Put current user into gon

Fixed bug in app.js, removed unnecessray test
2013-06-27 07:10:59 +02:00 · 2013-06-27 07:10:59 +02:00 · fb9b3e35c3
commit fb9b3e35c3
parent 3da9b1bf7f
5 changed files with 14 additions and 25 deletions
--- a/app/assets/javascripts/app/app.js
+++ b/app/assets/javascripts/app/app.js
@ -34,7 +34,11 @@ var app = {
  initialize: function() {
    app.router = new app.Router();

-    app.currentUser = app.user(window.current_user_attributes) || new app.models.User()
+    var currentUser = false;
+    if (window.preloads != undefined) {
+      currentUser = app.user(window.preloads.user)
+    }
+    app.currentUser = currentUser || new app.models.User();

    if(app.currentUser.authenticated()){
      app.header = new app.views.Header();
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -11,6 +11,7 @@ class ApplicationController < ActionController::Base
  before_filter :set_diaspora_header
  before_filter :set_grammatical_gender
  before_filter :mobile_switch
+  before_filter :set_current_user_in_javascript

  inflection_method :grammatical_gender => :gender

@ -136,4 +137,12 @@ class ApplicationController < ActionController::Base
  def current_user_redirect_path
    current_user.getting_started? ? getting_started_path : stream_path
  end
+
+  def set_current_user_in_javascript
+    return unless user_signed_in?
+    a_ids = session[:a_ids] || []
+    user = UserPresenter.new(current_user, a_ids)
+    gon.push({:user => user})
+  end
+
 end
--- a/app/helpers/layout_helper.rb
+++ b/app/helpers/layout_helper.rb
@ -37,17 +37,6 @@ module LayoutHelper
    end
  end

-  def set_current_user_in_javascript
-    return unless user_signed_in?
-    a_ids = session[:a_ids] || []
-    user = UserPresenter.new(current_user, a_ids).to_json
-    content_tag(:script) do
-      <<-JS.html_safe
-        window.current_user_attributes = #{j user}
-      JS
-    end
-  end
-
  def current_user_atom_tag
    return #temp hax

--- a/app/views/layouts/application.html.haml
+++ b/app/views/layouts/application.html.haml
@ -43,7 +43,6 @@
      = load_javascript_locales

    = set_asset_host
-    = set_current_user_in_javascript
    = translation_missing_warnings
    = current_user_atom_tag

--- a/spec/helpers/layout_helper_spec.rb
+++ b/spec/helpers/layout_helper_spec.rb
@ -5,18 +5,6 @@
 require 'spec_helper'

 describe LayoutHelper do
-  describe "#set_current_user_in_javascript" do
-    it "doesn't allow xss" do
-      user = FactoryGirl.create :user
-      profile = user.profile
-      profile.update_attribute(:first_name, "</script><script>alert(0);</script>");
-      stub!(:user_signed_in?).and_return true
-      stub!(:current_user).and_return user
-      set_current_user_in_javascript.should_not be_empty
-      set_current_user_in_javascript.should_not include(profile.first_name)
-    end
-  end
-
  describe "#page_title" do
    context "passed blank text" do
      it "returns Diaspora*" do