Foodsoft/foodsoft
1
1
Fork 0
Code Issues 36 Pull requests 5 Projects 1 Releases Wiki Activity
foodsoft/plugins/links/app/controllers/links_controller.rb

26 lines
733 B
Ruby
Raw Normal View History

Add links plugin This can be used to link to external services related to the foodcoop. With the indirect mode it is possible to implement a secure login to other services. In that case Foodsoft will send a HTTP GET request and redirect the user to the returned Location header. This allows the generation of a one-time login URL. A typical use-case would be that a workgroup, which is responsible for the email account, does not need to share the login credentials and can use a link within the Foodsoft instead.
2020-07-29 11:19:20 +02:00
require 'net/http'
class LinksController < ApplicationController
def show
link = Link.find(params[:id])
url = link.url
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config
2023-05-12 13:01:12 +02:00
return deny_access if link.workgroup && !current_user.role_admin? && !link.workgroup.member?(current_user)
Add links plugin This can be used to link to external services related to the foodcoop. With the indirect mode it is possible to implement a secure login to other services. In that case Foodsoft will send a HTTP GET request and redirect the user to the returned Location header. This allows the generation of a one-time login URL. A typical use-case would be that a workgroup, which is responsible for the email account, does not need to share the login credentials and can use a link within the Foodsoft instead.
2020-07-29 11:19:20 +02:00
if link.indirect
uri = URI.parse url
request = Net::HTTP::Get.new uri
request['Authorization'] = link.authorization if link.authorization
result = Net::HTTP.start uri.host, uri.port, use_ssl: uri.scheme == 'https' do |http|
http.request request
end
url = result.header['Location']
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config
2023-05-12 13:01:12 +02:00
return redirect_to root_url, alert: t('.indirect_no_location') unless url
Add links plugin This can be used to link to external services related to the foodcoop. With the indirect mode it is possible to implement a secure login to other services. In that case Foodsoft will send a HTTP GET request and redirect the user to the returned Location header. This allows the generation of a one-time login URL. A typical use-case would be that a workgroup, which is responsible for the email account, does not need to share the login credentials and can use a link within the Foodsoft instead.
2020-07-29 11:19:20 +02:00
end
fix external link allow_other_host
2023-06-08 14:03:20 +02:00
redirect_to url, status: :found, allow_other_host: true
Add links plugin This can be used to link to external services related to the foodcoop. With the indirect mode it is possible to implement a secure login to other services. In that case Foodsoft will send a HTTP GET request and redirect the user to the returned Location header. This allows the generation of a one-time login URL. A typical use-case would be that a workgroup, which is responsible for the email account, does not need to share the login credentials and can use a link within the Foodsoft instead.
2020-07-29 11:19:20 +02:00
end
end
Reference in a new issue Copy permalink