Add: #406 ユーザーのカスタムCSS (#825)

* Add: #406 ユーザーのカスタムCSS

* Fix lint

* Fix lint

* カスタムCSSの保存先を変更

* キャッシュを考慮して別URLに変更

app/controllers/auth/sessions_controller.rb

@@ -78,7 +78,11 @@ class Auth::SessionsController < Devise::SessionsController
   end
 
   def user_params
-    params.require(:user).permit(:email, :password, :otp_attempt, credential: {})
+    params.require(:user).permit(:email, :password, :otp_attempt, :disable_css, credential: {})
+  end
+
+  def login_page_params
+    params.permit(:with_options)
   end
 
   def after_sign_in_path_for(resource)
@@ -113,6 +117,11 @@ class Auth::SessionsController < Devise::SessionsController
     truthy_param?(:continue)
   end
 
+  def with_login_options?
+    login_page_params[:with_options] == '1'
+  end
+  helper_method :with_login_options?
+
   def restart_session
     clear_attempt_from_session
     redirect_to new_user_session_path, alert: I18n.t('devise.failure.timeout')
@@ -151,6 +160,8 @@ class Auth::SessionsController < Devise::SessionsController
     sign_in(user)
     flash.delete(:notice)
 
+    disable_custom_css!(user) if disable_custom_css?
+
     LoginActivity.create(
       user: user,
       success: true,
@@ -162,6 +173,15 @@ class Auth::SessionsController < Devise::SessionsController
     UserMailer.suspicious_sign_in(user, request.remote_ip, request.user_agent, Time.now.utc).deliver_later! if @login_is_suspicious
   end
 
+  def disable_custom_css?
+    user_params[:disable_css].present? && user_params[:disable_css] != '0'
+  end
+
+  def disable_custom_css!(user)
+    user.settings['web.use_custom_css'] = false
+    user.save!
+  end
+
   def suspicious_sign_in?(user)
     SuspiciousSignInDetector.new(user).suspicious?(request)
   end

app/controllers/custom_css_controller.rb

@@ -13,7 +13,17 @@ class CustomCssController < ActionController::Base # rubocop:disable Rails/Appli
   def custom_css_styles
     Setting.custom_css
   end
-  helper_method :custom_css_styles
+
+  def user_custom_css?
+    return false if current_user.nil?
+
+    current_user.setting_use_custom_css && current_user.custom_css_text.present?
+  end
+
+  def user_custom_css
+    current_user.custom_css_text
+  end
+  helper_method :custom_css_styles, :user_custom_css?, :user_custom_css
 
   def set_user_roles
     @user_roles = UserRole.providing_styles

app/controllers/settings/preferences/base_controller.rb

@@ -25,7 +25,7 @@ class Settings::Preferences::BaseController < Settings::BaseController
   end
 
   def original_user_params
-    params.require(:user).permit(:locale, :time_zone, chosen_languages: [], settings_attributes: UserSettings.keys)
+    params.require(:user).permit(:locale, :time_zone, :custom_css_text, chosen_languages: [], settings_attributes: UserSettings.keys)
   end
 
   def disabled_visibilities_params

app/controllers/settings/preferences/custom_css_controller.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class Settings::Preferences::CustomCssController < Settings::Preferences::BaseController
+  private
+
+  def after_update_redirect_path
+    settings_preferences_custom_css_path
+  end
+end

app/controllers/user_custom_css_controller.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class UserCustomCssController < ActionController::Base # rubocop:disable Rails/ApplicationController
+  before_action :authenticate_user!
+
+  def show
+    render content_type: 'text/css'
+  end
+
+  private
+
+  def user_custom_css
+    current_user.custom_css_text
+  end
+  helper_method :user_custom_css
+end