certs - changed the logic of free/paid certs to be limited/unlimited.

author: elijah <elijah@riseup.net> 2013-03-06 01:34:16 -0800
committer: elijah <elijah@riseup.net> 2013-03-06 01:34:16 -0800
commit: 886585a0f673e0ea70abb99504ff9c70180361d5 (patch)
tree: 38ba46eb1eb277410a96a1cb3da70715fdfe8d6c /certs/app
parent: f0ffc65aa38473ef280ed80526691d588f14c8de (diff)
2 files changed, 42 insertions, 7 deletions
diff --git a/certs/app/controllers/certs_controller.rb b/certs/app/controllers/certs_controller.rb
index 977e03e..62ef3fd 100644
--- a/certs/app/controllers/certs_controller.rb
+++ b/certs/app/controllers/certs_controller.rb
@@ -1,16 +1,51 @@
 class CertsController < ApplicationController
 
-  before_filter :logged_in_or_free_certs
+  before_filter :login_if_required
 
   # GET /cert
   def show
-    @cert = ClientCertificate.new(free: !logged_in?)
+    @cert = ClientCertificate.new(:prefix => certificate_prefix)
     render text: @cert.to_s, content_type: 'text/plain'
   end
 
   protected
 
-  def logged_in_or_free_certs
-    authorize unless APP_CONFIG[:free_certs_enabled]
+  def login_if_required
+    authorize unless APP_CONFIG[:allow_anonymous_certs]
+  end
+
+  #
+  # this is some temporary logic until we store the service level in the user db.
+  #
+  # better logic might look like this:
+  #
+  # if logged_in?
+  #   service_level = user.service_level
+  # elsif allow_anonymous?
+  #   service_level = service_levels[:anonymous]
+  # else
+  #   service_level = nil
+  # end
+  #
+  # if service_level.bandwidth == 'limited' && allow_limited?
+  #   prefix = limited
+  # elsif allow_unlimited?
+  #   prefix = unlimited
+  # else
+  #   prefix = nil
+  # end
+  #
+  def certificate_prefix
+    if logged_in?
+      if APP_CONFIG[:allow_unlimited_certs]
+        APP_CONFIG[:unlimited_cert_prefix]
+      elsif APP_CONFIG[:allow_limited_certs]
+        APP_CONFIG[:limited_cert_prefix]
+      end
+    elsif !APP_CONFIG[:allow_limited_certs]
+      APP_CONFIG[:unlimited_cert_prefix]
+    else
+      APP_CONFIG[:limited_cert_prefix]
+    end
   end
 end
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb
index 13e0318..76b07a2 100644
--- a/certs/app/models/client_certificate.rb
+++ b/certs/app/models/client_certificate.rb
@@ -21,7 +21,7 @@ class ClientCertificate
     cert = CertificateAuthority::Certificate.new
 
     # set subject
-    cert.subject.common_name = common_name(options[:free])
+    cert.subject.common_name = common_name(options[:prefix])
 
     # set expiration
     cert.not_before = yesterday
@@ -65,8 +65,8 @@ class ClientCertificate
     Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16)
   end
 
-  def common_name(for_free_cert = false)
-    (for_free_cert ? APP_CONFIG[:free_cert_prefix] : '') + random_common_name
+  def common_name(prefix = nil)
+    [prefix, random_common_name].join
   end
 
   #
author	elijah <elijah@riseup.net>	2013-03-06 01:34:16 -0800
committer	elijah <elijah@riseup.net>	2013-03-06 01:34:16 -0800
commit	886585a0f673e0ea70abb99504ff9c70180361d5 (patch)
tree	38ba46eb1eb277410a96a1cb3da70715fdfe8d6c /certs/app
parent	f0ffc65aa38473ef280ed80526691d588f14c8de (diff)