class ApplicationController < ActionController::Base  
  protect_from_forgery
  before_filter :check_honeypot
  around_filter :set_timezone
  helper_method :client_remote_ip
  layout :scoped_layout
  
  rescue_from ActiveScaffold::ActionNotAllowed do |exception|
    flash.now[:error] = I18n.t("errors.action_not_allowed")
    render_access_denied
  end
  
  protected
  
  def set_timezone
    old_time_zone = Time.zone
    Time.zone = cookies[:time_zone] if cookies[:time_zone].present?
    yield
  ensure
    Time.zone = old_time_zone
  end
  
  def scoped_layout
    return false if request.xhr?
    return 'admin' if devise_controller? && resource_name == :admin
    user_signed_in? ? 'users' : 'public'
  end
    
  def render_access_denied
    layout = request.xhr? ? false : 'errors'
    render :template => 'errors/access_denied', :layout => layout
  end

  def client_remote_ip
    @client_remote_ip ||= request.env["HTTP_X_FORWARDED_FOR"]
  end
  
  def check_honeypot
    render :nothing => true if params[Settings.honeypot].present?
  end
  
  def after_sign_out_path_for(resource_or_scope)
    page_path('signed_out')
  end
  
  def current_ability
    @current_ability ||= ::UserAbility.new(current_user)
  end
  
  class UserParameterSanitizer < Devise::ParameterSanitizer
    
    def sign_up
      default_params.permit(:full_name, :email, :password)
    end
    
    def account_update
      default_params.permit(:full_name, :email, :password, :current_password)
    end
    
  end
  
  def devise_parameter_sanitizer
    super unless resource_class == User
    UserParameterSanitizer.new(User, :user, params)
  end
  
end