mirror of
https://github.com/we-promise/sure.git
synced 2026-05-30 15:59:02 +00:00
7fdc205f25
Exploration spike following expert-panel synthesis. Codifies the 3-tier gating model (instance / per-user / per-family) without adding a framework. Investments is the first family-scoped module. - Family#disabled_modules: string[] column, opt-out semantics. No per-module DB column. Existing families default to [] = enabled. - Family::AVAILABLE_MODULES = %w[investments] (the registry). - ModuleGateable concern (auto-included in ApplicationController): require_module! class macro + module_enabled? helper. - Api::V1::BaseController#require_module!: 403 feature_disabled JSON, mirrors require_ai_enabled. - NavigationHelper extracts mobile/desktop nav into a single source with module: key support; mobile shrinks via justify-around, never auto-fills empty slots. - Settings → Preferences gains a family-scoped module toggle card. - 4 HTML controllers (Investments, Holdings, Trades, Securities) + 3 API controllers gated. Investment/Crypto account types hidden in the new-account modal when off. - docs/feature-gating.md codifies the rule for future modules. Background-job layer not wired (no Investments-specific scheduled job to gate; flagged as TODO in docs). Run db:migrate before bin/rails test. No PR yet — awaiting decisions in open-questions list.
107 lines
2.9 KiB
Ruby
107 lines
2.9 KiB
Ruby
class ApplicationController < ActionController::Base
|
|
include RestoreLayoutPreferences, Onboardable, Localize, AutoSync, Authentication, Invitable,
|
|
SelfHostable, StoreLocation, Impersonatable, Breadcrumbable,
|
|
FeatureGuardable, Notifiable, SafePagination, AccountAuthorizable,
|
|
PreviewGateable, ModuleGateable
|
|
include Pundit::Authorization
|
|
|
|
include Pagy::Backend
|
|
|
|
# Pundit uses current_user by default, but this app uses Current.user
|
|
def pundit_user
|
|
Current.user
|
|
end
|
|
|
|
before_action :detect_os
|
|
before_action :set_default_chat
|
|
before_action :set_active_storage_url_options
|
|
|
|
helper_method :demo_config, :demo_host_match?, :show_demo_warning?
|
|
|
|
private
|
|
def accept_pending_invitation_for(user)
|
|
return false if user.blank?
|
|
|
|
token = session[:pending_invitation_token]
|
|
return false if token.blank?
|
|
|
|
invitation = Invitation.pending.find_by(token: token.to_s)
|
|
return false unless invitation
|
|
return false unless invitation.accept_for(user)
|
|
|
|
session.delete(:pending_invitation_token)
|
|
true
|
|
end
|
|
|
|
def store_pending_invitation_if_valid
|
|
token = params[:invitation].to_s.presence
|
|
return if token.blank?
|
|
|
|
invitation = Invitation.pending.find_by(token: token)
|
|
session[:pending_invitation_token] = token if invitation
|
|
end
|
|
|
|
def require_admin!
|
|
return if Current.user&.admin?
|
|
|
|
respond_to do |format|
|
|
format.html { redirect_to accounts_path, alert: t("shared.require_admin") }
|
|
format.turbo_stream { head :forbidden }
|
|
format.json { head :forbidden }
|
|
format.any { head :forbidden }
|
|
end
|
|
end
|
|
|
|
def detect_os
|
|
user_agent = request.user_agent
|
|
@os = case user_agent
|
|
when /Windows/i then "windows"
|
|
when /Macintosh/i then "mac"
|
|
when /Linux/i then "linux"
|
|
when /Android/i then "android"
|
|
when /iPhone|iPad/i then "ios"
|
|
else ""
|
|
end
|
|
end
|
|
|
|
# By default, we show the user the last chat they interacted with
|
|
def set_default_chat
|
|
@last_viewed_chat = Current.user&.last_viewed_chat
|
|
@chat = @last_viewed_chat
|
|
end
|
|
|
|
def set_active_storage_url_options
|
|
ActiveStorage::Current.url_options = {
|
|
protocol: request.protocol,
|
|
host: request.host,
|
|
port: request.optional_port
|
|
}
|
|
end
|
|
|
|
def demo_config
|
|
Rails.application.config_for(:demo)
|
|
rescue RuntimeError, Errno::ENOENT, Psych::SyntaxError
|
|
nil
|
|
end
|
|
|
|
def demo_host_match?(demo = demo_config)
|
|
return false unless demo.is_a?(Hash) && demo["hosts"].present?
|
|
|
|
demo["hosts"].include?(request.host)
|
|
end
|
|
|
|
def show_demo_warning?
|
|
demo_host_match?
|
|
end
|
|
|
|
def accessible_accounts
|
|
Current.accessible_accounts
|
|
end
|
|
helper_method :accessible_accounts
|
|
|
|
def finance_accounts
|
|
Current.finance_accounts
|
|
end
|
|
helper_method :finance_accounts
|
|
end
|