Class: V0::OnsiteNotificationsController

Inherits:

ApplicationController

• Object
• ActionController::API
• ApplicationController
• V0::OnsiteNotificationsController

Defined in:

app/controllers/v0/onsite_notifications_controller.rb

Constant Summary

BEARER_PATTERN =

/^Bearer /

Constants inherited from ApplicationController

ApplicationController::VERSION_STATUS

Constants included from ExceptionHandling

ExceptionHandling::SKIP_SENTRY_EXCEPTION_TYPES

Instance Attribute Summary

Attributes inherited from ApplicationController

#current_user

Instance Method Summary

• #authenticate_jwt ⇒ Object private
• #authenticity_error ⇒ Object private
• #clean_pagination_params ⇒ Object private
• #create ⇒ Object
• #get_bearer_token ⇒ Object private
• #index ⇒ Object
• #pagination_meta(notifications) ⇒ Object private
• #public_key ⇒ Object private
• #token_valid?(token) ⇒ Boolean private
• #update ⇒ Object

Methods inherited from ApplicationController

#clear_saved_form, #cors_preflight, #pagination_params, #render_job_id, #routing_error, #set_csrf_header

Methods included from Traceable

#set_trace_tags

Methods included from SentryControllerLogging

#set_tags_and_extra_context, #tags_context, #user_context

Methods included from SentryLogging

#log_exception_to_sentry, #log_message_to_sentry, #non_nil_hash?, #normalize_level, #rails_logger, #set_sentry_metadata

Methods included from Instrumentation

#append_info_to_payload

Methods included from SignIn::Authentication

#access_token, #access_token_authenticate, #authenticate, #authenticate_access_token, #bearer_token, #cookie_access_token, #handle_authenticate_error, #load_user, #load_user_object, #scrub_bearer_token, #validate_request_ip

Methods included from Headers

#set_app_info_headers

Methods included from ExceptionHandling

#render_errors, #report_mapped_exception, #report_original_exception, #skip_sentry_exception?, #skip_sentry_exception_types

Methods included from AuthenticationAndSSOConcerns

#authenticate, #clear_session, #extend_session!, #load_user, #log_sso_info, #render_unauthorized, #reset_session, #set_api_cookie!, #set_current_user, #set_session_expiration_header, #set_session_object, #sign_in_service_exp_time, #sign_in_service_session, #sso_cookie_content, #sso_logging_info, #validate_inbound_login_params, #validate_session

Methods included from SignIn::AudienceValidator

#authenticate, #validate_audience!

Instance Method Details

#authenticate_jwt ⇒ Object (private)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 62

def authenticate_jwt
  bearer_token = get_bearer_token
  raise authenticity_error if bearer_token.blank?

  decoded_token = JWT.decode(bearer_token, public_key, true, { algorithm: 'ES256' })

  raise authenticity_error unless token_valid? decoded_token
rescue JWT::DecodeError
  raise authenticity_error
end

#authenticity_error ⇒ Object (private)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 47

def authenticity_error
  Common::Exceptions::Forbidden.new(detail: 'Invalid Authenticity Token')
end

#clean_pagination_params ⇒ Object (private)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 77

def clean_pagination_params
  per_page = pagination_params[:per_page].to_i
  params[:per_page] = WillPaginate.per_page if per_page < 1
  WillPaginate::PageNumber(pagination_params[:page])
rescue WillPaginate::InvalidPage
  params[:page] = 1
end

#create ⇒ Object

Raises:

• (Common::Exceptions::ValidationErrors)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 35

def create
  onsite_notification = OnsiteNotification.new(
    params.require(:onsite_notification).permit(:va_profile_id, :template_id)
  )

  raise Common::Exceptions::ValidationErrors, onsite_notification unless onsite_notification.save

  render json: OnsiteNotificationSerializer.new(onsite_notification)
end

#get_bearer_token ⇒ Object (private)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 51

def get_bearer_token
  header = request.authorization
  header.gsub(BEARER_PATTERN, '') if header&.match(BEARER_PATTERN)
end

#index ⇒ Object

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 13

def index
  clean_pagination_params
  notifications = OnsiteNotification
                  .for_user(current_user, include_dismissed: params[:include_dismissed])
                  .paginate(**pagination_params)

  options = { meta: pagination_meta(notifications) }

  render json: OnsiteNotificationSerializer.new(notifications, options)
end

#pagination_meta(notifications) ⇒ Object (private)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 85

def pagination_meta(notifications)
  {
    pagination: {
      current_page: notifications.current_page.to_i,
      per_page: notifications.per_page,
      total_pages: notifications.total_pages,
      total_entries: notifications.total_entries
    }
  }
end

#public_key ⇒ Object (private)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 56

def public_key
  OpenSSL::PKey::EC.new(
    Base64.decode64(Settings.onsite_notifications.public_key)
  )
end

#token_valid?(token) ⇒ Boolean (private)

Returns:

• (Boolean)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 73

def token_valid?(token)
  token.first['user'] == 'va_notify' && token.first['iat'].present? && token.first['exp'].present?
end

#update ⇒ Object

Raises:

• (Common::Exceptions::RecordNotFound)

# File 'app/controllers/v0/onsite_notifications_controller.rb', line 24

def update
  onsite_notification = OnsiteNotification.find_by(id: params[:id], va_profile_id: current_user.vet360_id)
  raise Common::Exceptions::RecordNotFound, params[:id] if onsite_notification.nil?

  unless onsite_notification.update(params.require(:onsite_notification).permit(:dismissed))
    raise Common::Exceptions::ValidationErrors, onsite_notification
  end

  render json: OnsiteNotificationSerializer.new(onsite_notification)
end