forked from spree/spree
/
base_controller.rb
61 lines (51 loc) · 2.05 KB
/
base_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
module Spree
module Admin
class BaseController < Spree::BaseController
helper 'spree/search'
helper 'spree/admin/navigation'
layout '/spree/layouts/admin'
before_filter :check_alerts unless Rails.env.development?
protected
def check_alerts
return unless current_user and should_check_alerts?
unless session.has_key? :alerts
begin
session[:alerts] = Spree::Alert.current(request.host)
filter_dismissed_alerts
Spree::Config.set :last_check_for_spree_alerts => DateTime.now.to_s
rescue
session[:alerts] = nil
end
end
end
def should_check_alerts?
return false if not Spree::Config[:check_for_spree_alerts]
last_check = Spree::Config[:last_check_for_spree_alerts]
return true if last_check.blank?
DateTime.parse(last_check) < 12.hours.ago
end
def flash_message_for(object, event_sym)
resource_desc = object.class.model_name.human
resource_desc += " \"#{object.name}\"" if object.respond_to?(:name) && object.name.present?
I18n.t(event_sym, :resource => resource_desc)
end
def render_js_for_destroy
render :partial => '/spree/admin/shared/destroy'
end
# Index request for JSON needs to pass a CSRF token in order to prevent JSON Hijacking
def check_json_authenticity
return unless request.format.js? or request.format.json?
return unless protect_against_forgery?
auth_token = params[request_forgery_protection_token]
unless (auth_token and form_authenticity_token == URI.unescape(auth_token))
raise(ActionController::InvalidAuthenticityToken)
end
end
def filter_dismissed_alerts
return unless session[:alerts]
dismissed = (Spree::Config[:dismissed_spree_alerts] || '').split(',')
session[:alerts].reject! { |a| dismissed.include? a.id.to_s }
end
end
end
end