diff options
author | Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de> | 2014-06-18 10:01:32 +0200 |
---|---|---|
committer | Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de> | 2016-01-27 01:50:39 +0100 |
commit | cbea42aab6b87905935e28bb2b30184eceef846d (patch) | |
tree | 00e9b5fc12bbabe0100c9a361bab3994bb04d50d /app | |
parent | 253704b479a866c80efa22374fc58e2eafe36e06 (diff) | |
download | ecs2-cbea42aab6b87905935e28bb2b30184eceef846d.tar.gz ecs2-cbea42aab6b87905935e28bb2b30184eceef846d.zip |
WIP: subparticipants.
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/application_controller.rb | 17 | ||||
-rw-r--r-- | app/controllers/subparticipants_controller.rb | 127 | ||||
-rw-r--r-- | app/helpers/subparticipants_helper.rb | 19 | ||||
-rw-r--r-- | app/models/identity.rb | 9 | ||||
-rw-r--r-- | app/models/participant.rb | 9 | ||||
-rw-r--r-- | app/models/subparticipant.rb | 98 |
6 files changed, 278 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 00cfc4b..109e951 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -132,6 +132,23 @@ protected Participant.touch_ttl(@participant) if @participant.anonymous end + def block_anonymous_participants + if @participant.anonymous + raise Ecs::AuthenticationException, "Anonymous participants not allowed." + end + end + + def block_subparticipants + if @participant.subparticipant + raise Ecs::AuthenticationException, "Subparticipants not allowed." + end + end + + def check_json_contenttype + unless Mime::Type.lookup(request.headers["CONTENT_TYPE"]) =~ "application/json" + raise Ecs::InvalidMimetypeException, "Please provide \"Content-Type: application/json\" header for json data." + end unless request.raw_post.empty? + end # error pages diff --git a/app/controllers/subparticipants_controller.rb b/app/controllers/subparticipants_controller.rb new file mode 100644 index 0000000..4d1b3af --- /dev/null +++ b/app/controllers/subparticipants_controller.rb @@ -0,0 +1,127 @@ +# Copyright (C) 2014 Heiko Bernloehr (FreeIT.de). +# +# This file is part of ECS. +# +# ECS is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of +# the License, or (at your option) any later version. +# +# ECS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public +# License along with ECS. If not, see <http://www.gnu.org/licenses/>. + +class SubparticipantsController < ApplicationController + + require 'json/add/rails' + + before_filter :authentication + before_filter :block_anonymous_participants + before_filter :block_subparticipants + before_filter :check_json_contenttype, :only => :create + before_filter :check_parent, :only => [:show, :destroy, :update] + + def initialize + super + end + + def index + childs= @participant.childs + childs.each do |child| + @body << "subparticipants/" << child.id.to_s << "\n" + end unless childs.empty? + respond_to do |format| + format.text { render :text => @body, :content_type => "text/uri-list" } + end + end + + def show + subparticipant= Subparticipant.find(params[:id]) + body= show_render(subparticipant) + respond_to do |format| + format.json { render :json => JSON.pretty_generate(body) + "\r\n" } + format.xml { render :xml => body } + end + end + + def create + sender= @participant + begin + json_data= ActiveSupport::JSON.decode request.raw_post + rescue StandardError + raise Ecs::InvalidMessageException, "You have provided invalid JSON data (SubparticipantsController#create)." + end unless request.raw_post.empty? + subparticipant= Subparticipant.generate(sender, json_data) + body= show_render(subparticipant) + respond_to do |format| + format.json { render :json => JSON.pretty_generate(body) + "\r\n", :location => location(subparticipant) } + format.xml { render :xml => body, :location => location(subparticipant) } + end + end + + def update + begin + json_data= ActiveSupport::JSON.decode request.raw_post + rescue StandardError + raise Ecs::InvalidMessageException, "You have provided invalid JSON data (SubparticipantsController#update)." + end unless request.raw_post.empty? + sender= @participant + subparticipant= Subparticipant.find(params[:id]) + subparticipant.update__(sender, json_data, subparticipant) + body= show_render(subparticipant) + respond_to do |format| + format.json { render :json => JSON.pretty_generate(body) + "\r\n", :location => location(subparticipant) } + format.xml { render :xml => body, :location => location(subparticipant) } + end + end + + def destroy + subparticipant= Subparticipant.find(params[:id]) + subparticipant.participant.destroy + render :text => "", :layout => false, :status => 200, :content_type => :json + end + +private + + def show_render(subparticipant) + participant= subparticipant.participant + data = nil + data= \ + { + :name => participant.name, + :description => participant.description, + :auth_ids => participant.identities.map{|ident| {:auth_id=>ident.name, :desc=>ident.description}}, + :dns => participant.dns, + :email => participant.email, + :community_selfrouting => participant.community_selfrouting, + :events => participant.events_, + :communities => participant.communities.map{|c| c.name}, + :realm => subparticipant.realm, + } + data + end + + def check_parent + subparticipant= Subparticipant.find(params[:id]) + unless @participant.childs.include?(subparticipant) + raise Ecs::AuthorizationException, "You are not allowed to access this subparticipant because you are not its parent/creator." + end + end + + def check_communities + + end + + def location(subparticipant) + location = request.protocol + request.host + location += ":" + request.port.to_s unless [80, 443].include?(request.port) + location += request.headers["SCRIPT_NAME"] if request.headers.has_key?("SCRIPT_NAME") + location += request.path.gsub(/\/*$/,'') + "/" + subparticipant.id.to_s + location + end + +end diff --git a/app/helpers/subparticipants_helper.rb b/app/helpers/subparticipants_helper.rb new file mode 100644 index 0000000..8a08bcd --- /dev/null +++ b/app/helpers/subparticipants_helper.rb @@ -0,0 +1,19 @@ +# Copyright (C) 2014 Heiko Bernloehr (FreeIT.de). +# +# This file is part of ECS. +# +# ECS is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of +# the License, or (at your option) any later version. +# +# ECS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public +# License along with ECS. If not, see <http://www.gnu.org/licenses/>. + +module SubparticipantsHelper +end diff --git a/app/models/identity.rb b/app/models/identity.rb index 2c26c22..f6f3cb7 100644 --- a/app/models/identity.rb +++ b/app/models/identity.rb @@ -17,11 +17,20 @@ class Identity < ActiveRecord::Base + + require 'securerandom' + belongs_to :participant # TODO validate :participant_id # it's possible in rails 2.3.6 with :inverse_of validates_presence_of :name validates_uniqueness_of :name + + + def self.randomized_authid + SecureRandom.hex + end + end diff --git a/app/models/participant.rb b/app/models/participant.rb index 603a10c..a5f4cee 100644 --- a/app/models/participant.rb +++ b/app/models/participant.rb @@ -27,12 +27,19 @@ class Participant < ActiveRecord::Base has_many :communities, :through => :memberships has_many :identities, :dependent => :destroy has_many :events, :dependent => :destroy + has_many :childs, + :order => "id ASC", + :class_name => "Subparticipant", + :foreign_key => "parent_id", + :dependent => :destroy + has_one :subparticipant, :dependent => :destroy validates_presence_of :name, :organization_id validates_uniqueness_of :name accepts_nested_attributes_for :identities, :allow_destroy => true, :reject_if => proc { |attrs| attrs.all? { |k, v| v.blank? } } accepts_nested_attributes_for :communities, :reject_if => proc { |attrs| attrs.all? { |k, v| v.blank? } } + accepts_nested_attributes_for :subparticipant, :allow_destroy => true #named_scope :reduced_attributes, :select => "name, description, dns, email" named_scope :without_anonymous, :conditions => { :participants => { :anonymous => false } } @@ -43,6 +50,7 @@ class Participant < ActiveRecord::Base named_scope :for_community, lambda { |community| { :joins => [:memberships => :community], :conditions => { :communities => { :id => community.id }}}} + named_scope :for_subparticipants # test if the participant is the initial sender of the message in question. def sender?(message) @@ -84,7 +92,6 @@ class Participant < ActiveRecord::Base participant.save end - def mid(community) Membership.for_participant_id_and_community_id(self, community.id).first.id end diff --git a/app/models/subparticipant.rb b/app/models/subparticipant.rb new file mode 100644 index 0000000..c764b33 --- /dev/null +++ b/app/models/subparticipant.rb @@ -0,0 +1,98 @@ +# Copyright (C) 2014 Heiko Bernloehr (FreeIT.de). +# +# This file is part of ECS. +# +# ECS is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of +# the License, or (at your option) any later version. +# +# ECS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public +# License along with ECS. If not, see <http://www.gnu.org/licenses/>. + +class Subparticipant < ActiveRecord::Base + + require 'securerandom' + + belongs_to :parent, + :class_name => "Participant", + :foreign_key => "parent_id" + + belongs_to :participant + + + def self.generate(sender, json_data) + auth_id= Identity.randomized_authid + data = process_json_data(sender, json_data) + params = { + "name" => "Subparticipant (\##{SecureRandom.hex}) from #{sender.name}", + "identities_attributes" => {"0"=>{"name"=>"#{auth_id}", "description"=>"Randomized authid"}}, + "community_ids" => data[:community_ids], + "description" => "", + "dns" => "N/A", + "organization_id" => sender.organization.id, + "email" => sender.email, + "ttl" => nil, + "anonymous" => false, + "community_selfrouting" => data[:community_selfrouting], + "events_" => data[:events], + "subparticipant_attributes" => { :realm => data[:realm] } + } + participant = Participant.new(params) + participant.save! + subp= participant.subparticipant + subp.parent= sender + subp.save! + participant.name= "Subparticipant (id:#{subp.id})" + participant.description= "Created from \"#{sender.name}\" (pid:#{sender.id})" + participant.save! + subp + end + + def update__(sender, json_data, subparticipant) + participant= subparticipant.participant + auth_id= "dummy" + data= process_json_data(sender, json_data) + params = { + "community_selfrouting" => data[:community_selfrouting], + "community_ids" => data[:community_ids], + "events_" => data[:events], + "subparticipant_attributes" => { :id => self.id.to_s, :realm => data[:realm] } + } + participant.update_attributes(params) + end + +private + + def process_json_data(sender, json_data) + Subparticipant::process_json_data(sender, json_data) + end + + def self.process_json_data(sender, json_data) + realm= json_data["realm"] ||= nil + community_selfrouting= json_data["community_selfrouting"] || false + events= json_data["events"] ||= false + if json_data["communities"] + community_ids= json_data["communities"].map do |comm| + erg= case + when comm.class == Fixnum + comm.to_s + when comm.class == String + (c= Community.find_by_name(comm)) ? c.id.to_s : nil + else + nil + end + end + end + community_ids ||= [] + community_ids.compact! + { :realm => realm, :community_selfrouting => community_selfrouting, :events => events, + :community_ids => community_ids } + end + +end |