Class: PresenceController

Inherits:
ApplicationController show all
Defined in:
app/controllers/presence_controller.rb

Constant Summary

Constants inherited from ApplicationController

ApplicationController::LEGACY_NO_THEMES, ApplicationController::LEGACY_NO_UNOFFICIAL_PLUGINS, ApplicationController::NO_PLUGINS, ApplicationController::NO_THEMES, ApplicationController::NO_UNOFFICIAL_PLUGINS, ApplicationController::SAFE_MODE

Constants included from CanonicalURL::ControllerExtensions

CanonicalURL::ControllerExtensions::ALLOWED_CANONICAL_PARAMS

Instance Attribute Summary

Attributes inherited from ApplicationController

#theme_id

Instance Method Summary collapse

Methods inherited from ApplicationController

#application_layout, #can_cache_content?, #clear_notifications, #conditionally_allow_site_embedding, #current_homepage, #discourse_expires_in, #dont_cache_page, #ember_cli_required?, #fetch_user_from_params, #guardian, #handle_permalink, #handle_theme, #handle_unverified_request, #has_escaped_fragment?, #immutable_for, #no_cookies, #perform_refresh_session, #post_ids_including_replies, #preload_json, #rate_limit_second_factor!, #redirect_with_client_support, #render_json_dump, #render_serialized, requires_plugin, #rescue_discourse_actions, #resolve_safe_mode, #secure_session, #serialize_data, #set_current_user_for_logs, #set_layout, #set_mobile_view, #set_mp_snapshot_fields, #show_browser_update?, #store_preloaded, #use_crawler_layout?, #with_resolved_locale

Methods included from VaryHeader

#ensure_vary_header

Methods included from ReadOnlyMixin

#add_readonly_header, #allowed_in_staff_writes_only_mode?, #block_if_readonly_mode, #check_readonly_mode, included, #staff_writes_only_mode?

Methods included from Hijack

#hijack

Methods included from GlobalPath

#cdn_path, #cdn_relative_path, #full_cdn_url, #path, #upload_cdn_path

Methods included from JsonError

#create_errors_json

Methods included from CanonicalURL::ControllerExtensions

#canonical_url, #default_canonical, included

Methods included from CurrentUser

#clear_current_user, #current_user, has_auth_cookie?, #is_api?, #is_user_api?, #log_off_user, #log_on_user, lookup_from_env, #refresh_session

Instance Method Details

#getObject 



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'app/controllers/presence_controller.rb', line 10

def get
  names = params.require(:channels)
  if !(names.is_a?(Array) && names.all? { |n| n.is_a? String })
    raise Discourse::InvalidParameters.new(:channels)
  end

  names.uniq!

  if names.length > MAX_CHANNELS_PER_REQUEST
    raise Discourse::InvalidParameters.new("Too many channels")
  end

  user_group_ids =
    if current_user
      GroupUser.where(user_id: current_user.id).pluck("group_id")
    else
      []
    end

  result = {}
  names.each do |name|
    channel = PresenceChannel.new(name)
    if channel.can_view?(user_id: current_user&.id, group_ids: user_group_ids)
      result[name] = PresenceChannelStateSerializer.new(channel.state, root: nil)
    else
      result[name] = nil
    end
  rescue PresenceChannel::NotFound
    result[name] = nil
  end

  render json: result
end

#updateObject 



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'app/controllers/presence_controller.rb', line 44

def update
  client_id = params[:client_id]
  if !client_id.is_a?(String) || client_id.blank?
    raise Discourse::InvalidParameters.new(:client_id)
  end

  # JS client is designed to throttle to one request per second
  # When no changes are being made, it makes one request every 30 seconds
  RateLimiter.new(nil, "update-presence-#{current_user.id}", 20, 10.seconds).performed!

  present_channels = params[:present_channels]
  if present_channels &&
       !(present_channels.is_a?(Array) && present_channels.all? { |c| c.is_a? String })
    raise Discourse::InvalidParameters.new(:present_channels)
  end

  leave_channels = params[:leave_channels]
  if leave_channels &&
       !(leave_channels.is_a?(Array) && leave_channels.all? { |c| c.is_a? String })
    raise Discourse::InvalidParameters.new(:leave_channels)
  end

  if present_channels && present_channels.length > MAX_CHANNELS_PER_REQUEST
    raise Discourse::InvalidParameters.new("Too many present_channels")
  end

  response = {}

  present_channels&.each do |name|
    PresenceChannel.new(name).present(user_id: current_user&.id, client_id: params[:client_id])
    response[name] = true
  rescue PresenceChannel::NotFound, PresenceChannel::InvalidAccess
    response[name] = false
  end

  leave_channels&.each do |name|
    PresenceChannel.new(name).leave(user_id: current_user&.id, client_id: params[:client_id])
  rescue PresenceChannel::NotFound
    # Do nothing. Don't reveal that this channel doesn't exist
  end

  render json: response
end