diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/controller_extension/authentication.rb | 6 | ||||
| -rw-r--r-- | app/controllers/v1/certs_controller.rb | 6 | ||||
| -rw-r--r-- | app/models/anonymous_service_level.rb | 31 | ||||
| -rw-r--r-- | app/models/anonymous_user.rb (renamed from app/models/unauthenticated_user.rb) | 4 | ||||
| -rw-r--r-- | app/models/service_level.rb | 30 | ||||
| -rw-r--r-- | app/views/users/_change_service_level.html.haml | 4 |
6 files changed, 59 insertions, 22 deletions
diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb index 2bc0aee..1f73f38 100644 --- a/app/controllers/controller_extension/authentication.rb +++ b/app/controllers/controller_extension/authentication.rb @@ -8,7 +8,7 @@ module ControllerExtension::Authentication end def current_user - @current_user ||= token_authenticate || warden.user || unauthenticated + @current_user ||= token_authenticate || warden.user || anonymous end def logged_in? @@ -75,7 +75,7 @@ module ControllerExtension::Authentication protected - def unauthenticated - UnauthenticatedUser.new + def anonymous + AnonymousUser.new end end diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb index 580c90c..73409ef 100644 --- a/app/controllers/v1/certs_controller.rb +++ b/app/controllers/v1/certs_controller.rb @@ -1,6 +1,6 @@ class V1::CertsController < ApplicationController - before_filter :require_eip_access + before_filter :require_login, :unless => :anonymous_certs_allowed? # GET /cert def show @@ -10,8 +10,8 @@ class V1::CertsController < ApplicationController protected - def require_eip_access - access_denied unless service_level.provides?(:eip) + def anonymous_certs_allowed? + APP_CONFIG[:allow_anonymous_certs] end def service_level diff --git a/app/models/anonymous_service_level.rb b/app/models/anonymous_service_level.rb new file mode 100644 index 0000000..c51ce9e --- /dev/null +++ b/app/models/anonymous_service_level.rb @@ -0,0 +1,31 @@ +class AnonymousServiceLevel + + delegate :to_json, to: :config_hash + + def cert_prefix + if APP_CONFIG[:allow_limited_certs] + APP_CONFIG[:limited_cert_prefix] + else + APP_CONFIG[:unlimited_cert_prefix] + end + end + + def description + if APP_CONFIG[:allow_anonymous_certs] + "anonymous access to the VPN" + else + "please login to access our services" + end + end + + protected + + def config_hash + { name: "anonymous", + description: description, + cost: 0, + eip_rate_limit: APP_CONFIG[:allow_limited_certs] + } + end + +end diff --git a/app/models/unauthenticated_user.rb b/app/models/anonymous_user.rb index 7845a6f..360a577 100644 --- a/app/models/unauthenticated_user.rb +++ b/app/models/anonymous_user.rb @@ -1,8 +1,8 @@ # The nil object for the user class -class UnauthenticatedUser < Object +class AnonymousUser < Object def effective_service_level - ServiceLevel.new id: APP_CONFIG[:unauthenticated_service_level] + AnonymousServiceLevel.new end def is_admin? diff --git a/app/models/service_level.rb b/app/models/service_level.rb index d0bd9b3..06ad202 100644 --- a/app/models/service_level.rb +++ b/app/models/service_level.rb @@ -4,29 +4,35 @@ class ServiceLevel @id = attributes[:id] || APP_CONFIG[:default_service_level] end - def self.authenticated_select_options - APP_CONFIG[:service_levels].map { |id,config_hash| [config_hash[:description], id] if config_hash[:name] != 'anonymous'}.compact + def self.select_options + APP_CONFIG[:service_levels].map do |id,config_hash| + [config_hash[:description], id] + end end def id @id end - def config_hash - @config_hash || APP_CONFIG[:service_levels][@id].with_indifferent_access - end - delegate :to_json, to: :config_hash - def provides?(service) - services.include? service.to_s + def cert_prefix + if limited_cert? + APP_CONFIG[:limited_cert_prefix] + else + APP_CONFIG[:unlimited_cert_prefix] + end end - def services - config_hash[:services] || [] + protected + + def limited_cert? + APP_CONFIG[:allow_limited_certs] && + (!APP_CONFIG[:allow_unlimited_certs] || config_hash[:eip_rate_limit]) end - def cert_prefix - config_hash[:cert_prefix] + def config_hash + @config_hash || APP_CONFIG[:service_levels][@id].with_indifferent_access end + end diff --git a/app/views/users/_change_service_level.html.haml b/app/views/users/_change_service_level.html.haml index 61e67d9..42315a2 100644 --- a/app/views/users/_change_service_level.html.haml +++ b/app/views/users/_change_service_level.html.haml @@ -8,11 +8,11 @@ %legend= t(:service_level) - if @user != current_user = t(:desired_service_level) - = f.select :desired_service_level_code, ServiceLevel.authenticated_select_options, :selected => @user.desired_service_level.id + = f.select :desired_service_level_code, ServiceLevel.select_options, :selected => @user.desired_service_level.id - if @user != current_user %p = t(:effective_service_level) - = f.select :effective_service_level_code, ServiceLevel.authenticated_select_options, :selected => @user.effective_service_level.id + = f.select :effective_service_level_code, ServiceLevel.select_options, :selected => @user.effective_service_level.id .control-group .controls = f.submit t(:save), :class => 'btn', :data => {"loading-text" => "Saving..."} |