summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorazul <azul@leap.se>2014-05-26 10:08:07 +0200
committerazul <azul@leap.se>2014-05-26 10:08:07 +0200
commitdf298887221cffc8cacc8965d73a0d7850118849 (patch)
treee13fc7c05956b10ca051377b89487d97e659528d /app/controllers
parent0f686b1256b4190522bcb101ba06cd2c7406eb36 (diff)
parentf221e5313fe54a2efa127b547916c7c812110449 (diff)
Merge pull request #165 from azul/feature/cert-fingerprints
Feature/cert fingerprints
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/v1/certs_controller.rb8
-rw-r--r--app/controllers/v1/smtp_certs_controller.rb37
2 files changed, 45 insertions, 0 deletions
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 73409ef..b6d1d0b 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -3,7 +3,15 @@ class V1::CertsController < ApplicationController
before_filter :require_login, :unless => :anonymous_certs_allowed?
# GET /cert
+ # deprecated - we actually create a new cert and that can
+ # be reflected in the action. GET /cert will eventually go
+ # away and be replaced by POST /cert
def show
+ create
+ end
+
+ # POST /cert
+ def create
@cert = ClientCertificate.new(:prefix => service_level.cert_prefix)
render text: @cert.to_s, content_type: 'text/plain'
end
diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb
new file mode 100644
index 0000000..377a49c
--- /dev/null
+++ b/app/controllers/v1/smtp_certs_controller.rb
@@ -0,0 +1,37 @@
+class V1::SmtpCertsController < ApplicationController
+
+ before_filter :require_login
+ before_filter :require_email_account
+ before_filter :fetch_identity
+
+ # POST /1/smtp_cert
+ def create
+ @cert = ClientCertificate.new prefix: current_user.email_address
+ @identity.register_cert(@cert)
+ @identity.save
+ render text: @cert.to_s, content_type: 'text/plain'
+ end
+
+ protected
+
+ #
+ # Filters
+ #
+
+ def require_email_account
+ access_denied unless service_level.provides? 'email'
+ end
+
+ def fetch_identity
+ @identity = current_user.identity
+ end
+
+ #
+ # Helper methods
+ #
+
+ def service_level
+ current_user.effective_service_level
+ end
+
+end