diff --git a/app/controllers/bans_controller.rb b/app/controllers/bans_controller.rb index a3ae9fb..83496c5 100644 --- a/app/controllers/bans_controller.rb +++ b/app/controllers/bans_controller.rb @@ -8,10 +8,6 @@ class BansController < ApplicationController def show end - def refresh - Ban.refresh - end - def new @ban = Ban.new raise AccessError unless @ban.can_create? cuser diff --git a/app/controllers/plugin_controller.rb b/app/controllers/plugin_controller.rb deleted file mode 100644 index 02e7a73..0000000 --- a/app/controllers/plugin_controller.rb +++ /dev/null @@ -1,128 +0,0 @@ -class PluginController < ApplicationController - def esi - buffer = [] - out = [] - buffer << Time.now.utc.to_i - buffer << "1.2" - buffer << params[:ch] ? params[:ch] : "" - out << "#ESI#" - out << Verification.verify(buffer.join) - out << buffer.join("\r") - render_out out - end - - def user - buffer = [] - out = [] - - if ban = Ban.first(:conditions => ["expiry > UTC_TIMESTAMP() AND steamid = ? AND ban_type = ?", params[:id], Ban::TYPE_SERVER]) - out << "#USER#" - out << "BANNED" - out << ban.expiry.utc.to_i - out << ban.reason - out << "\r\r\r\r\r\r\r" - elsif user = User.first(:conditions => {:steamid => params[:id]}) - teamer = (user.team ? user.teamers.active.of_team(user.team).first : nil) - icon = 0 - rank = "User" - if Group.find(Group::DONORS).users.exists?(user) - rank = "Donor" - icon = icon | 1 - end - if Group.find(Group::CHAMPIONS).users.exists?(user) - icon = icon | 2 - end - if user.ref? - rank = "Referee" - icon = icon | 4 - end - if user.admin? - rank = "Admin" - icon = icon | 8 - end - - buffer << user.steamid - buffer << user.username - buffer << user.lastip - buffer << (user.team ? Verification.uncrap(user.team.to_s) : "No Team") - buffer << user.id - buffer << user.team_id - buffer << rank - buffer << (teamer ? teamer.ranks[teamer.rank] : "") - buffer << icon - buffer << params[:ch] ? params[:ch] : "" - buffer << (user.can_play? ? "1" : "0") - - out << "#USER#" - out << Verification.verify(buffer.join) - out << buffer.join("\r") - else - out << "#FAIL#" - end - - render_out out - end - - #def admin - # areq = AdminRequest.new - # areq.addr = params[:addr] - # areq.pwd = params[:pwd] - # areq.msg = params[:msg] - # areq.player = params[:player] - # areq.user_id = params[:user] - # areq.save! - # render :text => "Ok" - #end - - def ban - ban = Ban.new - ban.steamid = params[:id] - ban.ts = params[:ts] - ban.sign = params[:sign] - ban.expiry = DateTime.now.ago(-(params[:len].to_i*60)) - ban.addr = params[:addr] - ban.reason = params[:reason] - ban.ban_type = Ban::TYPE_SERVER - ban.save! - - render :text => "Ok" - end - - def hltv_req - if params[:game].to_i > 0 - if match = Match.first(:conditions => {:id => params[:game]}) - match.hltv_record params[:addr], params[:pwd] - hltv = match.hltv - else - render :text => t(:matches_notfound) - end - else - hltv = Server.hltvs.active.unreserved_now.unreserved_hltv_around(DateTime.now).first unless hltv - render :text => t(:hltv_notavailable) unless hltv - - hltv.recording = params[:game] - hltv.reservation = params[:addr] - hltv.pwd = params[:pwd] - hltv.save! - end - - render :text => t(:hltv_sent) - end - - def hltv_move - Server.move params[:addr], params[:newaddr], params[:newpwd] - render :text => t(:hltv_movedd) + params[:newaddr] - end - - def hltv_stop - Server.stop params[:addr] - render :text => t(:hltv_stopped) - end - - private - - def render_out out - @text = out.join("\r") - render :layout => false - end -end diff --git a/app/models/ban.rb b/app/models/ban.rb index e234580..44fa7e1 100644 --- a/app/models/ban.rb +++ b/app/models/ban.rb @@ -27,13 +27,12 @@ class Ban < ActiveRecord::Base VENT_BANS = "tmp/bans.txt" attr_protected :id, :created_at, :updated_at - attr_accessor :ts, :sign, :len, :user_name + attr_accessor :len, :user_name scope :ordered, order: "created_at DESC" scope :effective, conditions: "expiry > UTC_TIMESTAMP()" scope :ineffective, conditions: "expiry < UTC_TIMESTAMP()" - validate :validate_ts validate :validate_type validate :validate_ventban validates_format_of :steamid, with: /\A([0-9]{1,10}:){2}[0-9]{1,10}\Z/, allow_blank: true @@ -58,12 +57,6 @@ class Ban < ActiveRecord::Base TYPE_GATHER => "Gather"} end - def validate_ts - if ts and Verification.verify(steamid + ts.to_s) != sign - errors.add :ts, I18n.t(:wrong_verification_code) - end - end - def validate_type errors.add :ban_type, I18n.t(:invalid_ban_type) unless types.include? ban_type end @@ -94,12 +87,4 @@ class Ban < ActiveRecord::Base def can_destroy? cuser cuser and cuser.admin? end - - def self.refresh - #file = File.new(VENT_BANS, "w") - #Ban.all(:conditions => ["ban_type = ? AND expiry > UTC_TIMESTAMP()", TYPE_VENT]).each do |ban| - # file.write "#{ban.ip},,," - #end - #file.close - end end diff --git a/config/routes.rb b/config/routes.rb index 5f247e1..9aaca00 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -111,13 +111,6 @@ Ensl::Application.routes.draw do match 'movies/preview' match 'movies/snapshot' - match 'plugin/esi' - match 'plugin/user' - match 'plugin/ban' - match 'plugin/hltv_req' - match 'plugin/hltv_move' - match 'plugin/hltv_stop' - match 'users/forgot' match 'users/recover' match 'users/agenda' diff --git a/lib/verification.rb b/lib/verification.rb index 98257b4..9611585 100644 --- a/lib/verification.rb +++ b/lib/verification.rb @@ -1,53 +1,8 @@ module Verification - def Verification.verify input - md5 = Digest::MD5.hexdigest("9WvcZ9hX" + input + "KF7L4luQ").upcase.split(//) - chars = ["A", "B", "C", "D", "E", "F"] - nums = [] - lastPos = md5[31].to_i - result = "" - - for i in 0..9 - pos = md5[i].to_i - - if pos == 0 - pos = lastPos ** (i % 4) - elsif (pos % 4) == 0 - pos = pos * lastPos + i - elsif (pos % 3) == 0 - pos = pos ** (i % 4) - elsif (pos % 2) == 0 - pos = pos * i + pos - end - - pos = (pos > 31) ? (pos % 32) : pos - curChar = md5[31 - pos] - curNum = curChar.to_i - - if nums.include? curNum - if curNum == 0 - curChar = chars[pos % 6] - else - curChar = (pos % 10).to_s - end - curNum = curChar.to_i - end - - nums << curNum - result << curChar - lastPos = pos - end - - return result - end - def Verification.uncrap str str.to_s.gsub(/[^A-Za-z0-9_\-]/, "") end - def Verification.match_addr str - str.to_s.match(/(([0-9]{1,3}\.){3}[0-9]{1,3}):?([0-9]{0,5})/)[0] - end - def Verification.random_string len chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a str = "" diff --git a/spec/models/ban_spec.rb b/spec/models/ban_spec.rb new file mode 100644 index 0000000..32bb277 --- /dev/null +++ b/spec/models/ban_spec.rb @@ -0,0 +1,73 @@ +# == Schema Information +# +# Table name: bans +# +# id :integer not null, primary key +# steamid :string(255) +# user_id :integer +# addr :string(255) +# server_id :integer +# expiry :datetime +# reason :string(255) +# created_at :datetime +# updated_at :datetime +# ban_type :integer +# ip :string(255) +# + +require 'spec_helper' + +describe Ban do + let!(:user) { create :user } + let(:ban) { Ban.new } + let!(:server) { create :server } + + describe '#check_user' do + it "assigns user by user_name" do + ban.user_name = user.username + ban.check_user + expect(ban.user).to eq(user) + end + it "assigns user and server if user_name not present" do + ban.steamid = user.steamid + ban.addr = server.addr + ban.check_user + expect(ban.user).to eq(user) + expect(ban.server).to eq(server) + end + end + + describe 'Permissions' do + let!(:user) { create :user } + let!(:admin) { create :user, :admin } + let!(:server_user) { create :user } + let(:ban) { Ban.new } + + describe 'can_create?' do + it 'returns true for admins' do + expect(ban.can_create? admin).to be_true + end + it 'returns false for non-admins' do + expect(ban.can_create? user).to be_false + end + end + + describe 'can_destroy?' do + it 'returns true for admin' do + expect(ban.can_destroy? admin).to be_true + end + it 'returns false for non-admins' do + expect(ban.can_destroy? user).to be_false + end + end + + describe 'can_update?' do + it 'returns true for admin' do + expect(ban.can_update? admin).to be_true + end + it 'returns false for non-admins' do + expect(ban.can_update? user).to be_false + end + end + end +end