Class: Application

Inherits:
Merb::Controller
  • Object
show all
Includes:
Chef::Mixin::Checksum
Defined in:
app/controllers/application.rb

Instance Method Summary collapse

Instance Method Details

#access_deniedObject

Raises:

  • (Unauthorized) 


103
104
105
 
# File 'app/controllers/application.rb', line 103

def access_denied
  raise Unauthorized, "You must authenticate first!"
end

#admin_or_requesting_nodeObject 



80
81
82
83
84
85
86
 
# File 'app/controllers/application.rb', line 80

def admin_or_requesting_node
  if @auth_user.admin || @auth_user.name == params[:id]
    true
  else
    raise Forbidden, "You are not the correct node (auth_user name: #{@auth_user.name}, params[:id]: #{params[:id]}), or are not an API administrator (admin: #{@auth_user.admin})."
  end
end

#authenticate_everyObject 



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'app/controllers/application.rb', line 31

def authenticate_every
  begin
    # Raises an error if required auth headers are missing
    authenticator = Mixlib::Authentication::SignatureVerification.new(request)

    username = authenticator.user_id
    Chef::Log.info("Authenticating client #{username}")

    user = Chef::ApiClient.cdb_load(username)
    user_key = OpenSSL::PKey::RSA.new(user.public_key)
    Chef::Log.debug "Authenticating Client:\n #{user.inspect}\n"

    # Store this for later..
    @auth_user = user
    authenticator.authenticate_request(user_key)
  rescue Mixlib::Authentication::MissingAuthenticationHeader => e
    Chef::Log.debug "Authentication failed: #{e.class.name}: #{e.message}\n#{e.backtrace.join("\n")}"
    raise BadRequest, "#{e.class.name}: #{e.message}"
  rescue StandardError => se
    Chef::Log.debug "Authentication failed: #{se}, #{se.backtrace.join("\n")}"
    raise Unauthorized, "Failed to authenticate. Ensure that your client key is valid."
  end

  unless authenticator.valid_request?
    if authenticator.valid_timestamp?
      raise Unauthorized, "Failed to authenticate. Ensure that your client key is valid."
    else
      raise Unauthorized, "Failed to authenticate. Please synchronize the clock on your client"
    end
  end
  true
end

#display(obj) ⇒ Object 



132
133
134
 
# File 'app/controllers/application.rb', line 132

def display(obj)
  super(obj, nil, {:max_nesting => Chef::JSONCompat::JSON_MAX_NESTING})
end

#get_available_recipesObject 



107
108
109
110
111
112
113
114
115
116
117
118
119
120
 
# File 'app/controllers/application.rb', line 107

def get_available_recipes
  all_cookbooks_list = Chef::CookbookVersion.cdb_list(true)
  available_recipes = all_cookbooks_list.sort{ |a,b| a.name.to_s <=> b.name.to_s }.inject([]) do |result, element|
    element.recipes.sort.each do |r|
      if r =~ /^(.+)::default$/
        result << $1
      else
        result << r
      end
    end
    result
  end
  available_recipes
end

#is_adminObject 



64
65
66
67
68
69
70
 
# File 'app/controllers/application.rb', line 64

def is_admin
  if @auth_user.admin
    true
  else
    raise Forbidden, "You are not allowed to take this action."
  end
end

#is_admin_or_validatorObject 



72
73
74
75
76
77
78
 
# File 'app/controllers/application.rb', line 72

def is_admin_or_validator
  if @auth_user.admin || @auth_user.name == Chef::Config[:validation_client_name]
    true
  else
    raise Forbidden, "You are not allowed to take this action."
  end
end

#redirect_back_or_default(default) ⇒ Object

Redirect to the URI stored by the most recent store_location call or to the passed default.



97
98
99
100
101
 
# File 'app/controllers/application.rb', line 97

def redirect_back_or_default(default)
  loc = session[:return_to] || default
  session[:return_to] = nil
  redirect loc
end

#store_locationObject

Store the URI of the current request in the session.

We can return to this location by calling #redirect_back_or_default.



91
92
93
 
# File 'app/controllers/application.rb', line 91

def store_location
  session[:return_to] = request.uri
end