summaryrefslogtreecommitdiff
path: root/app/controllers/v1/certs_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/v1/certs_controller.rb')
-rw-r--r--app/controllers/v1/certs_controller.rb44
1 files changed, 7 insertions, 37 deletions
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 64cfa7f..580c90c 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -1,50 +1,20 @@
class V1::CertsController < ApplicationController
- before_filter :require_login, :unless => :anonymous_certs_allowed?
+ before_filter :require_eip_access
# GET /cert
def show
- @cert = ClientCertificate.new(:prefix => certificate_prefix)
+ @cert = ClientCertificate.new(:prefix => service_level.cert_prefix)
render text: @cert.to_s, content_type: 'text/plain'
end
protected
- def anonymous_certs_allowed?
- APP_CONFIG[:allow_anonymous_certs]
+ def require_eip_access
+ access_denied unless service_level.provides?(:eip)
end
- #
- # this is some temporary logic until we store the service level in the user db.
- #
- # better logic might look like this:
- #
- # if logged_in?
- # service_level = user.service_level
- # elsif allow_anonymous?
- # service_level = service_levels[:anonymous]
- # else
- # service_level = nil
- # end
- #
- # if service_level.bandwidth == 'limited' && allow_limited?
- # prefix = limited
- # elsif allow_unlimited?
- # prefix = unlimited
- # else
- # prefix = nil
- # end
- #
- def certificate_prefix
- if logged_in?
- if APP_CONFIG[:allow_unlimited_certs]
- APP_CONFIG[:unlimited_cert_prefix]
- elsif APP_CONFIG[:allow_limited_certs]
- APP_CONFIG[:limited_cert_prefix]
- end
- elsif !APP_CONFIG[:allow_limited_certs]
- APP_CONFIG[:unlimited_cert_prefix]
- else
- APP_CONFIG[:limited_cert_prefix]
- end
+
+ def service_level
+ current_user.effective_service_level
end
end