From 6dfcc0114fb50f718669e7af715c7825022c467d Mon Sep 17 00:00:00 2001 From: Chris Blanchard Date: Sat, 15 Aug 2015 13:30:39 +0100 Subject: [PATCH] Remove IP address data from users plugin --- app/controllers/plugin_controller.rb | 103 +++++++++--------- .../plugin/plugin_controller_spec.rb | 29 +++++ 2 files changed, 80 insertions(+), 52 deletions(-) create mode 100644 spec/controllers/plugin/plugin_controller_spec.rb diff --git a/app/controllers/plugin_controller.rb b/app/controllers/plugin_controller.rb index 76a2885..8603141 100644 --- a/app/controllers/plugin_controller.rb +++ b/app/controllers/plugin_controller.rb @@ -1,58 +1,57 @@ class PluginController < ApplicationController - def user - buffer = [] - out = [] + def user + buffer = [] + out = [] + if ban = Ban.first(:conditions => ["expiry > UTC_TIMESTAMP() AND steamid = ? AND ban_type = ?", params[:id], Ban::TYPE_SERVER]) + out << "#USER#" + out << "BANNED" + out << ban.expiry.utc.to_i + out << ban.reason + out << "\r\r\r\r\r\r\r" + elsif user = User.first(:conditions => {:steamid => params[:id]}) + teamer = (user.team ? user.teamers.active.of_team(user.team).first : nil) + icon = 0 + rank = "User" + if Group.find(Group::DONORS).users.exists?(user) + rank = "Donor" + icon = icon | 1 + end + if Group.find(Group::CHAMPIONS).users.exists?(user) + icon = icon | 2 + end + if user.ref? + rank = "Referee" + icon = icon | 4 + end + if user.admin? + rank = "Admin" + icon = icon | 8 + end - if ban = Ban.first(:conditions => ["expiry > UTC_TIMESTAMP() AND steamid = ? AND ban_type = ?", params[:id], Ban::TYPE_SERVER]) - out << "#USER#" - out << "BANNED" - out << ban.expiry.utc.to_i - out << ban.reason - out << "\r\r\r\r\r\r\r" - elsif user = User.first(:conditions => {:steamid => params[:id]}) - teamer = (user.team ? user.teamers.active.of_team(user.team).first : nil) - icon = 0 - rank = "User" - if Group.find(Group::DONORS).users.exists?(user) - rank = "Donor" - icon = icon | 1 - end - if Group.find(Group::CHAMPIONS).users.exists?(user) - icon = icon | 2 - end - if user.ref? - rank = "Referee" - icon = icon | 4 - end - if user.admin? - rank = "Admin" - icon = icon | 8 - end + buffer << user.steamid + buffer << user.username + buffer << '0.0.0.0' + buffer << (user.team ? Verification.uncrap(user.team.to_s) : "No Team") + buffer << user.id + buffer << user.team_id + buffer << rank + buffer << (teamer ? teamer.ranks[teamer.rank] : "") + buffer << icon + buffer << params[:ch] ? params[:ch] : "" + buffer << (user.can_play? ? "1" : "0") - buffer << user.steamid - buffer << user.username - buffer << user.lastip - buffer << (user.team ? Verification.uncrap(user.team.to_s) : "No Team") - buffer << user.id - buffer << user.team_id - buffer << rank - buffer << (teamer ? teamer.ranks[teamer.rank] : "") - buffer << icon - buffer << params[:ch] ? params[:ch] : "" - buffer << (user.can_play? ? "1" : "0") + out << "#USER#" + out << Verification.verify(buffer.join) + out << buffer.join("\r") + else + out << "#FAIL#" + end - out << "#USER#" - out << Verification.verify(buffer.join) - out << buffer.join("\r") - else - out << "#FAIL#" - end + render_out out + end - render_out out - end - - def render_out out - @text = out.join("\r") - render :layout => false - end + def render_out out + @text = out.join("\r") + render :layout => false + end end \ No newline at end of file diff --git a/spec/controllers/plugin/plugin_controller_spec.rb b/spec/controllers/plugin/plugin_controller_spec.rb new file mode 100644 index 0000000..e9585af --- /dev/null +++ b/spec/controllers/plugin/plugin_controller_spec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe PluginController do + render_views + + describe '#user' do + before do + create :group, :donors + create :group, :champions + end + + let!(:user) { create :user_with_team } + + it 'returns user data' do + get :user, id: user.steamid + expect(response).to be_success + expect(response.body).to include(user.username) + end + + it 'definitely does not return IP address' do + last_ip = '127.0.0.1' + user.lastip = last_ip + user.save! + get :user, id: user.steamid + expect(response).to be_success + expect(response).to_not include(last_ip) + end + end +end \ No newline at end of file