summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/controller_extension/authentication.rb12
-rw-r--r--app/controllers/v1/certs_controller.rb38
-rw-r--r--app/controllers/v1/messages_controller.rb5
-rw-r--r--app/controllers/v1/services_controller.rb8
-rw-r--r--app/models/anonymous_service_level.rb30
-rw-r--r--app/models/anonymous_user.rb27
-rw-r--r--app/models/service_level.rb25
-rw-r--r--app/models/unauthenticated_user.rb6
-rw-r--r--app/views/users/_change_service_level.html.haml4
9 files changed, 104 insertions, 51 deletions
diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb
index 03d3989..1f73f38 100644
--- a/app/controllers/controller_extension/authentication.rb
+++ b/app/controllers/controller_extension/authentication.rb
@@ -8,11 +8,11 @@ module ControllerExtension::Authentication
end
def current_user
- @current_user ||= token_authenticate || warden.user
+ @current_user ||= token_authenticate || warden.user || anonymous
end
def logged_in?
- !!current_user
+ current_user.is_a? User
end
def require_login
@@ -42,7 +42,7 @@ module ControllerExtension::Authentication
end
def admin?
- current_user && current_user.is_admin?
+ current_user.is_admin?
end
def require_admin
@@ -72,4 +72,10 @@ module ControllerExtension::Authentication
request.env['warden.options'] &&
request.env['warden.options'][:attempted_path]
end
+
+ protected
+
+ def anonymous
+ AnonymousUser.new
+ end
end
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 64cfa7f..73409ef 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -4,7 +4,7 @@ class V1::CertsController < ApplicationController
# GET /cert
def show
- @cert = ClientCertificate.new(:prefix => certificate_prefix)
+ @cert = ClientCertificate.new(:prefix => service_level.cert_prefix)
render text: @cert.to_s, content_type: 'text/plain'
end
@@ -13,38 +13,8 @@ class V1::CertsController < ApplicationController
def anonymous_certs_allowed?
APP_CONFIG[:allow_anonymous_certs]
end
- #
- # this is some temporary logic until we store the service level in the user db.
- #
- # better logic might look like this:
- #
- # if logged_in?
- # service_level = user.service_level
- # elsif allow_anonymous?
- # service_level = service_levels[:anonymous]
- # else
- # service_level = nil
- # end
- #
- # if service_level.bandwidth == 'limited' && allow_limited?
- # prefix = limited
- # elsif allow_unlimited?
- # prefix = unlimited
- # else
- # prefix = nil
- # end
- #
- def certificate_prefix
- if logged_in?
- if APP_CONFIG[:allow_unlimited_certs]
- APP_CONFIG[:unlimited_cert_prefix]
- elsif APP_CONFIG[:allow_limited_certs]
- APP_CONFIG[:limited_cert_prefix]
- end
- elsif !APP_CONFIG[:allow_limited_certs]
- APP_CONFIG[:unlimited_cert_prefix]
- else
- APP_CONFIG[:limited_cert_prefix]
- end
+
+ def service_level
+ current_user.effective_service_level
end
end
diff --git a/app/controllers/v1/messages_controller.rb b/app/controllers/v1/messages_controller.rb
index f71d0f1..85156b7 100644
--- a/app/controllers/v1/messages_controller.rb
+++ b/app/controllers/v1/messages_controller.rb
@@ -7,12 +7,11 @@ module V1
respond_to :json
def index
- render json: (current_user ? current_user.messages : [] )
+ render json: current_user.messages
end
def update
- message = Message.find(params[:id])
- if (message and current_user)
+ if message = Message.find(params[:id])
message.mark_as_read_by(current_user)
message.save
render json: true
diff --git a/app/controllers/v1/services_controller.rb b/app/controllers/v1/services_controller.rb
new file mode 100644
index 0000000..594940e
--- /dev/null
+++ b/app/controllers/v1/services_controller.rb
@@ -0,0 +1,8 @@
+class V1::ServicesController < ApplicationController
+
+ respond_to :json
+
+ def show
+ respond_with current_user.effective_service_level
+ end
+end
diff --git a/app/models/anonymous_service_level.rb b/app/models/anonymous_service_level.rb
new file mode 100644
index 0000000..4366a4a
--- /dev/null
+++ b/app/models/anonymous_service_level.rb
@@ -0,0 +1,30 @@
+class AnonymousServiceLevel
+
+ delegate :to_json, to: :config_hash
+
+ def cert_prefix
+ if APP_CONFIG[:allow_limited_certs]
+ APP_CONFIG[:limited_cert_prefix]
+ elsif APP_CONFIG[:allow_unlimited_certs]
+ APP_CONFIG[:unlimited_cert_prefix]
+ end
+ end
+
+ def description
+ if APP_CONFIG[:allow_anonymous_certs]
+ "anonymous access to the VPN"
+ else
+ "please login to access our services"
+ end
+ end
+
+ protected
+
+ def config_hash
+ { name: "anonymous",
+ description: description,
+ eip_rate_limit: APP_CONFIG[:allow_limited_certs]
+ }
+ end
+
+end
diff --git a/app/models/anonymous_user.rb b/app/models/anonymous_user.rb
new file mode 100644
index 0000000..360a577
--- /dev/null
+++ b/app/models/anonymous_user.rb
@@ -0,0 +1,27 @@
+# The nil object for the user class
+class AnonymousUser < Object
+
+ def effective_service_level
+ AnonymousServiceLevel.new
+ end
+
+ def is_admin?
+ false
+ end
+
+ def id
+ nil
+ end
+
+ def email_address
+ nil
+ end
+
+ def login
+ nil
+ end
+
+ def messages
+ []
+ end
+end
diff --git a/app/models/service_level.rb b/app/models/service_level.rb
index 299aaf1..5dd8838 100644
--- a/app/models/service_level.rb
+++ b/app/models/service_level.rb
@@ -4,16 +4,35 @@ class ServiceLevel
@id = attributes[:id] || APP_CONFIG[:default_service_level]
end
- def self.authenticated_select_options
- APP_CONFIG[:service_levels].map { |id,config_hash| [config_hash[:description], id] if config_hash[:name] != 'anonymous'}.compact
+ def self.select_options
+ APP_CONFIG[:service_levels].map do |id,config_hash|
+ [config_hash[:description], id]
+ end
end
def id
@id
end
+ delegate :to_json, to: :config_hash
+
+ def cert_prefix
+ if limited_cert?
+ APP_CONFIG[:limited_cert_prefix]
+ elsif APP_CONFIG[:allow_unlimited_certs]
+ APP_CONFIG[:unlimited_cert_prefix]
+ end
+ end
+
+ protected
+
+ def limited_cert?
+ APP_CONFIG[:allow_limited_certs] &&
+ (!APP_CONFIG[:allow_unlimited_certs] || config_hash[:eip_rate_limit])
+ end
+
def config_hash
- APP_CONFIG[:service_levels][@id]
+ @config_hash || APP_CONFIG[:service_levels][@id].with_indifferent_access
end
end
diff --git a/app/models/unauthenticated_user.rb b/app/models/unauthenticated_user.rb
deleted file mode 100644
index 0fc17d2..0000000
--- a/app/models/unauthenticated_user.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-# The nil object for the user class
-class UnauthenticatedUser < Object
-
- # will probably want something here to return service level as APP_CONFIG[:service_levels][0] but not sure how will be accessing.
-
-end
diff --git a/app/views/users/_change_service_level.html.haml b/app/views/users/_change_service_level.html.haml
index 61e67d9..42315a2 100644
--- a/app/views/users/_change_service_level.html.haml
+++ b/app/views/users/_change_service_level.html.haml
@@ -8,11 +8,11 @@
%legend= t(:service_level)
- if @user != current_user
= t(:desired_service_level)
- = f.select :desired_service_level_code, ServiceLevel.authenticated_select_options, :selected => @user.desired_service_level.id
+ = f.select :desired_service_level_code, ServiceLevel.select_options, :selected => @user.desired_service_level.id
- if @user != current_user
%p
= t(:effective_service_level)
- = f.select :effective_service_level_code, ServiceLevel.authenticated_select_options, :selected => @user.effective_service_level.id
+ = f.select :effective_service_level_code, ServiceLevel.select_options, :selected => @user.effective_service_level.id
.control-group
.controls
= f.submit t(:save), :class => 'btn', :data => {"loading-text" => "Saving..."}