Class: RailzLite::ControllerBase

Inherits:

Object

• Object
• RailzLite::ControllerBase

Defined in:

lib/railz_lite/controllers/controller_base.rb

Direct Known Subclasses

WelcomeController

Instance Attribute Summary

• #params ⇒ Object readonly

  Returns the value of attribute params.

• #req ⇒ Object readonly

  Returns the value of attribute req.

• #res ⇒ Object readonly

  Returns the value of attribute res.

Class Method Summary

• .protect_from_forgery ⇒ Object

Instance Method Summary

• #already_built_response? ⇒ Boolean

  Helper method to alias @already_built_response.

• #check_authenticity_token ⇒ Object
• #flash ⇒ Object

  method exposing a ‘Flash` object.

• #form_authenticity_token ⇒ Object
• #generate_authenticity_token ⇒ Object
• #initialize(req, res, route_params = {}) ⇒ ControllerBase constructor

  Setup the controller.

• #invoke_action(name) ⇒ Object

  use this with the router to call action_name (:index, :show, :create…).

• #protect_from_forgery ⇒ Object
• #redirect_to(url) ⇒ Object

  Set the response status code and header.

• #render(template_name) ⇒ Object

  use ERB and binding to evaluate templates pass the rendered html to render_content.

• #render_content(content, content_type) ⇒ Object

  Populate the response with content.

• #session ⇒ Object

  method exposing a ‘Session` object.

Constructor Details

#initialize(req, res, route_params = {}) ⇒ ControllerBase

Setup the controller

# File 'lib/railz_lite/controllers/controller_base.rb', line 16

def initialize(req, res, route_params = {})
  @req = req
  @res = res
  @params = req.params.merge(route_params)
  @@protect_from_forgery ||= false
end

Instance Attribute Details

#params ⇒ Object (readonly)

Returns the value of attribute params.

# File 'lib/railz_lite/controllers/controller_base.rb', line 13

def params
  @params
end

#req ⇒ Object (readonly)

Returns the value of attribute req.

# File 'lib/railz_lite/controllers/controller_base.rb', line 13

def req
  @req
end

#res ⇒ Object (readonly)

Returns the value of attribute res.

# File 'lib/railz_lite/controllers/controller_base.rb', line 13

def res
  @res
end

Class Method Details

.protect_from_forgery ⇒ Object

# File 'lib/railz_lite/controllers/controller_base.rb', line 100

def self.protect_from_forgery
  @@protect_from_forgery = true
end

Instance Method Details

#already_built_response? ⇒ Boolean

Helper method to alias @already_built_response

Returns:

• (Boolean)

# File 'lib/railz_lite/controllers/controller_base.rb', line 24

def already_built_response?
  @already_built_response || false
end

#check_authenticity_token ⇒ Object

# File 'lib/railz_lite/controllers/controller_base.rb', line 108

def check_authenticity_token
  debugger
  cookie = @req.cookies['authenticity_token']
  raise 'Invalid authenticity token' unless cookie && cookie == params['authenticity_token']
end

#flash ⇒ Object

method exposing a ‘Flash` object

# File 'lib/railz_lite/controllers/controller_base.rb', line 79

def flash
  @flash ||= Flash.new(req)
end

#form_authenticity_token ⇒ Object

# File 'lib/railz_lite/controllers/controller_base.rb', line 94

def form_authenticity_token
  @token ||= generate_authenticity_token
  res.set_cookie('authenticity_token', value: @token, path: '/')
  @token
end

#generate_authenticity_token ⇒ Object

# File 'lib/railz_lite/controllers/controller_base.rb', line 114

def generate_authenticity_token
  SecureRandom.urlsafe_base64(16)
end

#invoke_action(name) ⇒ Object

use this with the router to call action_name (:index, :show, :create…)

# File 'lib/railz_lite/controllers/controller_base.rb', line 84

def invoke_action(name)
  if protect_from_forgery && req.request_method != 'GET'
    check_authenticity_token
  else
    form_authenticity_token 
  end
  send(name)
  render(name) unless @already_built_response
end

#protect_from_forgery ⇒ Object

# File 'lib/railz_lite/controllers/controller_base.rb', line 104

def protect_from_forgery
  @@protect_from_forgery
end

#redirect_to(url) ⇒ Object

Set the response status code and header

# File 'lib/railz_lite/controllers/controller_base.rb', line 29

def redirect_to(url)
  raise "Double render detected." if already_built_response?
  res['Location'] = url
  res.status = 302
  session.store_session(res)
  flash.store_flash(res)
  @already_built_response = true
end

#render(template_name) ⇒ Object

use ERB and binding to evaluate templates pass the rendered html to render_content

# File 'lib/railz_lite/controllers/controller_base.rb', line 51

def render(template_name)
  dir_path = Dir.pwd

  layout_path = File.join(dir_path, 'views', 'application', 'application.html.erb')
  inner_file_path = File.join(dir_path, 'views', "#{self.class.name.underscore.split('_controller').first}", "#{template_name.to_s}.html.erb")

  layout_template = File.read(layout_path)
  inner_template = File.read(inner_file_path)

  layout = ERB.new(layout_template)
  inner = ERB.new(inner_template)

  layout.def_method(LayoutRenderer, 'render') # dummy method used so that blocks can be passed to ERB result

  result = LayoutRenderer.new.render do
    inner_html = inner.result(binding)
    Loofah.fragment(inner_html).scrub!(:prune).to_s # prevent non-safe html from being executed
  end

  render_content(result, 'text/html')
end

#render_content(content, content_type) ⇒ Object

Populate the response with content. Set the response’s content type to the given type. Raise an error if the developer tries to double render.

# File 'lib/railz_lite/controllers/controller_base.rb', line 41

def render_content(content, content_type)
  raise "Double render detected." if already_built_response?
  res.write(content)
  res['Content-Type'] = content_type
  session.store_session(res)
  @already_built_response = true
end

#session ⇒ Object

method exposing a ‘Session` object

# File 'lib/railz_lite/controllers/controller_base.rb', line 74

def session
  @session ||= Session.new(req)
end