcha] before_action :cama_before_actions, except: [:captcha] after_action :cama_after_actions, except: [:captcha] # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. # Skip forgery check on .js files located in /assets/ to avoid CORS errors # caused by requests for non-existent files. protect_from_forgery with: :exception, unless: -> { request.fullpath.match(%r{\A/assets/.*\.js\z}) } layout proc { |controller| controller.request.xhr? ? false : 'default' } helper_method :current_user # show page error def render_error(status = 404, exception = nil, message = '') Rails.logger.debug "Camaleon CMS - 404 url: #{begin request.original_url rescue StandardError nil end} ==> message: #{exception.message if exception.present?} ==> #{params[:error_msg]} ==> #{caller.inspect}" @message = "#{message} #{params[:error_msg] || (exception.present? ? "#{exception.message}

#{caller.inspect}" : '')}" @message = '' if Rails.env == 'production' respond_to do |format| format.html { render "camaleon_cms/#{status}", status: status } format.any { head status } end end # generate captcha image def captcha image = cama_captcha_build(params[:len]) send_data image.to_blob, type: MiniMime.lookup_by_extension(image.type).content_type, disposition: 'inline' end private def cama_before_actions # including all helpers (system, themes, plugins) for this site # PluginRoutes.enabled_apps(current_site, current_theme.slug).each{|plugin| plugin_load_helpers(plugin) } # initializing short codes shortcodes_init # initializing before and after contents cama_html_helpers_init # initializing before and after contents cama_content_init @_hooks_skip = [] # trigger all hooks before_load_app hooks_run('app_before_load') request.env.except!('HTTP_X_FORWARDED_HOST') if request.env['HTTP_X_FORWARDED_HOST'] # just drop the variable views_dir = 'app/apps/' prepend_view_path(File.join($camaleon_engine_dir, views_dir).to_s) prepend_view_path(Rails.root.join(views_dir).to_s) CamaleonCms::PostDefault.current_user = cama_current_user CamaleonCms::PostDefault.current_site = current_site end # initialize ability for current user def current_ability @current_ability ||= CamaleonCms::Ability.new(cama_current_user, current_site) end def cama_after_actions # trigger all actions app after load hooks_run('app_after_load') end # redirect to sessions login form when the session was expired. def auth_session_error redirect_to cama_root_path end # check if current site exist, if not, this will be redirected to main domain # Also, check current site status def cama_site_check_existence if !current_site.present? if Cama::Site.main_site.present? url = Cama::Site.main_site.decorate.the_url # TODO: Remove this condition when Rails 6.x won't be supported if Rails.gem_version >= Gem::Version.new('7.0.0') redirect_to url, allow_other_host: true else redirect_to url end else redirect_to cama_admin_installers_path end elsif (cama_current_user.present? && !cama_current_user.admin?) || !cama_current_user.present? # inactive page control if current_site.is_inactive? if request.original_url.to_s.match(%r{\A#{current_site.the_url}admin(/|\z)}) if cama_current_user.present? cama_logout_user flash[:error] = 'Site is Inactive' end else p = current_site.posts.find_by_id(current_site.get_option('page_inactive')).try(:decorate) if p redirect_to(p.the_url) unless params == { 'controller' => 'camaleon_cms/frontend', 'action' => 'post', 'slug' => p.the_slug } else render html: 'This site was inactivated. Please contact to administrator.' end end end # maintenance page and IP's control if current_site.is_maintenance? && !current_site.get_option('maintenance_ips', '').split(',').include?(request.remote_ip) p = current_site.posts.find_by_id(current_site.get_option('page_maintenance')).try(:decorate) if p redirect_to(p.the_url) if params != { 'controller' => 'camaleon_cms/frontend', 'action' => 'post', 'slug' => p.the_slug } else render html: 'This site is in maintenance mode. Please contact to administrator.' end end end end unless ApplicationController.method_defined?(:current_user) def current_user cama_current_user end end end end