summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-05-26 09:31:36 +0200
committerAzul <azul@leap.se>2014-05-26 09:31:36 +0200
commit00d5adc90ccadc7f4a2a0d54a5a31a1ad02f05be (patch)
tree2e9655ed7597c3a9d7c520d04f5991d62e7b345b
parent3a84578cf33685800c9216cfb4da12ea1fb0032f (diff)
change from GET to POST for certs
We create them. let's reflect that in the verb.
-rw-r--r--app/controllers/v1/certs_controller.rb8
-rw-r--r--app/controllers/v1/smtp_certs_controller.rb4
-rw-r--r--config/routes.rb4
-rw-r--r--test/functional/v1/certs_controller_test.rb20
-rw-r--r--test/functional/v1/smtp_certs_controller_test.rb6
-rw-r--r--test/integration/api/smtp_cert_test.rb10
6 files changed, 34 insertions, 18 deletions
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 73409ef..b6d1d0b 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -3,7 +3,15 @@ class V1::CertsController < ApplicationController
before_filter :require_login, :unless => :anonymous_certs_allowed?
# GET /cert
+ # deprecated - we actually create a new cert and that can
+ # be reflected in the action. GET /cert will eventually go
+ # away and be replaced by POST /cert
def show
+ create
+ end
+
+ # POST /cert
+ def create
@cert = ClientCertificate.new(:prefix => service_level.cert_prefix)
render text: @cert.to_s, content_type: 'text/plain'
end
diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb
index fcc00b8..377a49c 100644
--- a/app/controllers/v1/smtp_certs_controller.rb
+++ b/app/controllers/v1/smtp_certs_controller.rb
@@ -4,8 +4,8 @@ class V1::SmtpCertsController < ApplicationController
before_filter :require_email_account
before_filter :fetch_identity
- # GET /1/smtp_cert
- def show
+ # POST /1/smtp_cert
+ def create
@cert = ClientCertificate.new prefix: current_user.email_address
@identity.register_cert(@cert)
@identity.save
diff --git a/config/routes.rb b/config/routes.rb
index ff2d2cc..2853fbd 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -25,8 +25,8 @@ LeapWeb::Application.routes.draw do
delete "logout" => "sessions#destroy", :as => "logout"
resources :users, :only => [:create, :update, :destroy, :index]
resources :messages, :only => [:index, :update]
- resource :cert, :only => [:show]
- resource :smtp_cert, :only => [:show]
+ resource :cert, :only => [:show, :create]
+ resource :smtp_cert, :only => [:create]
resource :service, :only => [:show]
end
diff --git a/test/functional/v1/certs_controller_test.rb b/test/functional/v1/certs_controller_test.rb
index fb8e9c4..ec34b01 100644
--- a/test/functional/v1/certs_controller_test.rb
+++ b/test/functional/v1/certs_controller_test.rb
@@ -2,26 +2,34 @@ require 'test_helper'
class V1::CertsControllerTest < ActionController::TestCase
- test "send unlimited cert without login" do
+ test "create unlimited cert without login" do
with_config allow_anonymous_certs: true do
cert = expect_cert('UNLIMITED')
- get :show
+ post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
end
- test "send limited cert" do
+ test "create limited cert" do
with_config allow_limited_certs: true do
login
cert = expect_cert('LIMITED')
- get :show
+ post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
end
- test "send unlimited cert" do
+ test "create unlimited cert" do
+ login effective_service_level: ServiceLevel.new(id: 2)
+ cert = expect_cert('UNLIMITED')
+ post :create
+ assert_response :success
+ assert_equal cert.to_s, @response.body
+ end
+
+ test "GET still works as an alias" do
login effective_service_level: ServiceLevel.new(id: 2)
cert = expect_cert('UNLIMITED')
get :show
@@ -30,7 +38,7 @@ class V1::CertsControllerTest < ActionController::TestCase
end
test "redirect if no eip service offered" do
- get :show
+ post :create
assert_response :redirect
end
diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb
index 169f414..ae1a214 100644
--- a/test/functional/v1/smtp_certs_controller_test.rb
+++ b/test/functional/v1/smtp_certs_controller_test.rb
@@ -4,14 +4,14 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase
test "no smtp cert without login" do
with_config allow_anonymous_certs: true do
- get :show, format: 'json'
+ post :create
assert_access_denied
end
end
test "require service level with email" do
login
- get :show
+ post :create
assert_access_denied
end
@@ -19,7 +19,7 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase
login effective_service_level: ServiceLevel.new(id: 2)
cert = expect_cert(@current_user.email_address)
cert.expects(:fingerprint).returns('fingerprint')
- get :show
+ post :create
assert_response :success
assert_equal cert.to_s, @response.body
end
diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb
index 992249b..04e6f31 100644
--- a/test/integration/api/smtp_cert_test.rb
+++ b/test/integration/api/smtp_cert_test.rb
@@ -6,7 +6,7 @@ class SmtpCertTest < ApiIntegrationTest
test "retrieve smtp cert" do
@user = FactoryGirl.create :user, effective_service_level_code: 2
login
- get '/1/smtp_cert', {}, RACK_ENV
+ post '/1/smtp_cert', {}, RACK_ENV
assert_text_response
assert_response_includes "BEGIN RSA PRIVATE KEY"
assert_response_includes "END RSA PRIVATE KEY"
@@ -17,7 +17,7 @@ class SmtpCertTest < ApiIntegrationTest
test "cert and key" do
@user = FactoryGirl.create :user, effective_service_level_code: 2
login
- get '/1/smtp_cert', {}, RACK_ENV
+ post '/1/smtp_cert', {}, RACK_ENV
assert_text_response
cert = OpenSSL::X509::Certificate.new(get_response.body)
key = OpenSSL::PKey::RSA.new(get_response.body)
@@ -29,7 +29,7 @@ class SmtpCertTest < ApiIntegrationTest
test "fingerprint is stored with identity" do
@user = FactoryGirl.create :user, effective_service_level_code: 2
login
- get '/1/smtp_cert', {}, RACK_ENV
+ post '/1/smtp_cert', {}, RACK_ENV
assert_text_response
cert = OpenSSL::X509::Certificate.new(get_response.body)
fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':')
@@ -39,13 +39,13 @@ class SmtpCertTest < ApiIntegrationTest
test "fetching smtp certs requires email account" do
login
- get '/1/smtp_cert', {}, RACK_ENV
+ post '/1/smtp_cert', {}, RACK_ENV
assert_json_response error: I18n.t(:not_authorized)
end
test "no anonymous smtp certs" do
with_config allow_anonymous_certs: true do
- get '/1/smtp_cert', {}, RACK_ENV
+ post '/1/smtp_cert', {}, RACK_ENV
assert_json_response error: I18n.t(:not_authorized)
end
end