Sha256: a25c8c9ea2634e8baa47e0d8bbfbc9e548926f3403a203399bf4d0093b5cf876
Contents?: true
Size: 1.61 KB
Versions: 2
Compression:
Stored size: 1.61 KB
Contents
class Admin::BaseController < Spree::BaseController
ssl_required
before_filter :check_alerts if Rails.env.production?
helper :search
helper 'admin/navigation'
layout 'admin'
protected
def check_alerts
return unless current_user and should_check_alerts?
unless session.has_key? :alerts
begin
session[:alerts] = Spree::Alert.current(request.host)
filter_dismissed_alerts
Spree::Config.set :last_check_for_spree_alerts => DateTime.now.to_s
rescue
session[:alerts] = nil
end
end
end
def should_check_alerts?
return false if not Spree::Config[:check_for_spree_alerts]
last_check = Spree::Config[:last_check_for_spree_alerts]
return true if last_check.blank?
DateTime.parse(last_check) < 12.hours.ago
end
def filter_dismissed_alerts
return unless session[:alerts]
dismissed = (Spree::Config[:dismissed_spree_alerts] || '').split(',')
session[:alerts].reject! { |a| dismissed.include? a.id.to_s }
end
def render_js_for_destroy
render :partial => "/admin/shared/destroy"
flash.notice = nil
end
# Index request for JSON needs to pass a CSRF token in order to prevent JSON Hijacking
def check_json_authenticity
return unless request.format.js? or request.format.json?
auth_token = params[request_forgery_protection_token]
unless (auth_token and form_authenticity_token == auth_token.gsub(' ', '+'))
raise(ActionController::InvalidAuthenticityToken)
end
end
# def require_object_editable_by_current_user
# return access_denied unless object.editable_by?(current_user)
# true
# end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| spree_core-0.50.4 | app/controllers/admin/base_controller.rb |
| spree_core-0.50.3 | app/controllers/admin/base_controller.rb |