From 4709622546002a573b945f6a402da170e5c83ad0 Mon Sep 17 00:00:00 2001 From: Seth Call Date: Mon, 11 May 2015 16:52:58 -0500 Subject: [PATCH] * VRFS-2680 - adding redirect logic for ssl --- ruby/lib/jam_ruby/jam_tracks_manager.rb | 2 +- ruby/lib/jam_ruby/models/band.rb | 4 ++-- ruby/lib/jam_ruby/models/jam_track_right.rb | 4 ++-- ruby/lib/jam_ruby/models/jam_track_track.rb | 4 ++-- ruby/lib/jam_ruby/models/max_mind_release.rb | 5 +++-- ruby/lib/jam_ruby/models/mix.rb | 6 +++--- ruby/lib/jam_ruby/models/music_notation.rb | 2 +- ruby/lib/jam_ruby/models/quick_mix.rb | 6 +++--- ruby/lib/jam_ruby/models/recorded_backing_track.rb | 2 +- ruby/lib/jam_ruby/models/recorded_track.rb | 2 +- ruby/lib/jam_ruby/models/user.rb | 4 ++-- ruby/lib/jam_ruby/resque/audiomixer.rb | 4 +++- ruby/lib/jam_ruby/resque/quick_mixer.rb | 1 + ruby/spec/jam_ruby/resque/jam_tracks_cleaner_spec.rb | 3 ++- web/app/controllers/application_controller.rb | 2 ++ web/config/application.rb | 3 ++- 16 files changed, 31 insertions(+), 23 deletions(-) diff --git a/ruby/lib/jam_ruby/jam_tracks_manager.rb b/ruby/lib/jam_ruby/jam_tracks_manager.rb index 644f9ccc3..d6ae37b1e 100644 --- a/ruby/lib/jam_ruby/jam_tracks_manager.rb +++ b/ruby/lib/jam_ruby/jam_tracks_manager.rb @@ -103,7 +103,7 @@ module JamRuby def copy_url_to_file(url, filename) uri = URI(url) open(filename, 'w+b') do |io| - Net::HTTP.start(uri.host, uri.port) do |http| + Net::HTTP.start(uri.host, uri.port, use_ssl: url.start_with?('https') ? true : false) do |http| request = Net::HTTP::Get.new uri http.request request do |response| response_code = response.code.to_i diff --git a/ruby/lib/jam_ruby/models/band.rb b/ruby/lib/jam_ruby/models/band.rb index b4232553f..f64bc47d2 100644 --- a/ruby/lib/jam_ruby/models/band.rb +++ b/ruby/lib/jam_ruby/models/band.rb @@ -224,8 +224,8 @@ module JamRuby :cropped_s3_path_photo => cropped_s3_path, :cropped_large_s3_path_photo => cropped_large_s3_path, :crop_selection_photo => crop_selection, - :photo_url => S3Util.url(aws_bucket, escape_filename(cropped_s3_path), :secure => false), - :large_photo_url => S3Util.url(aws_bucket, escape_filename(cropped_large_s3_path), :secure => false)) + :photo_url => S3Util.url(aws_bucket, escape_filename(cropped_s3_path), :secure => true), + :large_photo_url => S3Util.url(aws_bucket, escape_filename(cropped_large_s3_path), :secure => true)) end def delete_photo(aws_bucket) diff --git a/ruby/lib/jam_ruby/models/jam_track_right.rb b/ruby/lib/jam_ruby/models/jam_track_right.rb index 6f1678885..9150786ab 100644 --- a/ruby/lib/jam_ruby/models/jam_track_right.rb +++ b/ruby/lib/jam_ruby/models/jam_track_right.rb @@ -50,7 +50,7 @@ module JamRuby end def self.ready_to_clean - JamTrackRight.where("downloaded_since_sign=? AND updated_at <= ?", true, 5.minutes.ago).limit(1000) + JamTrackRight.where("downloaded_since_sign=? AND updated_at <= ?", true, 5.minutes.ago).limit(1000) end def finish_errored(error_reason, error_detail, sample_rate) @@ -98,7 +98,7 @@ module JamRuby # but the url is short lived enough so that it wouldn't be easily shared def sign_url(expiration_time = 120, bitrate=48) field_name = (bitrate==48) ? "url_48" : "url_44" - s3_manager.sign_url(self[field_name], {:expires => expiration_time, :secure => false}) + s3_manager.sign_url(self[field_name], {:expires => expiration_time, :secure => true}) end def delete_s3_files diff --git a/ruby/lib/jam_ruby/models/jam_track_track.rb b/ruby/lib/jam_ruby/models/jam_track_track.rb index ed4efecbd..e20469076 100644 --- a/ruby/lib/jam_ruby/models/jam_track_track.rb +++ b/ruby/lib/jam_ruby/models/jam_track_track.rb @@ -60,7 +60,7 @@ module JamRuby def preview_public_url(media_type='ogg') url = media_type == 'ogg' ? self[:preview_url] : self[:preview_mp3_url] if url - s3_public_manager.public_url(url,{ :secure => false}) + s3_public_manager.public_url(url,{ :secure => true}) else nil end @@ -87,7 +87,7 @@ module JamRuby # we would verify their rights (can_download?), and generates a URL in response to the click so that they can download # but the url is short lived enough so that it wouldn't be easily shared def sign_url(expiration_time = 120, sample_rate=48) - s3_manager.sign_url(url_by_sample_rate(sample_rate), {:expires => expiration_time, :response_content_type => 'audio/ogg', :secure => false}) + s3_manager.sign_url(url_by_sample_rate(sample_rate), {:expires => expiration_time, :response_content_type => 'audio/ogg', :secure => true}) end def can_download?(user) diff --git a/ruby/lib/jam_ruby/models/max_mind_release.rb b/ruby/lib/jam_ruby/models/max_mind_release.rb index ebc931abc..3639b2e93 100644 --- a/ruby/lib/jam_ruby/models/max_mind_release.rb +++ b/ruby/lib/jam_ruby/models/max_mind_release.rb @@ -131,9 +131,10 @@ module JamRuby end end - uri = URI(sign_url(field)) + url = sign_url(field) + uri = URI(url) open downloaded_filename, 'wb' do |io| - Net::HTTP.start(uri.host, uri.port) do |http| + Net::HTTP.start(uri.host, uri.port, use_ssl: url.start_with?('https') ? true : false) do |http| request = Net::HTTP::Get.new uri http.request request do |response| response_code = response.code.to_i diff --git a/ruby/lib/jam_ruby/models/mix.rb b/ruby/lib/jam_ruby/models/mix.rb index 00d0bfc6b..0c4eb238d 100644 --- a/ruby/lib/jam_ruby/models/mix.rb +++ b/ruby/lib/jam_ruby/models/mix.rb @@ -305,7 +305,7 @@ module JamRuby # if the url starts with http, just return it because it's in some other store. Otherwise it's a relative path in s3 and needs be signed def resolve_url(url_field, mime_type, expiration_time) - self[url_field].start_with?('http') ? self[url_field] : s3_manager.sign_url(self[url_field], {:expires => expiration_time, :response_content_type => mime_type, :secure => false}) + self[url_field].start_with?('http') ? self[url_field] : s3_manager.sign_url(self[url_field], {:expires => expiration_time, :response_content_type => mime_type, :secure => true}) end def sign_url(expiration_time = 120, type='ogg') @@ -321,9 +321,9 @@ module JamRuby def sign_put(expiration_time = 3600 * 24, type='ogg') type ||= 'ogg' if type == 'ogg' - s3_manager.sign_url(self[:ogg_url], {:expires => expiration_time, :content_type => 'audio/ogg', :secure => false}, :put) + s3_manager.sign_url(self[:ogg_url], {:expires => expiration_time, :content_type => 'audio/ogg', :secure => true}, :put) else - s3_manager.sign_url(self[:mp3_url], {:expires => expiration_time, :content_type => 'audio/mpeg', :secure => false}, :put) + s3_manager.sign_url(self[:mp3_url], {:expires => expiration_time, :content_type => 'audio/mpeg', :secure => true}, :put) end end diff --git a/ruby/lib/jam_ruby/models/music_notation.rb b/ruby/lib/jam_ruby/models/music_notation.rb index d7fec23db..fc2af0880 100644 --- a/ruby/lib/jam_ruby/models/music_notation.rb +++ b/ruby/lib/jam_ruby/models/music_notation.rb @@ -39,7 +39,7 @@ module JamRuby end def sign_url(expiration_time = 120) - s3_manager.sign_url(self[:file_url], {:expires => expiration_time, :secure => false}) + s3_manager.sign_url(self[:file_url], {:expires => expiration_time, :secure => true}) end private diff --git a/ruby/lib/jam_ruby/models/quick_mix.rb b/ruby/lib/jam_ruby/models/quick_mix.rb index 18da130c8..1742a490a 100644 --- a/ruby/lib/jam_ruby/models/quick_mix.rb +++ b/ruby/lib/jam_ruby/models/quick_mix.rb @@ -219,7 +219,7 @@ module JamRuby # if the url starts with http, just return it because it's in some other store. Otherwise it's a relative path in s3 and needs be signed def resolve_url(url_field, mime_type, expiration_time) - self[url_field].start_with?('http') ? self[url_field] : s3_manager.sign_url(self[url_field], {:expires => expiration_time, :response_content_type => mime_type, :secure => false}) + self[url_field].start_with?('http') ? self[url_field] : s3_manager.sign_url(self[url_field], {:expires => expiration_time, :response_content_type => mime_type, :secure => true}) end def sign_url(expiration_time = 120, type='ogg') @@ -235,9 +235,9 @@ module JamRuby def sign_put(expiration_time = 3600 * 24, type='ogg') type ||= 'ogg' if type == 'ogg' - s3_manager.sign_url(self[:ogg_url], {:expires => expiration_time, :content_type => 'audio/ogg', :secure => false}, :put) + s3_manager.sign_url(self[:ogg_url], {:expires => expiration_time, :content_type => 'audio/ogg', :secure => true}, :put) else - s3_manager.sign_url(self[:mp3_url], {:expires => expiration_time, :content_type => 'audio/mpeg', :secure => false}, :put) + s3_manager.sign_url(self[:mp3_url], {:expires => expiration_time, :content_type => 'audio/mpeg', :secure => true}, :put) end end diff --git a/ruby/lib/jam_ruby/models/recorded_backing_track.rb b/ruby/lib/jam_ruby/models/recorded_backing_track.rb index 0826d160c..533f6aa5d 100644 --- a/ruby/lib/jam_ruby/models/recorded_backing_track.rb +++ b/ruby/lib/jam_ruby/models/recorded_backing_track.rb @@ -41,7 +41,7 @@ module JamRuby end def sign_url(expiration_time = 120) - s3_manager.sign_url(self[:url], {:expires => expiration_time, :response_content_type => 'audio/ogg', :secure => false}) + s3_manager.sign_url(self[:url], {:expires => expiration_time, :response_content_type => 'audio/ogg', :secure => true}) end def can_download?(some_user) diff --git a/ruby/lib/jam_ruby/models/recorded_track.rb b/ruby/lib/jam_ruby/models/recorded_track.rb index e11a76bf0..62fdfa1e5 100644 --- a/ruby/lib/jam_ruby/models/recorded_track.rb +++ b/ruby/lib/jam_ruby/models/recorded_track.rb @@ -148,7 +148,7 @@ module JamRuby end def sign_url(expiration_time = 120) - s3_manager.sign_url(self[:url], {:expires => expiration_time, :response_content_type => 'audio/ogg', :secure => false}) + s3_manager.sign_url(self[:url], {:expires => expiration_time, :response_content_type => 'audio/ogg', :secure => true}) end def upload_start(length, md5) diff --git a/ruby/lib/jam_ruby/models/user.rb b/ruby/lib/jam_ruby/models/user.rb index f49d0e511..618c5818b 100644 --- a/ruby/lib/jam_ruby/models/user.rb +++ b/ruby/lib/jam_ruby/models/user.rb @@ -1222,8 +1222,8 @@ module JamRuby :cropped_s3_path => cropped_s3_path, :cropped_large_s3_path => cropped_large_s3_path, :crop_selection => crop_selection, - :photo_url => S3Util.url(aws_bucket, escape_filename(cropped_s3_path), :secure => false), - :large_photo_url => S3Util.url(aws_bucket, escape_filename(cropped_large_s3_path), :secure => false) + :photo_url => S3Util.url(aws_bucket, escape_filename(cropped_s3_path), :secure => true), + :large_photo_url => S3Util.url(aws_bucket, escape_filename(cropped_large_s3_path), :secure => true) ) end diff --git a/ruby/lib/jam_ruby/resque/audiomixer.rb b/ruby/lib/jam_ruby/resque/audiomixer.rb index 1690c11be..830726fdd 100644 --- a/ruby/lib/jam_ruby/resque/audiomixer.rb +++ b/ruby/lib/jam_ruby/resque/audiomixer.rb @@ -72,7 +72,7 @@ module JamRuby uri = URI(filename) open download_filename, 'wb' do |io| begin - Net::HTTP.start(uri.host, uri.port) do |http| + Net::HTTP.start(uri.host, uri.port, use_ssl: filename.start_with?('https') ? true : false) do |http| request = Net::HTTP::Get.new uri http.request request do |response| response_code = response.code.to_i @@ -165,6 +165,7 @@ module JamRuby uri = URI.parse(@postback_ogg_url) http = Net::HTTP.new(uri.host, uri.port) + http.use_ssl = @postback_ogg_url.start_with?('https') ? true : false request = Net::HTTP::Put.new(uri.request_uri) response = nil @@ -186,6 +187,7 @@ module JamRuby uri = URI.parse(@postback_mp3_url) http = Net::HTTP.new(uri.host, uri.port) + http.use_ssl = @postback_mp3_url.start_with?('https') ? true : false request = Net::HTTP::Put.new(uri.request_uri) response = nil diff --git a/ruby/lib/jam_ruby/resque/quick_mixer.rb b/ruby/lib/jam_ruby/resque/quick_mixer.rb index 93704173f..4412e0b0c 100644 --- a/ruby/lib/jam_ruby/resque/quick_mixer.rb +++ b/ruby/lib/jam_ruby/resque/quick_mixer.rb @@ -79,6 +79,7 @@ module JamRuby uri = URI.parse(@postback_mp3_url) http = Net::HTTP.new(uri.host, uri.port) + http.use_ssl = @postback_mp3_url.start_with?('https') ? true : false request = Net::HTTP::Put.new(uri.request_uri) response = nil diff --git a/ruby/spec/jam_ruby/resque/jam_tracks_cleaner_spec.rb b/ruby/spec/jam_ruby/resque/jam_tracks_cleaner_spec.rb index e8a244b14..9f683c3e2 100644 --- a/ruby/spec/jam_ruby/resque/jam_tracks_cleaner_spec.rb +++ b/ruby/spec/jam_ruby/resque/jam_tracks_cleaner_spec.rb @@ -22,6 +22,7 @@ describe JamTracksCleaner do end it "should clean" do + pending "re-enable cleaner after manual testing" jam_track_right = JamTrackRight.create(:user=>@user, :jam_track=>@jam_track) jam_track_right.signed_48=true jam_track_right @@ -48,6 +49,6 @@ describe JamTracksCleaner do # But not after running cleaner job: JamRuby::JamTracksCleaner.perform - s3.exists?(url).should be_false + s3.exists?(url).should be_false end end \ No newline at end of file diff --git a/web/app/controllers/application_controller.rb b/web/app/controllers/application_controller.rb index 4a2ae2397..844faf7ea 100644 --- a/web/app/controllers/application_controller.rb +++ b/web/app/controllers/application_controller.rb @@ -5,6 +5,8 @@ class ApplicationController < ActionController::Base include SessionsHelper include ClientHelper + force_ssl port: Rails.application.config.external_port_ssl if Rails.application.config.force_ssl + # inject username/email into bugsnag data before_bugsnag_notify :add_user_info_to_bugsnag diff --git a/web/config/application.rb b/web/config/application.rb index c8a16edd3..81fee8b3e 100644 --- a/web/config/application.rb +++ b/web/config/application.rb @@ -122,13 +122,14 @@ if defined?(Bundler) config.websocket_gateway_trusted_uri = "ws://localhost:#{config.websocket_gateway_port + 1}/websocket" config.websocket_gateway_uri_ssl = "wss://localhost:#{config.websocket_gateway_port_ssl}/websocket" config.websocket_gateway_trusted_uri_ssl = "wss://localhost:#{config.websocket_gateway_port_ssl + 1}/websocket" - + config.force_ssl = ENV['FORCE_SSL'].nil? ? false : ENV['FORCE_SSL'] == 'true' config.websocket_gateway_max_connections_per_user = 20 config.lock_connections = false config.external_hostname = ENV['EXTERNAL_HOSTNAME'] || 'localhost' config.external_port = ENV['EXTERNAL_PORT'] || 3000 config.external_protocol = ENV['EXTERNAL_PROTOCOL'] || 'http://' + config.external_port_ssl = ENV['EXTERNAL_PORT_ssl'] || 3443 config.external_root_url = "#{config.external_protocol}#{config.external_hostname}#{(config.external_port == 80 || config.external_port == 443) ? '' : ':' + config.external_port.to_s}" config.admin_port = ENV['ADMIN_PORT'] || 3333 config.admin_root_url = "#{config.external_protocol}#{config.external_hostname}#{(config.admin_port == 80 || config.admin_port == 443) ? '' : ':' + config.admin_port.to_s}"