From b46c0aed646d5e59927c3c72ba6990cc3b919d44 Mon Sep 17 00:00:00 2001
From: Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de>
Date: Wed, 25 Jun 2014 23:57:15 +0200
Subject: Check for authenticated subparticipants.

---
 app/controllers/application_controller.rb | 43 ++++++++++++++++++++++++++-----
 app/models/participant.rb                 |  8 ++++++
 2 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 913ca5f..6041c60 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -67,6 +67,12 @@ class ApplicationController < ActionController::Base
 protected
 
   def authentication
+    # authenticated subparticipants
+    participant = subparticipant?
+    if participant
+      logger.info "X-EcsAuthId: #{participant.identities[0].name} -- Subparticipant-ID: #{participant.id}"
+      return @participant= participant
+    end
     # authenticated participants
     auth_id, participant = authenticated_participant
     if participant
@@ -86,6 +92,7 @@ protected
         return @participant = participant
       end
     end
+    false
   end
 
   def new_anonymous_participant?
@@ -106,6 +113,20 @@ protected
     end
   end
 
+  def subparticipant?
+    if !(@cookie = cookies[:ecs_subparticipant]).blank?
+      if (identity = Identity.find_by_name(@cookie)).blank?
+        raise Ecs::AuthenticationException, "No valid identity found for subparticipant cookie: #{@cookie}"
+      elsif (participant = identity.participant).blank?
+        raise Ecs::AuthenticationException, "Subparticipant-Cookie: #{@cookie}\" is not assigned any participant"
+      else
+        return participant
+      end
+    else
+      false
+    end
+  end
+
   def authenticated_participant
     if (auth_id = request.headers["X-EcsAuthId"]).blank?
       raise Ecs::AuthenticationException, "No \"X-EcsAuthId\" http header"
@@ -120,12 +141,22 @@ protected
 
   # set the cookie header
   def add_cookie_header
-    cookies[:ecs_anonymous] = \
-      {
-        :value => @cookie, 
-        :path => "/", 
-        :expires => Participant::TTL.seconds.from_now
-      } unless @cookie.blank?
+    case 
+    when @participant.anonymous?
+      cookies[:ecs_anonymous] = \
+        {
+          :value => @cookie, 
+          :path => "/", 
+          :expires => Participant::TTL.seconds.from_now
+        }
+    when @participant.subparticipant?
+      cookies[:ecs_subparticipant] = \
+        {
+          :value => @cookie, 
+          :path => "/", 
+          :expires => Subparticipant::TTL.seconds.from_now
+        }
+    end
   end
 
   def touch_participant_ttl
diff --git a/app/models/participant.rb b/app/models/participant.rb
index a5f4cee..561c1f7 100644
--- a/app/models/participant.rb
+++ b/app/models/participant.rb
@@ -69,6 +69,14 @@ class Participant < ActiveRecord::Base
     self.events_.blank? ? false : true
   end
 
+  def anonymous?
+    anonymous
+  end
+
+  def subparticipant?
+    subparticipant
+  end
+
   def self.generate_anonymous_participant
     cookie = Digest::SHA1.hexdigest('something secret'+Time.now.to_s+rand.to_s)
     params = {
-- 
cgit v1.2.3