trabajo-afectivo/app/controllers/application_controller/handles_devices.rb

# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/

module ApplicationController::HandlesDevices
  extend ActiveSupport::Concern

  included do
    before_action :user_device_check
  end

  def user_device_check
    return false if !user_device_log(current_user, 'session')

    true
  end

  def user_device_log(user, type)
    switched_from_user_id = ENV['SWITCHED_FROM_USER_ID'] || session[:switched_from_user_id]
    return true if params[:controller] == 'init' # do no device logging on static initial page
    return true if switched_from_user_id
    return true if !user
    return true if !user.permissions?('user_preferences.device')
    return true if type == 'SSO'

    time_to_check = true
    user_device_updated_at = session[:user_device_updated_at]
    if ENV['USER_DEVICE_UPDATED_AT']
      user_device_updated_at = Time.zone.parse(ENV['USER_DEVICE_UPDATED_AT'])
    end

    if user_device_updated_at
      # check if entry exists / only if write action
      diff = Time.zone.now - 10.minutes
      if %w[GET OPTIONS HEAD].include?(request.method)
        diff = Time.zone.now - 30.minutes
      end

      # only update if needed
      if user_device_updated_at > diff
        time_to_check = false
      end
    end

    # if ip has not changed and ttl in still valid
    remote_ip = ENV['TEST_REMOTE_IP'] || request.remote_ip
    return true if time_to_check == false && session[:user_device_remote_ip] == remote_ip

    session[:user_device_remote_ip] = remote_ip

    # for sessions we need the fingperprint
    if type == 'session'
      if !session[:user_device_updated_at] && !params[:fingerprint] && !session[:user_device_fingerprint]
        raise Exceptions::UnprocessableEntity, 'Need fingerprint param!'
      end

      if params[:fingerprint]
        UserDevice.fingerprint_validation(params[:fingerprint])
        session[:user_device_fingerprint] = params[:fingerprint]
      end
    end

    session[:user_device_updated_at] = Time.zone.now

    # add device if needed
    http_user_agent = ENV['HTTP_USER_AGENT'] || request.env['HTTP_USER_AGENT']
    UserDeviceLogJob.perform_later(
      http_user_agent,
      remote_ip,
      user.id,
      session[:user_device_fingerprint],
      type,
    )
  end
end
Maintenance: Update copyright information and add a new rubocop cop to watch over it. 2021-06-01 12:20:20 +00:00			`# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/`

Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`module ApplicationController::HandlesDevices`
			`extend ActiveSupport::Concern`

			`included do`
			`before_action :user_device_check`
			`end`

			`def user_device_check`
			`return false if !user_device_log(current_user, 'session')`
Updated rubocop to latest version (0.59.2) and applied required changes. 2018-10-09 06:17:41 +00:00
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`true`
			`end`

			`def user_device_log(user, type)`
			`switched_from_user_id = ENV['SWITCHED_FROM_USER_ID'] \|\| session[:switched_from_user_id]`
Maintenance: Fixed typos in inline comments. 2019-07-31 08:23:48 +00:00			`return true if params[:controller] == 'init' # do no device logging on static initial page`
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`return true if switched_from_user_id`
			`return true if !user`
			`return true if !user.permissions?('user_preferences.device')`
Existing user session when requesting SSO session create endpoint will fail device check because of missing fingerprint param (which is required as soon as a user/session is present). 2019-09-30 17:34:13 +00:00			`return true if type == 'SSO'`
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00
			`time_to_check = true`
			`user_device_updated_at = session[:user_device_updated_at]`
			`if ENV['USER_DEVICE_UPDATED_AT']`
			`user_device_updated_at = Time.zone.parse(ENV['USER_DEVICE_UPDATED_AT'])`
			`end`

			`if user_device_updated_at`
			`# check if entry exists / only if write action`
			`diff = Time.zone.now - 10.minutes`
Applied changes for Rubocop 0.51. 2017-11-23 08:09:44 +00:00			`if %w[GET OPTIONS HEAD].include?(request.method)`
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`diff = Time.zone.now - 30.minutes`
			`end`

			`# only update if needed`
			`if user_device_updated_at > diff`
			`time_to_check = false`
			`end`
			`end`

			`# if ip has not changed and ttl in still valid`
			`remote_ip = ENV['TEST_REMOTE_IP'] \|\| request.remote_ip`
			`return true if time_to_check == false && session[:user_device_remote_ip] == remote_ip`
Updated rubocop to latest version (0.59.2) and applied required changes. 2018-10-09 06:17:41 +00:00
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`session[:user_device_remote_ip] = remote_ip`

			`# for sessions we need the fingperprint`
			`if type == 'session'`
			`if !session[:user_device_updated_at] && !params[:fingerprint] && !session[:user_device_fingerprint]`
			`raise Exceptions::UnprocessableEntity, 'Need fingerprint param!'`
			`end`
Updated rubocop to latest version (0.59.2) and applied required changes. 2018-10-09 06:17:41 +00:00
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`if params[:fingerprint]`
Fixed issue #1337 - "Signin detected from a new device" Spam. 2018-04-12 11:23:48 +00:00			`UserDevice.fingerprint_validation(params[:fingerprint])`
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`session[:user_device_fingerprint] = params[:fingerprint]`
			`end`
			`end`

			`session[:user_device_updated_at] = Time.zone.now`

			`# add device if needed`
			`http_user_agent = ENV['HTTP_USER_AGENT'] \|\| request.env['HTTP_USER_AGENT']`
Refactoring: Migrated UserDeviceLogJob from Delayed::Job to Active Job. 2018-12-12 12:51:29 +00:00			`UserDeviceLogJob.perform_later(`
			`http_user_agent,`
			`remote_ip,`
			`user.id,`
			`session[:user_device_fingerprint],`
			`type,`
Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`)`
			`end`
			`end`