# Methods that don't require login should
# skip_around_filter :require_thread_api_token
around_filter :require_thread_api_token, except: ERROR_ACTIONS
+ before_filter :accept_uuid_as_id_param, except: ERROR_ACTIONS
before_filter :check_user_agreements, except: ERROR_ACTIONS
+ before_filter :check_user_profile, except: [:update_profile] + ERROR_ACTIONS
before_filter :check_user_notifications, except: ERROR_ACTIONS
before_filter :load_filters_and_paging_params, except: ERROR_ACTIONS
before_filter :find_object_by_uuid, except: [:index, :choose] + ERROR_ACTIONS
end
end
- def find_object_by_uuid
+
+ def accept_uuid_as_id_param
if params[:id] and params[:id].match /\D/
params[:uuid] = params.delete :id
end
+ end
+
+ def find_object_by_uuid
begin
if not model_class
@object = nil
is_admin: user.is_admin,
prefs: user.prefs
}
+
if !request.format.json? and request.method.in? ['GET', 'HEAD']
# Repeat this request with api_token in the (new) session
# cookie instead of the query string. This prevents API
true
end
+ def check_user_profile
+ profile_config = Rails.configuration.user_profile_form_fields
+
+ if request.method.downcase != 'get' || params[:partial] ||
+ params[:tab_pane] || params[:action_method] ||
+ params[:action] == 'setup_popup'
+ return true
+ end
+
+ if current_user && profile_config
+ missing_required_profile = false
+
+ user_prefs = current_user.prefs
+ current_user.reload if !user_prefs[:profile]
+ user_prefs = current_user.prefs
+ current_user_profile = user_prefs[:profile] if user_prefs
+
+ profile_config.kind_of?(Array) && profile_config.andand.each do |entry|
+ if entry['required']
+ if !current_user_profile ||
+ !current_user_profile[entry['key'].to_sym] ||
+ current_user_profile[entry['key'].to_sym].empty?
+ missing_required_profile = true
+ break
+ end
+ end
+ end
+
+ if missing_required_profile
+ render 'users/profile'
+ end
+ end
+ true
+ end
+
def select_theme
return Rails.configuration.arvados_theme
end
projects / arvados.git / blobdiff