diff options
| author | Azul <azul@leap.se> | 2014-05-16 08:42:36 +0200 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2014-05-16 08:42:36 +0200 |
| commit | 8fbbb8717f0578536b97c2dc0883c632f120e976 (patch) | |
| tree | 17aeb2b48ada703ac916a9a65fbf3c75a5dadb86 /app/controllers/v1 | |
| parent | 81555ec6244ed76f92e3629880f68104b8705817 (diff) | |
| parent | a4f7a410c536d88c91c834cab6ee950c71005ddd (diff) | |
Merge remote-tracking branch 'origin/develop'
Conflicts:
app/assets/javascripts/srp
test/nagios/soledad_sync.py
test/nagios/webapp_login.py
Diffstat (limited to 'app/controllers/v1')
| -rw-r--r-- | app/controllers/v1/certs_controller.rb | 20 | ||||
| -rw-r--r-- | app/controllers/v1/messages_controller.rb | 24 | ||||
| -rw-r--r-- | app/controllers/v1/services_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/v1/sessions_controller.rb | 45 | ||||
| -rw-r--r-- | app/controllers/v1/users_controller.rb | 32 |
5 files changed, 129 insertions, 0 deletions
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb new file mode 100644 index 0000000..73409ef --- /dev/null +++ b/app/controllers/v1/certs_controller.rb @@ -0,0 +1,20 @@ +class V1::CertsController < ApplicationController + + before_filter :require_login, :unless => :anonymous_certs_allowed? + + # GET /cert + def show + @cert = ClientCertificate.new(:prefix => service_level.cert_prefix) + render text: @cert.to_s, content_type: 'text/plain' + end + + protected + + def anonymous_certs_allowed? + APP_CONFIG[:allow_anonymous_certs] + end + + def service_level + current_user.effective_service_level + end +end diff --git a/app/controllers/v1/messages_controller.rb b/app/controllers/v1/messages_controller.rb new file mode 100644 index 0000000..85156b7 --- /dev/null +++ b/app/controllers/v1/messages_controller.rb @@ -0,0 +1,24 @@ +module V1 + class MessagesController < ApplicationController + + skip_before_filter :verify_authenticity_token + before_filter :require_token + + respond_to :json + + def index + render json: current_user.messages + end + + def update + if message = Message.find(params[:id]) + message.mark_as_read_by(current_user) + message.save + render json: true + else + render json: false + end + end + + end +end diff --git a/app/controllers/v1/services_controller.rb b/app/controllers/v1/services_controller.rb new file mode 100644 index 0000000..594940e --- /dev/null +++ b/app/controllers/v1/services_controller.rb @@ -0,0 +1,8 @@ +class V1::ServicesController < ApplicationController + + respond_to :json + + def show + respond_with current_user.effective_service_level + end +end diff --git a/app/controllers/v1/sessions_controller.rb b/app/controllers/v1/sessions_controller.rb new file mode 100644 index 0000000..d88fcdc --- /dev/null +++ b/app/controllers/v1/sessions_controller.rb @@ -0,0 +1,45 @@ +module V1 + class SessionsController < ApplicationController + + skip_before_filter :verify_authenticity_token + before_filter :require_token, only: :destroy + + def new + @session = Session.new + if authentication_errors + @errors = authentication_errors + render :status => 422 + end + end + + def create + logout if logged_in? + if params['A'] + authenticate! + else + @user = User.find_by_login(params['login']) + render :json => {salt: @user.salt} + end + end + + def update + authenticate! + @token = Token.create(:user_id => current_user.id) + session[:token] = @token.id + render :json => login_response + end + + def destroy + logout + head :no_content + end + + protected + + def login_response + handshake = session.delete(:handshake) || {} + handshake.to_hash.merge(:id => current_user.id, :token => @token.to_s) + end + + end +end diff --git a/app/controllers/v1/users_controller.rb b/app/controllers/v1/users_controller.rb new file mode 100644 index 0000000..8897d01 --- /dev/null +++ b/app/controllers/v1/users_controller.rb @@ -0,0 +1,32 @@ +module V1 + class UsersController < UsersBaseController + + skip_before_filter :verify_authenticity_token + before_filter :fetch_user, :only => [:update] + before_filter :require_admin, :only => [:index] + before_filter :require_token, :only => [:update] + + respond_to :json + + # used for autocomplete for admins in the web ui + def index + if params[:query] + @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ) + respond_with @users.map(&:login).sort + else + render :json => {'error' => 'query required', 'status' => :unprocessable_entity} + end + end + + def create + @user = Account.create(params[:user]) + respond_with @user # return ID instead? + end + + def update + @user.account.update params[:user] + respond_with @user + end + + end +end |