From 1092bbc337edc5973fad63bea559ecc2a3a5b896 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 28 Jul 2014 11:05:46 +0200
Subject: features for anonymous use and service endpoint

Also moved the location of the config files into a configuration setting.
---
 app/controllers/v1/configs_controller.rb | 31 ++++++++++++++++++-------------
 1 file changed, 18 insertions(+), 13 deletions(-)

(limited to 'app')

diff --git a/app/controllers/v1/configs_controller.rb b/app/controllers/v1/configs_controller.rb
index b050f0a..4a6f455 100644
--- a/app/controllers/v1/configs_controller.rb
+++ b/app/controllers/v1/configs_controller.rb
@@ -2,7 +2,8 @@ class V1::ConfigsController < ApiController
   include ControllerExtension::JsonFile
 
   before_filter :require_login, :unless => :anonymous_access_allowed?
-  before_filter :sanitize_filename, only: :show
+  before_filter :sanitize_id, only: :show
+  before_filter :lookup_file, only: :show
   before_filter :fetch_file, only: :show
 
   def index
@@ -13,22 +14,26 @@ class V1::ConfigsController < ApiController
     send_file
   end
 
-  SERVICES = {
-    soledad: "soledad-service.json",
-    eip: "eip-service.json",
-    smtp: "smtp-service.json"
-  }
-
   protected
 
+  SERVICE_IDS = {
+    soledad: "soledad-service",
+    eip: "eip-service",
+    smtp: "smtp-service"
+  }
+
   def service_paths
-    Hash[SERVICES.map{|k,v| [k,"/1/configs/#{v}"] } ]
+    Hash[SERVICE_IDS.map{|k,v| [k,"/1/configs/#{v}.json"] } ]
+  end
+
+  def sanitize_id
+    @id = params[:id].downcase
+    access_denied unless SERVICE_IDS.values.include? @id
   end
 
-  def sanitize_filename
-    @filename = params[:id].downcase
-    @filename += '.json' unless @filename.ends_with?('.json')
-    access_denied unless SERVICES.values.include? @filename
-    @filename = Rails.root.join('public', '1', 'config', @filename)
+  def lookup_file
+    path = APP_CONFIG[:config_file_paths][@id]
+    not_found if path.blank?
+    @filename = Rails.root.join path
   end
 end
-- 
cgit v1.2.3