require 'current_user' require_dependency 'canonical_url' require_dependency 'discourse' require_dependency 'custom_renderer' require_dependency 'archetype' require_dependency 'rate_limiter' class ApplicationController < ActionController::Base include CurrentUser include CanonicalURL::ControllerExtensions serialization_scope :guardian protect_from_forgery # Default Rails 3.2 lets the request through with a blank session # we are being more pedantic here and nulling session / current_user # and then raising a CSRF exception def handle_unverified_request # NOTE: API key is secret, having it invalidates the need for a CSRF token unless is_api? super clear_current_user render text: "['BAD CSRF']", status: 403 end end before_filter :set_locale before_filter :set_mobile_view before_filter :inject_preview_style before_filter :disable_customization before_filter :block_if_readonly_mode before_filter :authorize_mini_profiler before_filter :store_incoming_links before_filter :preload_json before_filter :check_xhr before_filter :redirect_to_login_if_required rescue_from Exception do |exception| unless [ActiveRecord::RecordNotFound, ActionController::RoutingError, ActionController::UnknownController, AbstractController::ActionNotFound].include? exception.class begin ErrorLog.report_async!(exception, self, request, current_user) rescue # dont care give up end end raise end # Some exceptions class RenderEmpty < Exception; end # Render nothing unless we are an xhr request rescue_from RenderEmpty do render 'default/empty' end # If they hit the rate limiter rescue_from RateLimiter::LimitExceeded do |e| time_left = "" if e.available_in < 1.minute.to_i time_left = I18n.t("rate_limiter.seconds", count: e.available_in) elsif e.available_in < 1.hour.to_i time_left = I18n.t("rate_limiter.minutes", count: (e.available_in / 1.minute.to_i)) else time_left = I18n.t("rate_limiter.hours", count: (e.available_in / 1.hour.to_i)) end render json: {errors: [I18n.t("rate_limiter.too_many_requests", time_left: time_left)]}, status: 429 end rescue_from Discourse::NotLoggedIn do |e| raise e if Rails.env.test? redirect_to "/" end rescue_from Discourse::NotFound do rescue_discourse_actions("[error: 'not found']", 404) # TODO: this breaks json responses end rescue_from Discourse::InvalidAccess do rescue_discourse_actions("[error: 'invalid access']", 403) # TODO: this breaks json responses end rescue_from Discourse::ReadOnly do render status: 405, json: failed_json.merge(message: I18n.t("read_only_mode_enabled")) end def rescue_discourse_actions(message, error) if request.format && request.format.json? # TODO: this doesn't make sense. Stuffing an html page into a json response will cause # $.parseJSON to fail in the browser. Also returning text like "[error: 'invalid access']" # from the above rescue_from blocks will fail because that isn't valid json. render status: error, layout: false, text: (error == 404) ? build_not_found_page(error) : message else render text: build_not_found_page(error, 'no_js') end end def set_locale I18n.locale = SiteSetting.default_locale end def store_preloaded(key, json) @preloaded ||= {} # I dislike that there is a gsub as opposed to a gsub! # but we can not be mucking with user input, I wonder if there is a way # to inject this safty deeper in the library or even in AM serializer @preloaded[key] = json.gsub("