From 297b42cd7557a7508cdbf091163da48bbd52a79a Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 28 Jul 2014 09:52:47 +0200 Subject: use ApiController#anonymous_access_allowed? There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController. --- app/controllers/api_controller.rb | 6 ++++++ app/controllers/v1/certs_controller.rb | 6 +----- app/controllers/v1/configs_controller.rb | 8 ++------ app/controllers/v1/services_controller.rb | 2 ++ test/functional/v1/services_controller_test.rb | 5 ++--- 5 files changed, 13 insertions(+), 14 deletions(-) diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 0aa9507..70b3cac 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -3,9 +3,15 @@ class ApiController < ApplicationController skip_before_filter :verify_authenticity_token respond_to :json + protected + def require_login require_token end + def anonymous_access_allowed? + APP_CONFIG[:allow_anonymous_certs] + end + end diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb index 68d6586..99aec16 100644 --- a/app/controllers/v1/certs_controller.rb +++ b/app/controllers/v1/certs_controller.rb @@ -1,6 +1,6 @@ class V1::CertsController < ApiController - before_filter :require_login, :unless => :anonymous_certs_allowed? + before_filter :require_login, :unless => :anonymous_access_allowed? # GET /cert # deprecated - we actually create a new cert and that can @@ -18,10 +18,6 @@ class V1::CertsController < ApiController protected - def anonymous_certs_allowed? - APP_CONFIG[:allow_anonymous_certs] - end - def service_level current_user.effective_service_level end diff --git a/app/controllers/v1/configs_controller.rb b/app/controllers/v1/configs_controller.rb index 9c01605..b050f0a 100644 --- a/app/controllers/v1/configs_controller.rb +++ b/app/controllers/v1/configs_controller.rb @@ -1,7 +1,7 @@ class V1::ConfigsController < ApiController include ControllerExtension::JsonFile - before_filter :require_login, :unless => :anonymous_certs_allowed? + before_filter :require_login, :unless => :anonymous_access_allowed? before_filter :sanitize_filename, only: :show before_filter :fetch_file, only: :show @@ -21,10 +21,6 @@ class V1::ConfigsController < ApiController protected - def anonymous_certs_allowed? - APP_CONFIG[:allow_anonymous_certs] - end - def service_paths Hash[SERVICES.map{|k,v| [k,"/1/configs/#{v}"] } ] end @@ -32,7 +28,7 @@ class V1::ConfigsController < ApiController def sanitize_filename @filename = params[:id].downcase @filename += '.json' unless @filename.ends_with?('.json') - access_denied unless SERVICES.values.include? name + access_denied unless SERVICES.values.include? @filename @filename = Rails.root.join('public', '1', 'config', @filename) end end diff --git a/app/controllers/v1/services_controller.rb b/app/controllers/v1/services_controller.rb index 114870f..523eb44 100644 --- a/app/controllers/v1/services_controller.rb +++ b/app/controllers/v1/services_controller.rb @@ -1,5 +1,7 @@ class V1::ServicesController < ApiController + before_filter :require_login, :unless => :anonymous_access_allowed? + def show respond_with current_user.effective_service_level end diff --git a/test/functional/v1/services_controller_test.rb b/test/functional/v1/services_controller_test.rb index cde7d9f..039eb27 100644 --- a/test/functional/v1/services_controller_test.rb +++ b/test/functional/v1/services_controller_test.rb @@ -4,9 +4,8 @@ class V1::ServicesControllerTest < ActionController::TestCase test "anonymous user gets login required service info" do get :show, format: :json - assert_json_response name: 'anonymous', - eip_rate_limit: false, - description: 'please login to access our services' + assert_json_response error: 'not_authorized_login', + message: 'Please log in to perform that action.' end test "anonymous user gets vpn service info" do -- cgit v1.2.3