From 89e9154499f67fd8c63e1098b3e50b317c690dd0 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 5 May 2014 12:22:52 +0200 Subject: custom error pages for 404 and 500 errors --- app/controllers/errors_controller.rb | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 app/controllers/errors_controller.rb (limited to 'app/controllers') diff --git a/app/controllers/errors_controller.rb b/app/controllers/errors_controller.rb new file mode 100644 index 0000000..bf9329c --- /dev/null +++ b/app/controllers/errors_controller.rb @@ -0,0 +1,9 @@ +class ErrorsController < ApplicationController + + def not_found + end + + def server_error + end + +end -- cgit v1.2.3 From b298cea527f74f682d24defee360e0f45f47d125 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 6 May 2014 09:50:46 +0200 Subject: little bit of documentation --- app/controllers/errors_controller.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/errors_controller.rb b/app/controllers/errors_controller.rb index bf9329c..6c659e6 100644 --- a/app/controllers/errors_controller.rb +++ b/app/controllers/errors_controller.rb @@ -1,9 +1,10 @@ +# We render http errors ourselves so we can customize them class ErrorsController < ApplicationController - + # 404 def not_found end + # 500 def server_error end - end -- cgit v1.2.3 From 71dcf3f4e5d423b78b47f675297fc98b28ef3442 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 15 May 2014 11:17:47 +0200 Subject: SmtpCertsController, routes and tests --- app/controllers/v1/smtp_certs_controller.rb | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 app/controllers/v1/smtp_certs_controller.rb (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb new file mode 100644 index 0000000..001425d --- /dev/null +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -0,0 +1,21 @@ +class V1::SmtpCertsController < ApplicationController + + before_filter :require_login + before_filter :require_email_account + + # GET /cert + def show + @cert = ClientCertificate.new prefix: current_user.email_address + render text: @cert.to_s, content_type: 'text/plain' + end + + protected + + def require_email_account + access_denied unless service_level.provides? 'email' + end + + def service_level + current_user.effective_service_level + end +end -- cgit v1.2.3 From 17b67aeda81dee2273ce1161ac7292a328c3efaa Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 15 May 2014 16:29:49 +0200 Subject: store cert fingerprint with main user identity --- app/controllers/v1/smtp_certs_controller.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 001425d..258b391 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -6,6 +6,8 @@ class V1::SmtpCertsController < ApplicationController # GET /cert def show @cert = ClientCertificate.new prefix: current_user.email_address + current_user.identity.cert_fingerprints << @cert.fingerprint + current_user.identity.save render text: @cert.to_s, content_type: 'text/plain' end -- cgit v1.2.3 From e8ba98df64cb537e85de8624c0ebb08c4135ccca Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 May 2014 14:50:16 +0200 Subject: minor: fix tests --- app/controllers/v1/smtp_certs_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 258b391..533a19a 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -3,7 +3,7 @@ class V1::SmtpCertsController < ApplicationController before_filter :require_login before_filter :require_email_account - # GET /cert + # GET /1/smtp_cert def show @cert = ClientCertificate.new prefix: current_user.email_address current_user.identity.cert_fingerprints << @cert.fingerprint -- cgit v1.2.3 From 3a84578cf33685800c9216cfb4da12ea1fb0032f Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 May 2014 15:07:02 +0200 Subject: store fingerprints with timestamp Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps --- app/controllers/v1/smtp_certs_controller.rb | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 533a19a..fcc00b8 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -2,22 +2,36 @@ class V1::SmtpCertsController < ApplicationController before_filter :require_login before_filter :require_email_account + before_filter :fetch_identity # GET /1/smtp_cert def show @cert = ClientCertificate.new prefix: current_user.email_address - current_user.identity.cert_fingerprints << @cert.fingerprint - current_user.identity.save + @identity.register_cert(@cert) + @identity.save render text: @cert.to_s, content_type: 'text/plain' end protected + # + # Filters + # + def require_email_account access_denied unless service_level.provides? 'email' end + def fetch_identity + @identity = current_user.identity + end + + # + # Helper methods + # + def service_level current_user.effective_service_level end + end -- cgit v1.2.3 From 00d5adc90ccadc7f4a2a0d54a5a31a1ad02f05be Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 May 2014 09:31:36 +0200 Subject: change from GET to POST for certs We create them. let's reflect that in the verb. --- app/controllers/v1/certs_controller.rb | 8 ++++++++ app/controllers/v1/smtp_certs_controller.rb | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb index 73409ef..b6d1d0b 100644 --- a/app/controllers/v1/certs_controller.rb +++ b/app/controllers/v1/certs_controller.rb @@ -3,7 +3,15 @@ class V1::CertsController < ApplicationController before_filter :require_login, :unless => :anonymous_certs_allowed? # GET /cert + # deprecated - we actually create a new cert and that can + # be reflected in the action. GET /cert will eventually go + # away and be replaced by POST /cert def show + create + end + + # POST /cert + def create @cert = ClientCertificate.new(:prefix => service_level.cert_prefix) render text: @cert.to_s, content_type: 'text/plain' end diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index fcc00b8..377a49c 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -4,8 +4,8 @@ class V1::SmtpCertsController < ApplicationController before_filter :require_email_account before_filter :fetch_identity - # GET /1/smtp_cert - def show + # POST /1/smtp_cert + def create @cert = ClientCertificate.new prefix: current_user.email_address @identity.register_cert(@cert) @identity.save -- cgit v1.2.3 From 5764daae090227bf4c5967900b708392c967be47 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 1 May 2014 10:45:57 +0200 Subject: hash token with sha512 against timing attacs #3398 --- app/controllers/controller_extension/token_authentication.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/controller_extension/token_authentication.rb b/app/controllers/controller_extension/token_authentication.rb index 6e0a6ce..b0ed624 100644 --- a/app/controllers/controller_extension/token_authentication.rb +++ b/app/controllers/controller_extension/token_authentication.rb @@ -2,8 +2,8 @@ module ControllerExtension::TokenAuthentication extend ActiveSupport::Concern def token - @token ||= authenticate_with_http_token do |token_id, options| - Token.find(token_id) + @token ||= authenticate_with_http_token do |token, options| + Token.find_by_token(token) end end -- cgit v1.2.3 From c10f9311678ff2183443bc03e153b30d3b68ff74 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 13:09:59 +0200 Subject: Controller#flash_for instead of FlashResponder FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed. Now instead we can call flash_for resource before resource.save and it will add the flash messages only if the resource was actually changed. --- app/controllers/controller_extension/flash.rb | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 app/controllers/controller_extension/flash.rb (limited to 'app/controllers') diff --git a/app/controllers/controller_extension/flash.rb b/app/controllers/controller_extension/flash.rb new file mode 100644 index 0000000..6a62351 --- /dev/null +++ b/app/controllers/controller_extension/flash.rb @@ -0,0 +1,33 @@ +module ControllerExtension::Flash + extend ActiveSupport::Concern + + protected + + def flash_for(resource, options = {}) + return unless resource.changed? + message = flash_message_for(resource) + type = flash_type(resource) + if message.present? + flash[type] = [message, flash[type]].join(' ') + end + end + + def flash_message_for(resource) + I18n.t flash_i18n_key(resource), + scope: :flash, + cascade: true, + resource: resource.class.model_name.human + end + + def flash_i18n_key(resource) + namespace = [action_name] + namespace += controller_path.split('/') + namespace << flash_type(resource) + namespace.join(".") + end + + def flash_type(resource) + resource.valid? ? :success : :error + end + +end -- cgit v1.2.3 From a337088f4d6d12d1ea26f494f4ca078cff4b4070 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 13:20:25 +0200 Subject: remove unused bold helper and instead sanitize flash --- app/controllers/application_controller.rb | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 35d6cb4..a4560e2 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -23,16 +23,6 @@ class ApplicationController < ActionController::Base json: {error: "The server failed to process your request. We'll look into it."} end - # - # Allows us to pass through bold text to flash messages. See format_flash() for where this is reversed. - # - # TODO: move to core - # - def bold(str) - "[b]#{str}[/b]" - end - helper_method :bold - ## ## LOCALE ## -- cgit v1.2.3 From 560eb039f4778257559395583e1233d052d44127 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 13:50:32 +0200 Subject: flash_for with_errors option displays error messages --- app/controllers/controller_extension/flash.rb | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/controller_extension/flash.rb b/app/controllers/controller_extension/flash.rb index 6a62351..8bc9ee7 100644 --- a/app/controllers/controller_extension/flash.rb +++ b/app/controllers/controller_extension/flash.rb @@ -5,10 +5,15 @@ module ControllerExtension::Flash def flash_for(resource, options = {}) return unless resource.changed? + add_flash_message_for resource + add_flash_errors_for resource if options[:with_errors] + end + + def add_flash_message_for(resource) message = flash_message_for(resource) - type = flash_type(resource) + type = flash_type_for(resource) if message.present? - flash[type] = [message, flash[type]].join(' ') + flash[type] = message end end @@ -22,12 +27,17 @@ module ControllerExtension::Flash def flash_i18n_key(resource) namespace = [action_name] namespace += controller_path.split('/') - namespace << flash_type(resource) + namespace << flash_type_for(resource) namespace.join(".") end - def flash_type(resource) + def flash_type_for(resource) resource.valid? ? :success : :error end + def add_flash_errors_for(resource) + return if resource.valid? + flash[:error] += "
" + flash[:error] += resource.errors.full_messages.join(".
") + end end -- cgit v1.2.3 From ab49a72b52575f3b9fdf13fee47e99dfb82e2a3d Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 29 May 2014 14:57:23 +0200 Subject: html5:
instead of
--- app/controllers/controller_extension/flash.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/controller_extension/flash.rb b/app/controllers/controller_extension/flash.rb index 8bc9ee7..1642141 100644 --- a/app/controllers/controller_extension/flash.rb +++ b/app/controllers/controller_extension/flash.rb @@ -37,7 +37,7 @@ module ControllerExtension::Flash def add_flash_errors_for(resource) return if resource.valid? - flash[:error] += "
" - flash[:error] += resource.errors.full_messages.join(".
") + flash[:error] += "
" + flash[:error] += resource.errors.full_messages.join(".
") end end -- cgit v1.2.3