#19892

Committed 12 Jun 2026 11:44PM UTC coverage: 9.671% (-5.6%) from 15.224%

Build # #19892

Build Type

push

Committed by

Commit Message

Merge c64ae4198 into b68bb8f64

Coverage Stats

1574 of 16276 relevant lines covered (9.67%)

0.1 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  include AccessHelper
  helper_method :current_user

  # You want to get exceptions in development, but not in production.
  unless Rails.application.config.consider_all_requests_local
    rescue_from ActionView::MissingTemplate do |_exception|
      redirect_to root_path
    end
  end

  # forcing SSL only in the production mode
  force_ssl if Rails.env.production?

  helper_method :current_user, :current_user_role?
  protect_from_forgery with: :exception
  before_action :set_time_zone
  before_action :authorize
  before_action :filter_utf8
  before_action :set_locale

  def set_locale
    I18n.locale = user_locale
  end

  def user_locale
    # Checks whether the user is logged in, else the default locale is used
    if logged_in?
      # If the current user has set his preferred language, the locale is set according to their preference
      if !current_user.locale.nil?
        if current_user.locale != 'no_pref'
          return current_user.locale
          # If the user doesn't have any preference, the locale is taken from the course locale, if the current page is a course specific page or else default locale is used
        elsif current_user_role? && current_user_role.student? && respond_to?(:controller_locale)
          return controller_locale
        end
      else
        return I18n.default_locale
      end
    end
    I18n.default_locale
  end

  def locale_for_student
    # Gets participant using student from params
    participant_id = params[:id] || params[:student_id]
    if !participant_id.nil?
      participant = AssignmentParticipant.find_by(id: participant_id)
      # If id or student_id not correct, revert to locale based on courses.
      return locale_from_user_courses if participant.nil?

      # Find assignment from participant and find locale from the assignment
      assignment = participant.assignment
      return assignment.course.locale unless assignment.course.nil? || assignment.course.locale.nil?
    else
      return locale_from_user_courses
    end
    I18n.default_locale
  end

  def locale_from_user_courses
    # If the page is a course or assignment page with no specific student id, every course of that student is checked and if
    # the language for all these course are same, the page is displayed in that language
    course_participants = CourseParticipant.where(user_id: current_user.id)
    course_participants_locales = course_participants.map { |cp| cp.course.locale }
    # If no tasks, then possible to have no courses assigned.
    if course_participants_locales.uniq.length == 1 # && !@tasks.empty?
      course = course_participants.first.course
      return course.locale if course.locale?
    end
    I18n.default_locale
  end

  def filter_utf8
    remove_non_utf8(params)
  end

  def self.verify(_args); end

  def current_user_role?
    current_user.role.name
  end

  def current_role_name
    current_role.try :name
  end

  def current_role
    current_user.try :role
  end

  helper_method :current_user_role?

  def user_for_paper_trail
    session[:user].try :id if session[:user]
  end

  def undo_link(message)
    version = Version.where('whodunnit = ?', session[:user].id).last
    return unless version.try(:created_at) && Time.now.in_time_zone - version.created_at < 5.0

    link_name = params[:redo] == 'true' ? 'redo' : 'undo'
    message + "<a href = #{url_for(controller: :versions, action: :revert, id: version.id, redo: !params[:redo])}>#{link_name}</a>"
  end

  def are_needed_authorizations_present?(id, *authorizations)
    participant = Participant.find_by(id: id)
    return false if participant.nil?

    authorization = participant.authorization
    !authorizations.include?(authorization)
  end

  private

  def current_user
    @current_user ||= session[:user]
  end

  helper_method :current_user

  def current_user_role
    current_user.role
  end

  # rubocop:disable Lint/DuplicateMethods
  alias current_user_role? current_user_role
  # rubocop:enable Lint/DuplicateMethods

  def logged_in?
    # Recommendation: rename to ever_logged_in? because that's how this actually works
    current_user
  end

  def set_time_zone
    Time.zone = current_user.timezonepref if current_user
  end

  def require_user
    invalid_login_status('in') unless current_user
  end

  def require_no_user
    invalid_login_status('out') if current_user
  end

  def invalid_login_status(status)
    flash[:notice] = "You must be logged #{status} to access this page!"
    redirect_back fallback_location: root_path
  end

  def available?(user, owner_id)
    user.id == owner_id ||
      user.admin? ||
      user.super_admin?
  end

  def record_not_found
    redirect_to controller: :tree_display, action: :list
  end

  def remove_non_utf8(hash)
    # remove non-utf8 chars from hash
    hash.each_pair do |_key, value|
      if value.is_a?(Hash)
        remove_non_utf8(value)
      elsif value.is_a?(String)
        encode_opts = {
          invalid: :replace,
          undef: :replace,
          replace: ''
        }
        value.encode!(Encoding.find('UTF-8'), encode_opts)
      end
    end
  end

  protected

  # Use this method to validate the current user in order to avoid allowing users
  # to see unauthorized data.
  # Ex: return unless current_user_id?(params[:user_id])
  def current_user_id?(user_id)
    current_user.try(:id) == user_id
  end

  def denied(reason = nil)
    if reason
      redirect_to "/denied?reason=#{reason}"
    else
      redirect_to '/denied'
    end
  end
end

1	class ApplicationController < ActionController::Base	×
2	include AccessHelper	×
3	helper_method :current_user	×
4
5	# You want to get exceptions in development, but not in production.
6	unless Rails.application.config.consider_all_requests_local	×
7	rescue_from ActionView::MissingTemplate do \|_exception\|	×
8	redirect_to root_path	×
9	end	×
10	end	×
11
12	# forcing SSL only in the production mode
13	force_ssl if Rails.env.production?	×
14
15	helper_method :current_user, :current_user_role?	×
16	protect_from_forgery with: :exception	×
17	before_action :set_time_zone	×
18	before_action :authorize	×
19	before_action :filter_utf8	×
20	before_action :set_locale	×
21
22	def set_locale	×
23	I18n.locale = user_locale	×
24	end	×
25
26	def user_locale	×
27	# Checks whether the user is logged in, else the default locale is used
28	if logged_in?	×
29	# If the current user has set his preferred language, the locale is set according to their preference
30	if !current_user.locale.nil?	×
31	if current_user.locale != 'no_pref'	×
32	return current_user.locale	×
33	# If the user doesn't have any preference, the locale is taken from the course locale, if the current page is a course specific page or else default locale is used
34	elsif current_user_role? && current_user_role.student? && respond_to?(:controller_locale)	×
35	return controller_locale	×
36	end	×
37	else	×
38	return I18n.default_locale	×
39	end	×
40	end	×
41	I18n.default_locale	×
42	end	×
43
44	def locale_for_student	×
45	# Gets participant using student from params
46	participant_id = params[:id] \|\| params[:student_id]	×
47	if !participant_id.nil?	×
48	participant = AssignmentParticipant.find_by(id: participant_id)	×
49	# If id or student_id not correct, revert to locale based on courses.
50	return locale_from_user_courses if participant.nil?	×
51
52	# Find assignment from participant and find locale from the assignment
53	assignment = participant.assignment	×
54	return assignment.course.locale unless assignment.course.nil? \|\| assignment.course.locale.nil?	×
55	else	×
56	return locale_from_user_courses	×
57	end	×
58	I18n.default_locale	×
59	end	×
60
61	def locale_from_user_courses	×
62	# If the page is a course or assignment page with no specific student id, every course of that student is checked and if
63	# the language for all these course are same, the page is displayed in that language
64	course_participants = CourseParticipant.where(user_id: current_user.id)	×
65	course_participants_locales = course_participants.map { \|cp\| cp.course.locale }	×
66	# If no tasks, then possible to have no courses assigned.
67	if course_participants_locales.uniq.length == 1 # && !@tasks.empty?	×
68	course = course_participants.first.course	×
69	return course.locale if course.locale?	×
70	end	×
71	I18n.default_locale	×
72	end	×
73
74	def filter_utf8	×
75	remove_non_utf8(params)	×
76	end	×
77
78	def self.verify(_args); end	×
79
80	def current_user_role?	×
81	current_user.role.name	×
82	end	×
83
84	def current_role_name	×
85	current_role.try :name	×
86	end	×
87
88	def current_role	×
89	current_user.try :role	×
90	end	×
91
92	helper_method :current_user_role?	×
93
94	def user_for_paper_trail	×
95	session[:user].try :id if session[:user]	×
96	end	×
97
98	def undo_link(message)	×
99	version = Version.where('whodunnit = ?', session[:user].id).last	×
100	return unless version.try(:created_at) && Time.now.in_time_zone - version.created_at < 5.0	×
101
102	link_name = params[:redo] == 'true' ? 'redo' : 'undo'	×
103	message + "<a href = #{url_for(controller: :versions, action: :revert, id: version.id, redo: !params[:redo])}>#{link_name}</a>"	×
104	end	×
105
106	def are_needed_authorizations_present?(id, *authorizations)	×
107	participant = Participant.find_by(id: id)	×
108	return false if participant.nil?	×
109
110	authorization = participant.authorization	×
111	!authorizations.include?(authorization)	×
112	end	×
113
114	private	×
115
116	def current_user	×
117	@current_user \|\|= session[:user]	×
118	end	×
119
120	helper_method :current_user	×
121
122	def current_user_role	×
123	current_user.role	×
124	end	×
125
126	# rubocop:disable Lint/DuplicateMethods
127	alias current_user_role? current_user_role	×
128	# rubocop:enable Lint/DuplicateMethods
129
130	def logged_in?	×
131	# Recommendation: rename to ever_logged_in? because that's how this actually works
132	current_user	×
133	end	×
134
135	def set_time_zone	×
136	Time.zone = current_user.timezonepref if current_user	×
137	end	×
138
139	def require_user	×
140	invalid_login_status('in') unless current_user	×
141	end	×
142
143	def require_no_user	×
144	invalid_login_status('out') if current_user	×
145	end	×
146
147	def invalid_login_status(status)	×
148	flash[:notice] = "You must be logged #{status} to access this page!"	×
149	redirect_back fallback_location: root_path	×
150	end	×
151
152	def available?(user, owner_id)	×
153	user.id == owner_id \|\|	×
154	user.admin? \|\|	×
155	user.super_admin?	×
156	end	×
157
158	def record_not_found	×
159	redirect_to controller: :tree_display, action: :list	×
160	end	×
161
162	def remove_non_utf8(hash)	×
163	# remove non-utf8 chars from hash
164	hash.each_pair do \|_key, value\|	×
165	if value.is_a?(Hash)	×
166	remove_non_utf8(value)	×
167	elsif value.is_a?(String)	×
168	encode_opts = {	×
169	invalid: :replace,	×
170	undef: :replace,	×
171	replace: ''	×
172	}	×
173	value.encode!(Encoding.find('UTF-8'), encode_opts)	×
174	end	×
175	end	×
176	end	×
177
178	protected	×
179
180	# Use this method to validate the current user in order to avoid allowing users
181	# to see unauthorized data.
182	# Ex: return unless current_user_id?(params[:user_id])
183	def current_user_id?(user_id)	×
184	current_user.try(:id) == user_id	×
185	end	×
186
187	def denied(reason = nil)	×
188	if reason	×
189	redirect_to "/denied?reason=#{reason}"	×
190	else	×
191	redirect_to '/denied'	×
192	end	×
193	end	×
194	end	×

expertiza / expertiza / #19892

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous