Class: PasswordsController

Inherits:
ApplicationController show all
Defined in:
app/controllers/passwords_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#not_found

Instance Method Details

#createObject

POST /passwords POST /passwords.json



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
# File 'app/controllers/passwords_controller.rb', line 57

def create
  if params[:password][:payload].blank? or params[:password][:payload] == PAYLOAD_INITIAL_TEXT
    redirect_to '/'
    return
  end

  if params[:password][:payload].length > 250
    redirect_to '/', :error => "That password is too long."
    return
  end

  @password = Password.new()

  @password.expire_after_days = params[:password][:expire_after_days]
  @password.expire_after_views = params[:password][:expire_after_views]

  if DELETABLE_BY_VIEWER_PASSWORDS && params[:password].key?(:deletable_by_viewer)
    @password.deletable_by_viewer = true
  else
    @password.deletable_by_viewer = false
  end

  @password.url_token = rand(36**16).to_s(36)
  @password.user_id = current_user.id if current_user

  # The first view on new passwords are free since we redirect
  # the passwd creator to the password itself (and don't burn up
  # a view).
  @password.first_view = true

  # Encrypt the passwords
  @key = EzCrypto::Key.with_password CRYPT_KEY, CRYPT_SALT
  @password.payload = @key.encrypt64(params[:password][:payload])

  @password.validate!

  respond_to do |format|
    if @password.save
      format.html { redirect_to @password, :notice => "The password has been pushed." }
      format.json { render :json => @password, :status => :created }
    else
      format.html { render :action => "new" }
      format.json { render :json => @password.errors, :status => :unprocessable_entity }
    end
  end
end

#destroyObject 



104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
 
# File 'app/controllers/passwords_controller.rb', line 104

def destroy
  if params.has_key?(:id)
    @password = Password.find_by_url_token!(params[:id])
  end

  # Redirect to root if we couldn't find password or
  # the found password wasn't market as deletable
  unless @password || @password.deletable_by_viewer
    redirect_to :root
    return
  end

  @password.expired = true
  @password.payload = nil
  @password.deleted = true

  respond_to do |format|
    if @password.save
      format.html { redirect_to @password, :notice => "The password has been deleted." }
      format.json { render :json => @password, :status => :destroyed }
    else
      format.html { render :action => "new" }
      format.json { render :json => @password.errors, :status => :unprocessable_entity }
    end
  end
end

#newObject

GET /passwords/new GET /passwords/new.json



44
45
46
47
48
49
50
51
52
53
 
# File 'app/controllers/passwords_controller.rb', line 44

def new
  @password = Password.new

  expires_in 3.hours, :public => true, 'max-stale' => 0

  respond_to do |format|
    format.html # new.html.erb
    format.json { render :json => @password }
  end
end

#showObject

GET /passwords/1 GET /passwords/1.json



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'app/controllers/passwords_controller.rb', line 4

def show
  if params.has_key?(:id)
    @password = Password.find_by_url_token!(params[:id])

    # If this is the first view, update record.  Otherwise, record
    # a view.
    @first_view = @password.first_view

    if @first_view
      @password.update_attribute(:first_view, false)
    else
      @password.views = View.where(:password_id => @password.id, :successful => true)
    end
  else
    redirect_to :root
    return
  end

  # This password may have expired since the last view.  Validate the password
  # expiration before doing anything.
  @password.validate!

  unless @password.expired
    # Decrypt the passwords
    @key = EzCrypto::Key.with_password CRYPT_KEY, CRYPT_SALT
    @payload = @key.decrypt64(@password.payload)
  end

  log_view(@password) unless @first_view

  expires_now()

  respond_to do |format|
    format.html # show.html.erb
    format.json { render :json => @password }
  end
end