From 123d4a4c15cac38a8ff55886457ab1fc3927d59c Mon Sep 17 00:00:00 2001 From: Thein Lin Kyaw Date: Thu, 13 Feb 2020 14:57:16 +0630 Subject: [PATCH] check subdomain for license --- app/controllers/install_controller.rb | 2 + app/models/license.rb | 14 +++++++ config/initializers/action_controller.rb | 51 ++++++++++++++++++------ 3 files changed, 54 insertions(+), 13 deletions(-) diff --git a/app/controllers/install_controller.rb b/app/controllers/install_controller.rb index fab21e55..04d21b68 100755 --- a/app/controllers/install_controller.rb +++ b/app/controllers/install_controller.rb @@ -43,6 +43,8 @@ class InstallController < BaseController (request.subdomain.present? && request.subdomain != "www" && ENV["SERVER_MODE"] != "cloud") if check_license(request.host) redirect_to root_url + else + not_found unless check_subdomain(request.host) end else not_found diff --git a/app/models/license.rb b/app/models/license.rb index 26d5cc24..a7418254 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -195,6 +195,20 @@ class License end end + def self.check_license_subdomain(lookup) + aes = MyAesCrypt.new + aes_key, aes_iv = aes.export_key(license_key) + + server_mode = ENV["SERVER_MODE"] + unless ENV["SERVER_MODE"] == "cloud" + server_mode = "application" + end + + params = { query: { lookup_type: server_mode, lookup: lookup, iv_key: aes_iv} } + response = self.class.get("/subdomain", params) + response.parsed_response["status"] + end + # Check License File exists def self.check_license_file(lookup) return unless File.exist?("config/license.yml") diff --git a/config/initializers/action_controller.rb b/config/initializers/action_controller.rb index 48184216..74cc67eb 100644 --- a/config/initializers/action_controller.rb +++ b/config/initializers/action_controller.rb @@ -2,10 +2,17 @@ class ActionController::Base before_action :lookup_domain if Rails.env.production? before_action :set_locale + def not_found + respond_to do |format| + format.html { render :file => "#{Rails.root}/public/404", :layout => false, :status => :not_found } + format.json { head :not_found } + end + end + private def lookup_domain - if request.subdomains.last && request.subdomains.last != "www" && ENV["SERVER_MODE"] == "cloud" + if ENV["SERVER_MODE"] == "cloud" && request.subdomains.last && request.subdomains.last != "www" @license = cache_license(ENV["SX_PROVISION_URL"], request.host) # request.subdomain.downcase if (!@license.nil?) logger.info "Location - " + @license.dbschema @@ -15,28 +22,24 @@ class ActionController::Base else # reconnect_default_db logger.info 'License is nil' + not_found # redirect_to root_url(:host => request.domain) + "store_error" - render :json => [{ status: false, message: 'Invalid Access!'}] + # render :json => [{ status: false, message: 'Invalid Access!'}] end - elsif request.subdomains.last && request.subdomains.last != "www" || ENV["SERVER_MODE"] == "application" + elsif ENV["SERVER_MODE"] == "application" || (request.subdomains.last && request.subdomains.last != "www") # check for license file if check_license(request.host) current_license(ENV["SX_PROVISION_URL"], request.host) - else + elsif check_subdomain(request.host) redirect_to activate_path + else + not_found end else not_found end end - def not_found - respond_to do |format| - format.html { render :file => "#{Rails.root}/public/404", :layout => false, :status => :not_found } - format.json { head :not_found } - end - end - def current_license(url, lookup) @license = License.new(url, lookup) flag = @license.detail_with_local_file() @@ -59,6 +62,10 @@ class ActionController::Base end end + def check_subdomain(lookup) + License.check_license_subdomain(lookup) + end + def check_license(lookup) License.check_license_file(lookup) end @@ -99,10 +106,17 @@ end class ActionController::API before_action :lookup_domain if Rails.env.production? + def not_found + respond_to do |format| + format.html { render :file => "#{Rails.root}/public/404", :layout => false, :status => :not_found } + format.json { head :not_found } + end + end + private def lookup_domain - if request.subdomains.last && request.subdomains.last != "www" && ENV["SERVER_CODE"] == "cloud" + if ENV["SERVER_CODE"] == "cloud" && request.subdomains.last && request.subdomains.last != "www" @license = cache_license(ENV["SX_PROVISION_URL"], request.host) # request.subdomain.downcase if (!@license.nil?) logger.info "Location - " + @license.dbschema @@ -112,9 +126,16 @@ class ActionController::API else # reconnect_default_db logger.info 'License is nil' + not_found # redirect_to root_url(:host => request.domain) + "store_error" - render :json => [{ status: false, message: 'Invalid Access!'}] + # render :json => [{ status: false, message: 'Invalid Access!'}] end + elsif ENV["SERVER_MODE"] == "application" || (request.subdomains.last && request.subdomains.last != "www") + unless check_license(request.host) + not_found + end + else + not_found end end @@ -128,6 +149,10 @@ class ActionController::API end end + def check_license(lookup) + License.check_license_file(lookup) + end + def website_connection(license) default_connection.dup.update(:host => license.dbhost, :database => license.dbschema.to_s.downcase, :username => license.dbusername, :password => license.dbpassword)