summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-07-28 09:52:47 +0200
committerAzul <azul@leap.se>2014-07-31 10:02:38 +0200
commit297b42cd7557a7508cdbf091163da48bbd52a79a (patch)
tree2358174f2e8b13246cd570a6fa2c563392565b39 /app/controllers
parent791033d4a3021cc0a476a514667b17a6d519aa89 (diff)
use ApiController#anonymous_access_allowed?
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController.
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/api_controller.rb6
-rw-r--r--app/controllers/v1/certs_controller.rb6
-rw-r--r--app/controllers/v1/configs_controller.rb8
-rw-r--r--app/controllers/v1/services_controller.rb2
4 files changed, 11 insertions, 11 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 0aa9507..70b3cac 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -3,9 +3,15 @@ class ApiController < ApplicationController
skip_before_filter :verify_authenticity_token
respond_to :json
+ protected
+
def require_login
require_token
end
+ def anonymous_access_allowed?
+ APP_CONFIG[:allow_anonymous_certs]
+ end
+
end
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 68d6586..99aec16 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -1,6 +1,6 @@
class V1::CertsController < ApiController
- before_filter :require_login, :unless => :anonymous_certs_allowed?
+ before_filter :require_login, :unless => :anonymous_access_allowed?
# GET /cert
# deprecated - we actually create a new cert and that can
@@ -18,10 +18,6 @@ class V1::CertsController < ApiController
protected
- def anonymous_certs_allowed?
- APP_CONFIG[:allow_anonymous_certs]
- end
-
def service_level
current_user.effective_service_level
end
diff --git a/app/controllers/v1/configs_controller.rb b/app/controllers/v1/configs_controller.rb
index 9c01605..b050f0a 100644
--- a/app/controllers/v1/configs_controller.rb
+++ b/app/controllers/v1/configs_controller.rb
@@ -1,7 +1,7 @@
class V1::ConfigsController < ApiController
include ControllerExtension::JsonFile
- before_filter :require_login, :unless => :anonymous_certs_allowed?
+ before_filter :require_login, :unless => :anonymous_access_allowed?
before_filter :sanitize_filename, only: :show
before_filter :fetch_file, only: :show
@@ -21,10 +21,6 @@ class V1::ConfigsController < ApiController
protected
- def anonymous_certs_allowed?
- APP_CONFIG[:allow_anonymous_certs]
- end
-
def service_paths
Hash[SERVICES.map{|k,v| [k,"/1/configs/#{v}"] } ]
end
@@ -32,7 +28,7 @@ class V1::ConfigsController < ApiController
def sanitize_filename
@filename = params[:id].downcase
@filename += '.json' unless @filename.ends_with?('.json')
- access_denied unless SERVICES.values.include? name
+ access_denied unless SERVICES.values.include? @filename
@filename = Rails.root.join('public', '1', 'config', @filename)
end
end
diff --git a/app/controllers/v1/services_controller.rb b/app/controllers/v1/services_controller.rb
index 114870f..523eb44 100644
--- a/app/controllers/v1/services_controller.rb
+++ b/app/controllers/v1/services_controller.rb
@@ -1,5 +1,7 @@
class V1::ServicesController < ApiController
+ before_filter :require_login, :unless => :anonymous_access_allowed?
+
def show
respond_with current_user.effective_service_level
end