Add account slug middleware
and set Current.account
This commit is contained in:
@@ -52,7 +52,9 @@ module Authentication
|
||||
end
|
||||
|
||||
def request_authentication
|
||||
session[:return_to_after_authenticating] = request.url
|
||||
if request_account_id.present?
|
||||
session[:return_to_after_authenticating] = request.url
|
||||
end
|
||||
|
||||
redirect_to_login_url
|
||||
end
|
||||
@@ -81,4 +83,8 @@ module Authentication
|
||||
Current.session.destroy
|
||||
cookies.delete(:session_token)
|
||||
end
|
||||
|
||||
def request_account_id
|
||||
request.env["fizzy.external_account_id"]
|
||||
end
|
||||
end
|
||||
|
||||
@@ -2,7 +2,8 @@ module Authorization
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :ensure_can_access_account, if: -> { authenticated? }
|
||||
prepend_before_action :set_account, if: -> { request_account_id.present? }
|
||||
before_action :ensure_can_access_account, if: -> { Current.account.present? && authenticated? }
|
||||
end
|
||||
|
||||
class_methods do
|
||||
@@ -17,6 +18,10 @@ module Authorization
|
||||
end
|
||||
|
||||
private
|
||||
def set_account
|
||||
Current.account = Account.find_by(external_account_id: request_account_id)
|
||||
end
|
||||
|
||||
def ensure_admin
|
||||
head :forbidden unless Current.user.admin?
|
||||
end
|
||||
@@ -26,7 +31,10 @@ module Authorization
|
||||
end
|
||||
|
||||
def ensure_can_access_account
|
||||
if Current.membership.blank?
|
||||
if Current.account.nil?
|
||||
redirect_to session_menu_url(script_name: nil)
|
||||
elsif Current.membership.blank?
|
||||
Rails.logger.debug "MIKE: blank membership, session is #{Current.session.inspect}"
|
||||
redirect_to session_menu_url(script_name: nil)
|
||||
elsif Current.user.nil? && Current.membership.join_code.present?
|
||||
redirect_to new_users_join_path
|
||||
|
||||
@@ -15,8 +15,12 @@ class Membership < ApplicationRecord
|
||||
end
|
||||
end
|
||||
|
||||
def account
|
||||
Account.find_by_external_account_id(tenant)
|
||||
end
|
||||
|
||||
def account_name
|
||||
Current.account.name
|
||||
account&.name
|
||||
end
|
||||
|
||||
def user
|
||||
|
||||
@@ -3,23 +3,38 @@ module AccountSlug
|
||||
FORMAT = "%07d"
|
||||
PATH_INFO_MATCH = /\A(\/#{AccountSlug::PATTERN})/
|
||||
|
||||
# We're using account id prefixes in the URL path. Rather than namespace
|
||||
# all our routes, we're "mounting" the Rails app at this URL prefix.
|
||||
def self.extract(request)
|
||||
# $1, $2, $' == script_name, slug, path_info
|
||||
if request.script_name && request.script_name =~ PATH_INFO_MATCH
|
||||
# Likely due to restarting the action cable connection after upgrade
|
||||
AccountSlug.decode($2)
|
||||
elsif request.path_info =~ PATH_INFO_MATCH
|
||||
# Yanks the prefix off PATH_INFO and move it to SCRIPT_NAME
|
||||
request.engine_script_name = request.script_name = $1
|
||||
request.path_info = $'.empty? ? "/" : $'
|
||||
class Extractor
|
||||
def initialize(app)
|
||||
@app = app
|
||||
end
|
||||
|
||||
# Return the account id
|
||||
AccountSlug.decode($2)
|
||||
# We're using account id prefixes in the URL path. Rather than namespace
|
||||
# all our routes, we're "mounting" the Rails app at this URL prefix.
|
||||
def call(env)
|
||||
request = ActionDispatch::Request.new(env)
|
||||
|
||||
# $1, $2, $' == script_name, slug, path_info
|
||||
if request.script_name && request.script_name =~ PATH_INFO_MATCH
|
||||
# Likely due to restarting the action cable connection after upgrade
|
||||
AccountSlug.decode($2)
|
||||
elsif request.path_info =~ PATH_INFO_MATCH
|
||||
# Yanks the prefix off PATH_INFO and move it to SCRIPT_NAME
|
||||
request.engine_script_name = request.script_name = $1
|
||||
request.path_info = $'.empty? ? "/" : $'
|
||||
|
||||
# Stash the account's Queenbee ID.
|
||||
env["fizzy.external_account_id"] = AccountSlug.decode($2)
|
||||
Rails.logger.debug "MIKE: Extracted account id #{env["fizzy.external_account_id"].inspect}"
|
||||
end
|
||||
|
||||
@app.call env
|
||||
end
|
||||
end
|
||||
|
||||
def self.decode(slug) slug.to_i end
|
||||
def self.encode(id) FORMAT % id end
|
||||
end
|
||||
|
||||
Rails.application.config.middleware.tap do |stack|
|
||||
stack.insert_before Rails::Rack::Logger, AccountSlug::Extractor
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user