class Gitrob::WebApp

Constants

CONTENT_SECURITY_POLICY
HUMAN_PREFIXES

Public Instance Methods

csrf_attack?() click to toggle source
# File lib/gitrob/web_app.rb, line 68
def csrf_attack?
  !request.safe? && csrf_token_from_request != session[:csrf]
end
csrf_token_from_request() click to toggle source
# File lib/gitrob/web_app.rb, line 62
def csrf_token_from_request
  csrf_token = env["HTTP_X_CSRF_TOKEN"] || params["_csrf"]
  halt(403, "CSRF token not present in request") if csrf_token.to_s.empty?
  csrf_token
end
ellipsisize(string, minimum_length=4, edge_length=3) click to toggle source
# File lib/gitrob/web_app.rb, line 45
def ellipsisize(string, minimum_length=4, edge_length=3)
  return string if string.length < minimum_length || string.length <= edge_length * 2 # rubocop:disable Metrics/LineLength
  edge = "." * edge_length
  mid_length = string.length - edge_length * 2
  string.gsub(/(#{edge}).{#{mid_length},}(#{edge})/, '\1...\2')
end
find_assessment(id) click to toggle source
# File lib/gitrob/web_app.rb, line 72
def find_assessment(id)
  Gitrob::Models::Assessment.first(
    :id       => id.to_i,
    :finished => true,
    :deleted  => false
  ) || halt(404)
end
find_comparison(id) click to toggle source
# File lib/gitrob/web_app.rb, line 80
def find_comparison(id)
  Gitrob::Models::Comparison.first(
    :id       => id.to_i,
    :finished => true,
    :deleted  => false
  ) || halt(404)
end
format_path(path) click to toggle source
# File lib/gitrob/web_app.rb, line 35
def format_path(path)
  dirname  = File.dirname(path)
  basename = File.basename(path)
  if dirname == "."
    "<strong>#{h basename}</strong>"
  else
    "#{h ellipsisize(dirname, 60, 25)}/<strong>#{h basename}</strong>"
  end
end
format_url(url) click to toggle source
# File lib/gitrob/web_app.rb, line 52
def format_url(url)
  return url if url.start_with?("http")
  "http://#{url}"
end
number_to_human_size(number) click to toggle source
# File lib/gitrob/web_app.rb, line 25
def number_to_human_size(number)
  s = number.to_f
  i = HUMAN_PREFIXES.length - 1
  while s > 512 && i > 0
    i -= 1
    s /= 1024
  end
  ((s > 9 || s.modulo(1) < 0.1 ? "%d" : "%.1f") % s) + "<strong>#{HUMAN_PREFIXES[i]}</strong>" # rubocop:disable Metrics/LineLength
end
protect_from_request_forgery!() click to toggle source
# File lib/gitrob/web_app.rb, line 57
def protect_from_request_forgery!
  session[:csrf] ||= SecureRandom.hex(32)
  halt(403, "CSRF attack prevented") if csrf_attack?
end