Class: QController

Inherits:

ApiController

• Object
• ActionController::Base
• ApiController
• QController

Defined in:

app/controllers/q_controller.rb

Instance Method Summary

• #auth ⇒ Object

  authenticate an already-registered user, and potentially set their notification method params: auth_id user: id password: unencrypted.

• #deregister ⇒ Object

  deregistered a User ID with a notification method/address - i.e.

• #event ⇒ Object
• #extauth ⇒ Object

  call client’s authentication URL with whatever params are passed to this method returns: if auth URL returns status code 200, return the same as “register” would return else, return whatever the auth URL returned.

• #messages ⇒ Object

  notification messages params: auth_id, user_id, session_token optional: after (date/time) status page (paginated results) per (number per page, default 10) limit (default 100) min_id (IDs must be greater than this).

• #register ⇒ Object

  associate a user ID with a notification method/address params: user (the external ID by which the user is known) auth_id (the publisher auth ID) method (the notification method) address (the address at which they can be notified) encrypted_password (optional, to allow direct authentication, should already be bcrypted) password (optional, to allow direct authentication, will be bcrypted).

• #subscribe ⇒ Object

  subscribe to a topic (i.e. receive a notification when that topic happens) params: user (the external ID by which the user is known) topic (the topic to which is being subscribed).

• #token ⇒ Object

  send system_id and password to get a token which can be use for token authentication (if publisher auth method is token) or encrypting requests (if publisher auth method is digest) params: auth_id, auth_secret returns: token.

• #unsubscribe ⇒ Object

  unsubscribe from topic (i.e. stop receiving notifications when a topic happens) params: user (the external ID by which the user is known) topic (the topic to which is being unsubscribed).

Methods inherited from ApiController

#clear_session, #offline, #protect_against_forgery?, #respond_error

Instance Method Details

#auth ⇒ Object

authenticate an already-registered user, and potentially set their notification method params: auth_id

user: id
password: unencrypted

# File 'app/controllers/q_controller.rb', line 44

def auth
  @publisher = QPublisher.sys(_sid).where(:auth_id=>params[:auth_id]).first

  quser = @publisher.q_users.sys(_sid).where(:id=>params[:user_id]).first

  if quser && quser.password == params[:password]
    update_notification(quser)
    quser.generate_session_token 
    quser.save
    render :json=>{:error=>nil, :session=>quser.session_token}, :callback=>params[:callback]
  else
    render :json=>{:error=>"Incorrect username or password"}, :callback=>params[:callback]
  end
end

#deregister ⇒ Object

deregistered a User ID with a notification method/address - i.e. destroy the user account params: user (the external ID by which the user is known)

# File 'app/controllers/q_controller.rb', line 109

def deregister
  quser = @publisher.q_users.sys(_sid).where(:q_external_id=>params[:user]).first

  quser.destroy
  head :ok
end

#event ⇒ Object

# File 'app/controllers/q_controller.rb', line 158

def event
  event = QEvent.create(:system_id=>_sid, :q_publisher_id=>@publisher.id, 
                        :topic=>params[:topic], :data=>params[:data], 
                        :klass=>params[:class])

  render :json=>{:event=>event.id} 
end

#extauth ⇒ Object

call client’s authentication URL with whatever params are passed to this method returns: if auth URL returns status code 200, return the same as “register” would return else, return whatever the auth URL returned

# File 'app/controllers/q_controller.rb', line 36

def extauth
  head :error 
end

#messages ⇒ Object

notification messages params: auth_id, user_id, session_token optional: after (date/time)

status
page (paginated results)
per (number per page, default 10)
limit (default 100)
min_id (IDs must be greater than this)

# File 'app/controllers/q_controller.rb', line 13

def messages
  s = @quser.q_messages.sys(_sid).includes(:q_publisher).order("id desc")
  s = s.where(["created_at > ?", params[:after]]) if params[:after]
  s = s.where(["status = ?", params[:status]]) if params[:status]
  s = s.where(["id > ?", params[:min_id]]) if params[:min_id]
  s = s.limit(params[:limit] || 100) 
  s = s.page(params[:page]).per(params[:per] || 10) if params[:page]
  
  r = []
  s.all.each do |ss|
    r << { :id=>ss.id, :status=>ss.status, :h1=>ss.h1, :h2=>ss.h2, :body=>ss.body, :publisher=>ss.q_publisher.name, :created_at=>ss.created_at }
    unless params[:nomark]
      ss.status = "OK"
      ss.save
    end
  end 
  logger.debug r.to_json
  render :json=>r, :callback=>params[:callback]
end

#register ⇒ Object

associate a user ID with a notification method/address params: user (the external ID by which the user is known)

auth_id (the publisher auth ID)
method (the notification method)
address (the address at which they can be notified)
encrypted_password (optional, to allow direct authentication, should already be bcrypted)
password (optional, to allow direct authentication, will be bcrypted)

# File 'app/controllers/q_controller.rb', line 79

def register
  quser = @publisher.q_users.sys(_sid).where(:q_external_id=>params[:user]).first
  
  if quser
    if quser.password != params[:password]
      head :forbidden
      return
    else
      quser.password = params[:new_password] if params[:new_password]
    end
  else
    quser = QUser.new
    quser.system_id = _sid
    quser.q_publisher = @publisher.id
    quser.q_external_id = params[:user]
    quser.encrypted_password = params[:encrypted_password] if params[:encrypted_password]
  end

  update_notification(quser) 
  quser.save
  unless quser.q_external_id
    quser.q_external_id = quser.id
    quser.save
  end
  render :json=>{:id=>quser.q_external_id}, :callback=>params[:callback]
end

#subscribe ⇒ Object

subscribe to a topic (i.e. receive a notification when that topic happens) params: user (the external ID by which the user is known)

topic (the topic to which is being subscribed)

# File 'app/controllers/q_controller.rb', line 119

def subscribe
  quser = @publisher.q_users.sys(_sid).where(:q_external_id=>params[:user]).first

  unless quser
   head :bad_request
   return
  end
  
  qs = QSubscription.sys(_sid).where(:q_publisher_id=>@publisher.id).where(:q_user_id=>quser.id).where(:topic=>params[:topic]).first
  unless qs
    qs = QSubscription.new
    qs.system_id = _sid
    qs.q_publisher = @publisher
    qs.q_user = quser
    qs.topic = params[:topic]
    qs.save
  end

  render :json=>{:subscription=>qs.id}
end

#token ⇒ Object

send system_id and password to get a token which can be use for token authentication (if publisher auth method is token) or encrypting requests (if publisher auth method is digest) params: auth_id, auth_secret returns: token

# File 'app/controllers/q_controller.rb', line 62

def token
  publisher = QPublisher.sys(_sid).where(:auth_id=>params[:auth_id]).first

  if publisher && publisher.auth_secret == params[:auth_secret]
    render :json=>{:auth_id=>publisher.auth_id, :token=>publisher.token}
  else
    head :forbidden
  end
end

#unsubscribe ⇒ Object

unsubscribe from topic (i.e. stop receiving notifications when a topic happens) params: user (the external ID by which the user is known)

topic (the topic to which is being unsubscribed)

# File 'app/controllers/q_controller.rb', line 143

def unsubscribe
  quser = @publisher.q_users.sys(_sid).where(:q_external_id=>params[:user]).first

  unless quser
   head :bad_request
   return
  end

  qs = QSubscription.sys(_sid).where(:q_publisher_id=>@publisher.id).where(:q_user_id=>quser.id).where(:topic=>params[:topic]).first

  qs.destroy    

  head :ok
end