Class ApplicationController
In: app/controllers/application_controller.rb
Parent: ActionController::Base

Filters added to this controller apply to all controllers in the application. Likewise, all the methods added will be available for all controllers.

Methods

Protected Instance methods

Create a new object following submission of a ‘create’ view form. Restricted users can‘t do this. Pass the model name as a string.

[Source]

    # File app/controllers/application_controller.rb, line 82
82:   def appctrl_create( model )
83:     return appctrl_not_permitted() if ( @current_user.restricted? )
84: 
85:     @record = model.constantize.new( params[ model.downcase ] )
86: 
87:     if ( @record.save )
88:       flash[ :notice ] = "New #{ model.downcase } added"
89:       redirect_to( send( "#{ model.downcase.pluralize }_path" ) )
90:     else
91:       render( :action => 'new' )
92:     end
93:   end

Prepare to delete an object. Only administrators can do this. Pass the model name as a string.

If successful, sets "@record" and renders the view.

[Source]

     # File app/controllers/application_controller.rb, line 126
126:   def appctrl_delete( model )
127:     return appctrl_not_permitted() unless ( @current_user.admin? )
128:     @record = model.constantize.find( params[ :id ] )
129:   end

Destroy an object following confirmation that this is desired. Only administrators can do this. Pass the model name as a string.

[Source]

     # File app/controllers/application_controller.rb, line 134
134:   def appctrl_delete_confirm( model )
135:     return appctrl_not_permitted() unless ( @current_user.admin? )
136: 
137:     begin
138:       model.constantize.destroy( params[ :id ] )
139: 
140:       flash[ :notice ] = "#{ model } deleted"
141:       redirect_to( send( "#{ model.downcase.pluralize }_path" ) )
142: 
143:     rescue => error
144:       flash[ :error ] = "Could not destroy #{ model.downcase }: #{ error }"
145:       redirect_to( home_path() )
146: 
147:     end
148:   end

Prepare to edit an object. Restricted users can‘t do this. Pass a model name as a string.

If successful, sets "@record" and renders the view.

[Source]

     # File app/controllers/application_controller.rb, line 100
100:   def appctrl_edit( model )
101:     return appctrl_not_permitted() if ( @current_user.restricted? )
102:     @record = model.constantize.find( params[ :id ] )
103:   end

Take out some common code for index views. Deals with the pagination and sorting parameters. Returns a hash suitable for passing on to the paginator. Requires @columns to already be set up; see the index helper methods in application_helper.rb for details, or look at the index method in the User controller as an example. Note that parameter "value_method" is required in the columns data even if a helper method has been given, for sorting purposes.

[Source]

     # File app/controllers/application_controller.rb, line 158
158:   def appctrl_index_assist( model )
159:     default_direction = model::DEFAULT_SORT_DIRECTION.downcase
160:     default_entries   = 10
161:     default_page      = 1
162: 
163:     params[ :sort      ] = "#{ -1                }" if ( params[ :sort      ].nil? )
164:     params[ :page      ] = "#{ default_page      }" if ( params[ :page      ].nil? )
165:     params[ :entries   ] = "#{ default_entries   }" if ( params[ :entries   ].nil? )
166:     params[ :direction ] = "#{ default_direction }" if ( params[ :direction ].nil? )
167: 
168:     sort    = params[ :sort    ].to_i
169:     page    = params[ :page    ].to_i
170:     entries = params[ :entries ].to_i
171:     entries = default_entries if ( entries <= 0 or entries > 500 )
172: 
173:     if ( 0..@columns.length ).include?( sort )
174: 
175:       # Valid sort order requested
176: 
177:       unless ( @columns[ sort ][ :sort_by ].nil? )
178:         order = @columns[ sort ][ :sort_by ].dup
179:       else
180:         order = @columns[ sort ][ :value_method ].to_s.dup
181:       end
182: 
183:     else
184: 
185:       # Default sort order - try to match DEFAULT_SORT_COLUMN against one of
186:       # the numbered columns.
187: 
188:       order = model::DEFAULT_SORT_COLUMN.dup
189: 
190:       @columns.each_index do | index |
191:         column = @columns[ index ]
192: 
193:         if ( column[ :value_method ].to_s == order or column[ :sort_by ].to_s == order )
194:           params[ :sort ] = index.to_s
195:           break
196:         end
197:       end
198:     end
199: 
200:     if ( params[ :direction ] == 'desc' )
201:       order << ' DESC'
202:     else
203:       order << ' ASC'
204:     end
205: 
206:     return { :page => page, :per_page => entries, :order => order }
207:   end

Prepare to create a new object. Restricted users can‘t do this. Pass a model name as a string.

If successful, sets "@record" and renders the view.

[Source]

    # File app/controllers/application_controller.rb, line 72
72:   def appctrl_new( model )
73:     return appctrl_not_permitted() if ( @current_user.restricted? )
74: 
75:     @record = model.constantize.new
76:     @record.assign_defaults( @current_user )
77:   end

If a Controller determines than an action is not permitted, it should call here. Redirects to Home with a permissions message.

[Source]

    # File app/controllers/application_controller.rb, line 48
48:   def appctrl_not_permitted
49:     render( { :text => 'Action not permitted', :status => 403 } )
50:   end

YUI tree form submission will present selected task IDs as a single string in a comma separated list; the non-JS code does it properly as an array of IDs. Sort this out by patching the params hash. Pass the item to patch (e.g. ":user", ":control_panel"). An optional second parameter lets you override the use of ":task_ids" for the second dimension "params" array reference.

[TODO]: Do this in the JS instead? Requires multiple hiddden INPUTs to [TODO]: be dynamically created, one for each array entry; slow, complex

[Source]

     # File app/controllers/application_controller.rb, line 219
219:   def appctrl_patch_params_from_js( sym, name = :task_ids )
220:     task_ids = (params[ sym ] || {} )[ name ] || []
221: 
222:     if ( task_ids.length == 1 && task_ids[ 0 ].is_a?( String ) )
223:       params[ sym ][ name ] = task_ids[ 0 ].split( ',' )
224:     end
225:   end

Common code for a ‘show’ back-end. Pass a model name as a string. Invokes ‘is_permitted_for?’ on the instance to check for authority to proceed.

If successful, sets "@record" and renders the view.

[Source]

    # File app/controllers/application_controller.rb, line 62
62:   def appctrl_show( model )
63:     @record = model.constantize.find( params[ :id ] )
64:     return appctrl_not_permitted() unless ( @record.is_permitted_for?( @current_user ) )
65:   end

Update an object following submission of an ‘edit’ view form. Restricted users can‘t do this. Pass the model name as a string.

[Source]

     # File app/controllers/application_controller.rb, line 108
108:   def appctrl_update( model )
109:     return appctrl_not_permitted() if ( @current_user.restricted? )
110: 
111:     @record = model.constantize.find( params[ :id ] )
112: 
113:     if ( @record.update_attributes( params[ model.downcase ] ) )
114:       flash[ :notice ] = "#{ model } details updated"
115:       redirect_to( send( "#{ model.downcase.pluralize }_path" ) )
116:     else
117:       render( :action => 'edit' )
118:     end
119:   end

Required by acts_as_audited; returns current user, setting the @current_user variable in passing if it is presently unset.

[Source]

    # File app/controllers/application_controller.rb, line 40
40:   def current_user
41:     appctrl_set_user()
42:     return @current_user
43:   end

[Validate]