From 843a4ad3c62ca13c313ceaa26a97c44197d2bd75 Mon Sep 17 00:00:00 2001 From: Mathieu Pillard Date: Fri, 28 Feb 2014 14:43:26 +0100 Subject: [PATCH] Make search / featured / categories endpoint calls anonymously (bug 975413) --- hearth/media/js/cat-dropdown.js | 2 +- hearth/media/js/helpers.js | 1 + hearth/media/js/marketplace.js | 2 +- hearth/media/js/rewriters.js | 6 +++--- hearth/media/js/urls.js | 30 ++++++++++++++++++++++++------ hearth/media/js/views/category.js | 2 +- hearth/media/js/views/featured.js | 2 +- hearth/media/js/views/homepage.js | 2 +- hearth/templates/search/main.html | 2 +- hearth/tests/urls.js | 20 +++++++++++++++++--- 10 files changed, 51 insertions(+), 18 deletions(-) diff --git a/hearth/media/js/cat-dropdown.js b/hearth/media/js/cat-dropdown.js index ca83dd36ca..588d5fe847 100644 --- a/hearth/media/js/cat-dropdown.js +++ b/hearth/media/js/cat-dropdown.js @@ -23,7 +23,7 @@ define('cat-dropdown', // Do the request out here so it happens immediately when the app loads. var categoryReq = consumer_info.promise.then(function() { - return requests.get(urls.api.url('categories')); + return requests.get(urls.api.unsigned.url('categories')); }); // Store the categories in models. categoryReq.done(function(data) { diff --git a/hearth/media/js/helpers.js b/hearth/media/js/helpers.js index b15be298bc..c35133079e 100644 --- a/hearth/media/js/helpers.js +++ b/hearth/media/js/helpers.js @@ -118,6 +118,7 @@ define('helpers', var helpers = { api: require('urls').api.url, apiParams: require('urls').api.params, + anonApiParams: require('urls').api.unsigned.params, url: require('urls').reverse, media: require('urls').media, diff --git a/hearth/media/js/marketplace.js b/hearth/media/js/marketplace.js index f58eb699b9..338e399c4a 100644 --- a/hearth/media/js/marketplace.js +++ b/hearth/media/js/marketplace.js @@ -160,7 +160,7 @@ function(_) { }).trigger('reload_chrome'); z.page.on('before_login before_logout', function() { - var cat_url = require('urls').api.url('categories'); + var cat_url = require('urls').api.unsigned.url('categories'); require('cache').purge(function(key) {return key != cat_url;}); }); diff --git a/hearth/media/js/rewriters.js b/hearth/media/js/rewriters.js index 48cc7fbe40..06fb0b09ce 100644 --- a/hearth/media/js/rewriters.js +++ b/hearth/media/js/rewriters.js @@ -42,12 +42,12 @@ define('rewriters', return [ // Search pagination rewriter - pagination(urls.api.unsigned.url('search')), + pagination(urls.api.base.url('search')), // Category pagination rewriter - pagination(urls.api.unsigned.url('category')), + pagination(urls.api.base.url('category')), // My Apps pagination rewriter - pagination(urls.api.unsigned.url('installed')) + pagination(urls.api.base.url('installed')) ]; }); diff --git a/hearth/media/js/urls.js b/hearth/media/js/urls.js index 4f368662de..d637f08b99 100644 --- a/hearth/media/js/urls.js +++ b/hearth/media/js/urls.js @@ -43,16 +43,29 @@ define('urls', if (user.logged_in()) { args._user = user.get_token(); } - var blacklist = settings.api_param_blacklist || []; - for (var key in args) { - if (!args[key] || blacklist.indexOf(key) !== -1) { - delete args[key]; - } - } + _removeBlacklistedParams(args); + return require('utils').urlparams(out, args); + }; + } + + function _anonymousArgs(func) { + return function() { + var out = func.apply(this, arguments); + var args = api_args(); + _removeBlacklistedParams(args); return require('utils').urlparams(out, args); }; } + function _removeBlacklistedParams(args) { + var blacklist = settings.api_param_blacklist || []; + for (var key in args) { + if (!args[key] || blacklist.indexOf(key) !== -1) { + delete args[key]; + } + } + } + function api(endpoint, args, params) { if (!(endpoint in api_endpoints)) { console.error('Invalid API endpoint: ' + endpoint); @@ -86,7 +99,12 @@ define('urls', url: _userArgs(api), params: _userArgs(apiParams), sign: _userArgs(function(url) {return url;}), + unsign: _anonymousArgs(function(url) {return url;}), unsigned: { + url: _anonymousArgs(api), + params: _anonymousArgs(apiParams) + }, + base: { url: api, params: apiParams } diff --git a/hearth/media/js/views/category.js b/hearth/media/js/views/category.js index b32bd361f0..4ac80f4a64 100644 --- a/hearth/media/js/views/category.js +++ b/hearth/media/js/views/category.js @@ -26,7 +26,7 @@ define('views/category', builder.start('category/main.html', { category: category, - endpoint: urls.api.url('category', [category], params), + endpoint: urls.api.unsigned.url('category', [category], params), sort: params.sort, app_cast: app_models.cast }).done(function() { diff --git a/hearth/media/js/views/featured.js b/hearth/media/js/views/featured.js index 07ce4b7519..fbc8a59366 100644 --- a/hearth/media/js/views/featured.js +++ b/hearth/media/js/views/featured.js @@ -16,7 +16,7 @@ define('views/featured', ['urls', 'z'], function(urls, z) { builder.start('featured.html', { category: category, - endpoint: urls.api.url('category', [category]) + endpoint: urls.api.unsigned.url('category', [category]) }); }; diff --git a/hearth/media/js/views/homepage.js b/hearth/media/js/views/homepage.js index ba0e312a4a..d0baa8c7d9 100644 --- a/hearth/media/js/views/homepage.js +++ b/hearth/media/js/views/homepage.js @@ -28,7 +28,7 @@ define('views/homepage', } builder.start('category/main.html', { - endpoint: urls.api.url('category', [''], params), + endpoint: urls.api.unsigned.url('category', [''], params), sort: params.sort, app_cast: app_models.cast }).done(function() { diff --git a/hearth/templates/search/main.html b/hearth/templates/search/main.html index 6d0e76864b..5a3c7cca55 100644 --- a/hearth/templates/search/main.html +++ b/hearth/templates/search/main.html @@ -2,7 +2,7 @@ {% include '_macros/more_button.html' %}
- {% set api_url = apiParams('search', params) %} + {% set api_url = anonApiParams('search', params) %} {% if params.region %} {# If the user entered PotatoSearchâ„¢ `:region=` then update `region`. #} {% set api_url = api_url|urlparams(region=params.region) %} diff --git a/hearth/tests/urls.js b/hearth/tests/urls.js index 077ab61b8a..1c9f0a57dc 100644 --- a/hearth/tests/urls.js +++ b/hearth/tests/urls.js @@ -94,11 +94,25 @@ test('api url signage', function(done, fail) { { capabilities: {firefoxOS: true, widescreen: function() { return false; }, touch: 'foo'}, routes_api: {'homepage': '/foo/homepage'}, - settings: {api_url: 'api:'} + settings: {api_url: 'api:'}, + user: { + logged_in: function() { return true; }, + get_setting: function(x) {}, + get_token: function() { return 'mytoken';} + } }, function(urls) { - var homepage_url = urls.api.unsigned.url('homepage'); + var homepage_url, homepage_base_url = urls.api.base.url('homepage'); + + homepage_url = homepage_base_url; eq_(homepage_url, 'api:/foo/homepage'); - eq_(urls.api.sign(homepage_url), urls.api.url('homepage')); + + homepage_url = urls.api.url('homepage'); + eq_(homepage_url, urls.api.sign(homepage_base_url)); + contains(homepage_url, '_user=mytoken'); + + homepage_url = urls.api.unsigned.url('homepage'); + eq_(homepage_url, urls.api.unsign(homepage_base_url)); + disincludes(homepage_url, '_user=mytoken'); done(); }, fail