Commit cf79e0ac authored by Francesc Guasch's avatar Francesc Guasch
Browse files

refactor(frontend): allow ws anonyous on some channels

issue #1023
parent 53b5b6cf
......@@ -157,9 +157,6 @@
subscribe_ping_backend(url);
};
$http.get('/pingbackend.json').then(function(response) {
$scope.pingbe_fail = !response.data;
});
$scope.only_public = false;
$scope.toggle_only_public=function() {
$scope.only_public = !$scope.only_public;
......
......@@ -117,6 +117,8 @@ our $SESSION_TIMEOUT = ($CONFIG_FRONT->{session_timeout} or 5 * 60);
our $SESSION_TIMEOUT_ADMIN = ($CONFIG_FRONT->{session_timeout_admin} or 15 * 60);
my $WS = Ravada::WebSocket->new(ravada => $RAVADA);
my %ALLOWED_ANONYMOUS_WS = map { $_ => 1 } qw(list_bases_anonymous list_alerts);
init();
############################################################################3
......@@ -154,6 +156,7 @@ hook before_routes => sub {
# anonymous URLs
if (($url =~ m{^/machine/(clone|display|info|view)/}
|| $url =~ m{^/(list_bases_anonymous|request/)}i
|| $url =~ m{^/ws/subscribe}
) && !_logged_in($c)) {
$USER = _anonymous_user($c);
return if $USER->is_temporary;
......@@ -442,12 +445,6 @@ get '/list_lxc_templates.json' => sub {
$c->render(json => $RAVADA->list_lxc_templates);
};
get '/pingbackend.json' => sub {
my $c = shift;
$c->render(json => $RAVADA->ping_backend);
};
# machine commands
get '/machine/info/(:id).(:type)' => sub {
......@@ -1220,6 +1217,9 @@ websocket '/ws/subscribe' => sub {
$c->inactivity_timeout( $expiration );
$c->on(message => sub {
my ($ws, $channel ) = @_;
return access_denied($c)
if !$ALLOWED_ANONYMOUS_WS{$channel} && $USER->is_temporary;
$WS->subscribe( ws => $ws
, channel => $channel
, login => $USER->name
......@@ -2353,10 +2353,9 @@ sub _random_name {
sub _new_anonymous_user {
my $c = shift;
my $name_mojo = reverse($c->signed_cookie('mojolicious'));
my $length = 32;
$name_mojo = _random_name($length) if !$name_mojo;
my $cookie = ($c->signed_cookie('mojolicious') or _random_name($length));
my $name_mojo = reverse($cookie);
$name_mojo =~ tr/[^a-z][^A-Z][^0-9]/___/c;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment