allow but don't require ssl in the API for now, for backwards compat

We'll require SSL once current API users are all updated to use SSL. Change-Id: Ic5fe7219d416b01e23e225fd74fbb3586a7894f6 Reviewed-on: https://gerrit.instructure.com/2686 Tested-by: Hudson <hudson@instructure.com> Reviewed-by: Zach Wily <zach@instructure.com>
2011-03-17 14:00:08 -06:00 · 2011-03-17 14:00:08 -06:00 · 8c32041d85
parent 794ae08524
commit 8c32041d85
2 changed files with 11 additions and 2 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -40,7 +40,7 @@ class ApplicationController < ActionController::Base
  before_filter :fix_xhr_requests
  before_filter :init_body_classes_and_active_tab

-  ssl_required_if(:api_request?)
+  ssl_allowed_if(:api_request?)

  protected
  
--- a/vendor/plugins/ssl_requirement/lib/ssl_requirement.rb
+++ b/vendor/plugins/ssl_requirement/lib/ssl_requirement.rb
@ -69,6 +69,9 @@ module SslRequirement
    def ssl_required_if(method_name)
      write_inheritable_array(:ssl_required_if, [method_name])
    end
+    def ssl_allowed_if(method_name)
+      write_inheritable_array(:ssl_allowed_if, [method_name])
+    end
  end
  
  protected
@ -89,8 +92,14 @@ module SslRequirement
        !except.include?(action_name.to_sym)
      end
    end
-    
+
    def ssl_allowed?
+      methods = (self.class.read_inheritable_attribute(:ssl_allowed_if) || [])
+
+      if methods && methods.any? { |m| self.send(m) }
+        return true
+      end
+
      (self.class.read_inheritable_attribute(:ssl_allowed_actions) || []).include?(action_name.to_sym)
    end