Merge branch 'master' of github.com:travis-ci/travis-api

Conflicts: Gemfile.lock
2012-10-19 16:03:47 +02:00 · 2012-10-19 16:03:47 +02:00 · 876564ca12
commit 876564ca12
parent 5321943dfd 720cbef577
3 changed files with 23 additions and 9 deletions
--- a/lib/travis/api/app/endpoint/authorization.rb
+++ b/lib/travis/api/app/endpoint/authorization.rb
@ -223,8 +223,8 @@ class Travis::Api::App

        def target_ok?(target_origin)
          target_origin =~ %r{
-            ^ http://   (localhost|127\.0\.0\.1)(:\d+)? $ |
-            ^ https://  (\w+\.)?travis-ci\.(org|com)    $
+            ^ http://   (localhost|127\.0\.0\.1)(:\d+)?  $ |
+            ^ https://  ([\w-_]+\.)?travis-ci\.(org|com) $
          }x
        end
    end
--- a/lib/travis/api/app/extensions/scoping.rb
+++ b/lib/travis/api/app/extensions/scoping.rb
@ -3,6 +3,16 @@ require 'travis/api/app'
 class Travis::Api::App
  module Extensions
    module Scoping
+      module Helpers
+        def scope
+          env['travis.scope'].to_sym
+        end
+
+        def public?
+          scope == :public
+        end
+      end
+
      def self.registered(app)
        app.set default_scope: :public, anonymous_scopes: [:public]
        app.helpers(Helpers)
@ -16,8 +26,9 @@ class Travis::Api::App
          headers['X-Accepted-OAuth-Scopes'] = name.to_s

          if scopes.include? name
+            env['travis.scope'] = name
            headers['Vary'] = 'Accept'
-            headers['Vary'] << ', Authorization' if name == :public
+            headers['Vary'] << ', Authorization' unless public?
            true
          elsif env['travis.access_token']
            halt 403, "insufficient access"
--- a/lib/travis/api/app/responders/service.rb
+++ b/lib/travis/api/app/responders/service.rb
@ -14,12 +14,11 @@ module Travis::Api::App::Responders
    private

      def cache_control
-        if final?
-          endpoint.expires 31536000, :public # 1 year
-        elsif updated_at?
-          endpoint.cache_control :public, :must_revalidate
-          endpoint.last_modified resource.updated_at
-        end
+        mode = [endpoint.public? ? :public : :private]
+        mode << :must_revalidate unless final?
+        endpoint.expires(31536000, *mode) # 1 year
+        endpoint.etag resource.cache_key           if cache_key?
+        endpoint.last_modified resource.updated_at if updated_at?
      end

      def final?
@ -30,6 +29,10 @@ module Travis::Api::App::Responders
        resource.respond_to?(:updated_at) && resource.updated_at
      end

+      def cache_key?
+        resource.respond_to?(:cache_key) && resource.cache_key
+      end
+
      # Services potentially return all sorts of things
      # If it's a string, true or false we'll wrap it into a hash.
      # If it's an active record or scope we just pass so it can be processed by the json responder.