Merge branch 'develop' of https://github.com/leapcode/leap_web into feature/expose_admin_in_api

author: NavaL <ayoyo@thoughtworks.com> 2016-07-14 15:44:07 +0200
committer: NavaL <ayoyo@thoughtworks.com> 2016-07-14 15:44:07 +0200
commit: e3c2cb91dfef5c39c608b967e702e9de977d1bd2 (patch)
tree: 154dc28dd986bd6e0a48e933c5da46994ffaa0cb /app/controllers/api/certs_controller.rb
parent: e2f19bcfb6dbce77746c2d61715340525b29a592 (diff)
parent: f09e6ec1337962ab279f021a6a6d0ff30479ebe0 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/app/controllers/api/certs_controller.rb b/app/controllers/api/certs_controller.rb
new file mode 100644
index 0000000..46a84d3
--- /dev/null
+++ b/app/controllers/api/certs_controller.rb
@@ -0,0 +1,31 @@
+class Api::CertsController < ApiController
+
+  before_filter :require_login, :unless => :anonymous_access_allowed?
+  before_filter :require_enabled
+
+  # GET /cert
+  # deprecated - we actually create a new cert and that can
+  # be reflected in the action. GET /cert will eventually go
+  # away and be replaced by POST /cert
+  def show
+    create
+  end
+
+  # POST /cert
+  def create
+    @cert = ClientCertificate.new(:prefix => service_level.cert_prefix)
+    render text: @cert.to_s, content_type: 'text/plain'
+  end
+
+  protected
+
+  def require_enabled
+    if !current_user.is_anonymous? && !current_user.enabled?
+      access_denied
+    end
+  end
+
+  def service_level
+    current_user.effective_service_level
+  end
+end
author	NavaL <ayoyo@thoughtworks.com>	2016-07-14 15:44:07 +0200
committer	NavaL <ayoyo@thoughtworks.com>	2016-07-14 15:44:07 +0200
commit	e3c2cb91dfef5c39c608b967e702e9de977d1bd2 (patch)
tree	154dc28dd986bd6e0a48e933c5da46994ffaa0cb /app/controllers/api/certs_controller.rb
parent	e2f19bcfb6dbce77746c2d61715340525b29a592 (diff)
parent	f09e6ec1337962ab279f021a6a6d0ff30479ebe0 (diff)