barbie-bot/fixin.me
0
0
Fork 0
forked from fixin.me/fixin.me
Code Pull Requests Activity
Files
sole-admin-protection-clean
fixin.me/app/controllers/application_controller.rb
barbie-bot 7904ff3ef9 Add web-based installation wizard 
Replace the CLI-only setup (db:seed + manual application.rb edits)
with a web wizard shown automatically on first visit when no admin
account exists yet.

SetupController (GET/POST /setup) collects the admin e-mail and
password, a "skip e-mail confirmation" toggle, and an option to
seed the built-in default units.  Once submitted it creates the
admin User, persists the chosen options as Setting records, and
redirects to the sign-in page.

ApplicationController gains a redirect_to_setup_if_needed
before_action that catches every request (including Devise routes)
when no admin exists, so a fresh installation always lands on the
wizard rather than an empty sign-in form.

A new Setting model provides a lightweight key-value store for
runtime options that were previously hard-coded in application.rb
(e.g. skip_email_confirmation).  RegistrationsController now reads
that flag from the database instead of from the application config.

Seeds.rb is kept for headless / automated deployments and skips
admin creation when an admin already exists (idempotent), with a
comment pointing to the web wizard as the preferred path.

Also extends the SQLite nil-limit fix (|| Float::INFINITY) to the
Quantity model, which suffered the same ArgumentError as Unit.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-28 17:19:24 +00:00

75 lines
2.5 KiB
Ruby
Raw Permalink Blame History

class ApplicationController < ActionController::Base
# Turbo-rails disables layout rendering for turbo_frame requests (i.e.
# requests that specify 'turbo-frame:' header).
# As a side effect, this also disables layout for turbo_stream requests that
# happen to originate from within turbo frame (e.g. turbo_frame_tag or tag
# with 'is="turbo-frame"' attribute). To fix this, either frame tags must not be
# used, or custom layout method needs to be defined.
helper_method :current_user_disguised?
helper_method :current_tab
before_action :redirect_to_setup_if_needed
before_action :authenticate_user!
class AccessForbidden < StandardError; end
class ParameterInvalid < StandardError; end
# Exceptions are handled depending on request format:
# * HTML is handled by PublicExceptions, resulting in display of
# 'public/<status-code>.html' template.
# * TURBO_STREAM is handled by method specified below, which writes flash
# message and forces redirect to referer - to display flash and make page
# content consistent with database (which may or may not have been
# modified before exception).
# This requires referer to be available in TURBO_STREAM format. Otherwise
# Turbo will reload 2nd time with HTML format and flashes will be lost.
rescue_from *ActionDispatch::ExceptionWrapper.rescue_responses.keys, with: :rescue_turbo
protected
def current_user_disguised?
session[:revert_to_id].present?
end
class << self
attr_reader :navigation_menu_tab
def navigation_tab(name)
@navigation_menu_tab = name.to_s
end
end
def current_tab
self.class.navigation_menu_tab || controller_name
end
private
# Redirect to the web setup wizard when the application has not yet been
# initialised (i.e. no admin account exists in the database).
def redirect_to_setup_if_needed
return if User.exists?(status: :admin)
redirect_to new_setup_path
rescue ActiveRecord::StatementInvalid
# Tables may not exist yet (migrations not run). Fall through and let the
# normal request handling surface a meaningful error.
end
def render_no_content(record)
helpers.render_errors(record)
render html: nil, layout: true
end
def rescue_turbo(exception)
raise unless request.format.to_sym == :turbo_stream
message_id = ActionDispatch::ExceptionWrapper.rescue_responses[exception.class.to_s]
flash.alert = t("actioncontroller.exceptions.status.#{message_id}")
redirect_to request.referer
end
def run_and_render(action)
send action
render action
end
end
View Git Blame Copy Permalink