9 files changed, 111 insertions, 112 deletions

diff --git a/app/controllers/agents/events_controller.rb b/app/controllers/agents/events_controller.rb
index 6827938..f695feb 100644
--- a/app/controllers/agents/events_controller.rb
+++ b/app/controllers/agents/events_controller.rb
@@ -11,9 +11,11 @@ module Agents
     end
 
     def create
-      message = event_params.merge({agent_id: @agent.id})
-      routing_key = "events.#{event_params[:type]}.#{@agent.id}"
-      Publisher.publish(routing_key, message)
+      publish(EventMessage.new(
+        agent_id: @agent.id,
+        event_type: event_params[:type],
+        data: event_params[:data]
+      ))
       redirect_to agent_events_url, notice: 'Event was successfully created.'
     end
 
diff --git a/app/controllers/agents/files_controller.rb b/app/controllers/agents/files_controller.rb
deleted file mode 100644
index 0f493fb..0000000
--- a/app/controllers/agents/files_controller.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-module Agents
-  class FilesController < ApplicationController
-    before_action :load_agent
-    before_action do
-      request.format = :json
-    end
-
-    def index
-    end
-
-    def show
-      @fingerprint = params[:id]
-      @file = Disposition.find_by(fingerprint: params[:id])
-      message = {
-        agent_id: params[:id],
-        type: :lookup,
-        data: params[:data]
-      }
-      Publisher.publish("events.scanned.#{@agent.id}", message)
-    end
-
-    private
-
-    def load_agent
-      @agent = Agent.find(params[:agent_id])
-    end
-  end
-end
diff --git a/app/controllers/agents_controller.rb b/app/controllers/agents_controller.rb
index a76a7ae..dc2717a 100644
--- a/app/controllers/agents_controller.rb
+++ b/app/controllers/agents_controller.rb
@@ -1,74 +1,48 @@
 class AgentsController < ApplicationController
-  before_action :set_agent, only: [:show, :edit, :update, :destroy]
-
-  # GET /agents
-  # GET /agents.json
   def index
-    @agents = Agent.all
+    @agents = Agent.all.order(created_at: :desc)
   end
 
-  # GET /agents/1
-  # GET /agents/1.json
   def show
+    @agent = Agent.find(params[:id])
   end
 
-  # GET /agents/new
   def new
     @agent = Agent.new
   end
 
-  # GET /agents/1/edit
   def edit
+    @agent = Agent.find(params[:id])
   end
 
-  # POST /agents
-  # POST /agents.json
   def create
     @agent = Agent.new(agent_params)
 
-    respond_to do |format|
-      if @agent.save
-        format.html { redirect_to @agent, notice: 'Agent was successfully created.' }
-        format.json { render :show, status: :created, location: @agent }
-      else
-        format.html { render :new }
-        format.json { render json: @agent.errors, status: :unprocessable_entity }
-      end
+    if @agent.save
+      redirect_to @agent, notice: 'Agent was successfully created.'
+    else
+      render :new
     end
   end
 
-  # PATCH/PUT /agents/1
-  # PATCH/PUT /agents/1.json
   def update
-    respond_to do |format|
-      if @agent.update(agent_params)
-        format.html { redirect_to @agent, notice: 'Agent was successfully updated.' }
-        format.json { render :show, status: :ok, location: @agent }
-      else
-        format.html { render :edit }
-        format.json { render json: @agent.errors, status: :unprocessable_entity }
-      end
+    @agent = Agent.find(params[:id])
+    if @agent.update(agent_params)
+      redirect_to @agent, notice: 'Agent was successfully updated.'
+    else
+      render :edit
     end
   end
 
-  # DELETE /agents/1
-  # DELETE /agents/1.json
   def destroy
+    @agent = Agent.find(params[:id])
     @agent.destroy
-    respond_to do |format|
-      format.html { redirect_to agents_url, notice: 'Agent was successfully destroyed.' }
-      format.json { head :no_content }
-    end
+    redirect_to agents_url, notice: 'Agent was successfully destroyed.'
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_agent
-      @agent = Agent.find(params[:id])
-    end
 
-    # Never trust parameters from the scary internet, only allow the white list through.
-    def agent_params
-      params.require(:agent).permit(:hostname)
-    end
+  def agent_params
+    params.require(:agent).permit(:hostname)
+  end
 end
diff --git a/app/controllers/api/agents/events_controller.rb b/app/controllers/api/agents/events_controller.rb
new file mode 100644
index 0000000..56b566f
--- /dev/null
+++ b/app/controllers/api/agents/events_controller.rb
@@ -0,0 +1,22 @@
+module Api
+  module Agents
+    class EventsController < ApiController
+      def create
+        @agent = Agent.find(params[:agent_id])
+        publish(EventMessage.new(
+          agent_id: @agent.id,
+          event_type: event_params[:type],
+          data: event_params[:data]
+        ))
+
+        render nothing: true
+      end
+
+      private
+
+      def event_params
+        params[:event]
+      end
+    end
+  end
+end
diff --git a/app/controllers/api/agents/files_controller.rb b/app/controllers/api/agents/files_controller.rb
new file mode 100644
index 0000000..c13eac9
--- /dev/null
+++ b/app/controllers/api/agents/files_controller.rb
@@ -0,0 +1,20 @@
+module Api
+  module Agents
+    class FilesController < ApiController
+      before_action do
+        request.format = :json
+      end
+
+      def show
+        @agent = Agent.find(params[:agent_id])
+        @fingerprint = params[:id]
+        @file = Disposition.find_by(fingerprint: params[:id])
+        publish(EventMessage.new(
+          agent_id: @agent.id,
+          event_type: :scanned,
+          data: params[:data]
+        ))
+      end
+    end
+  end
+end
diff --git a/app/controllers/api/agents_controller.rb b/app/controllers/api/agents_controller.rb
new file mode 100644
index 0000000..a7307f0
--- /dev/null
+++ b/app/controllers/api/agents_controller.rb
@@ -0,0 +1,11 @@
+module Api
+  class AgentsController < ApiController
+    def create
+      @agent = Agent.create!(agent_params)
+    end
+
+    def agent_params
+      params.require(:agent).permit(:hostname)
+    end
+  end
+end
diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb
new file mode 100644
index 0000000..6954700
--- /dev/null
+++ b/app/controllers/api/api_controller.rb
@@ -0,0 +1,10 @@
+module Api
+  class ApiController < ActionController::Base
+    protect_from_forgery with: :null_session
+    protected
+
+    def publish(message)
+      Publisher.publish(message)
+    end
+  end
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 38aeade..63e2ed4 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,10 +1,15 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
-  #protect_from_forgery with: :exception
-  protect_from_forgery with: :null_session
+  protect_from_forgery with: :exception
   before_action :authorize!
 
+  protected
+
+  def publish(message)
+    Publisher.publish(message)
+  end
+
   private
 
   def authorize!
diff --git a/app/controllers/dispositions_controller.rb b/app/controllers/dispositions_controller.rb
index 116b7bb..dc3112a 100644
--- a/app/controllers/dispositions_controller.rb
+++ b/app/controllers/dispositions_controller.rb
@@ -1,68 +1,51 @@
 class DispositionsController < ApplicationController
   before_action :set_disposition, only: [:show, :edit, :update, :destroy]
 
-  # GET /dispositions
-  # GET /dispositions.json
   def index
-    @dispositions = Disposition.all
+    @dispositions = Disposition.all.order(:fingerprint)
   end
 
-  # GET /dispositions/1
-  # GET /dispositions/1.json
   def show
   end
 
-  # GET /dispositions/new
   def new
     @disposition = Disposition.new
     @states = Disposition.states
   end
 
-  # GET /dispositions/1/edit
   def edit
     @states = Disposition.states
   end
 
-  # POST /dispositions
-  # POST /dispositions.json
   def create
-    fingerprint = disposition_params[:fingerprint]
-    Publisher.publish("commands.poke.#{fingerprint}", disposition_params)
+    publish(PokeMessage.new(
+      fingerprint: disposition_params[:fingerprint],
+      state: disposition_params[:state],
+    ))
 
-    respond_to do |format|
-      format.html { redirect_to dispositions_path, notice: 'Disposition was successfully created.' }
-      format.json { head :no_content }
-    end
+    redirect_to dispositions_path, notice: 'Disposition was successfully created.'
   end
 
-  # PATCH/PUT /dispositions/1
-  # PATCH/PUT /dispositions/1.json
   def update
-    Publisher.publish("poke", disposition_params)
-    respond_to do |format|
-      format.html { redirect_to dispositions_path, notice: 'Disposition was successfully updated.' }
-      format.json { head :no_content }
-    end
+    publish(PokeMessage.new(
+      fingerprint: disposition_params[:fingerprint],
+      state: disposition_params[:state],
+    ))
+    redirect_to dispositions_path, notice: 'Disposition was successfully updated.'
   end
 
-  # DELETE /dispositions/1
-  # DELETE /dispositions/1.json
   def destroy
     @disposition.destroy
-    respond_to do |format|
-      format.html { redirect_to dispositions_url, notice: 'Disposition was successfully destroyed.' }
-      format.json { head :no_content }
-    end
+    redirect_to dispositions_url, notice: 'Disposition was successfully destroyed.'
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_disposition
-      @disposition = Disposition.find_by(fingerprint: params[:id])
-    end
 
-    # Never trust parameters from the scary internet, only allow the white list through.
-    def disposition_params
-      params.require(:disposition).permit(:fingerprint, :state)
-    end
+  def set_disposition
+    @disposition = Disposition.find_by(fingerprint: params[:id])
+  end
+
+  def disposition_params
+    params.require(:disposition).permit(:fingerprint, :state)
+  end
 end