-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathapp.rb
105 lines (89 loc) · 2.6 KB
/
app.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
require './config/environment'
require 'sinatra/base'
require 'uri'
class App < Sinatra::Base
def self.setupApiKeys
configure do
if File.exist?("./config/config.yml")
ENV['google_maps_api_key'] = YAML.load_file("config/config.yml")[settings.environment.to_s]["google_maps_api_key"]
end
set :google_maps_api_key, ENV['google_maps_api_key']
MessageHelper.setupConfig
end
end
setupApiKeys
get '/' do
erb :'index'
end
get '/error' do
@error = error_msg(params[:msg])
erb :'index'
end
get '/success' do
@success = success_msg(params[:msg])
erb :'index'
end
get '/:map_name' do
@location = Location.find_by(map_name: params[:map_name])
if @location
erb :'show'
else
redirect to('/error?msg=map_not_found')
end
end
post '/' do
location = Location.new(location_params(params[:location]))
if location.save
msg = "map_saved"
if params[:addresses] && params[:addresses].length > 0
message_notice = MessageHelper.send_messages(params[:addresses], location.map_name)
if message_notice.include?("error")
location.destroy
redirect to("/error?msg=#{message_notice}")
else
msg << "_messages_sent"
end
end
redirect to("/success?msg=#{msg}")
else
if location.errors[:map_name]
redirect to('/error?msg=map_name_in_use')
else
redirect to('/error')
end
end
end
private
def location_params(location)
whitelisted = {}
# Protect against HTML injection by encoding map_name
whitelisted[:map_name] = URI.encode(normalize_map_name(location[:map_name]))
# to_f would reject any HTML in the string already, so this is enough
whitelisted[:latitude] = location[:latitude].to_f
whitelisted[:longitude] = location[:longitude].to_f
whitelisted
end
def normalize_map_name(map_name)
map_name.gsub(/[.,\/#!$%\^&*;:{}=`~()]/, "").gsub(/\s+/, "-")
end
def error_msg(msg)
case msg
when "map_not_found"
"Could not find map with that name."
when "map_name_in_use"
"There is already a map with that name. Please choose another name."
when "twilio_error"
"Twilio Error. Please verify the phone numbers are correct."
else
"There was an error with your request."
end
end
def success_msg(msg)
case msg
when "map_saved"
"Map saved successfully."
when "map_saved_messages_sent"
"Map saved and message(s) sent successfully."
end
end
end