diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/api/keys_controller.rb | 12 | ||||
-rw-r--r-- | app/models/identity.rb | 5 | ||||
-rw-r--r-- | app/models/keyring.rb | 23 |
3 files changed, 37 insertions, 3 deletions
diff --git a/app/controllers/api/keys_controller.rb b/app/controllers/api/keys_controller.rb index d4cb759..7eb76ee 100644 --- a/app/controllers/api/keys_controller.rb +++ b/app/controllers/api/keys_controller.rb @@ -25,10 +25,22 @@ class Api::KeysController < ApiController def update keyring.update type, rev: rev, value: value head :no_content + rescue Keyring::NotFound => e + render status: 404, json: {error: e.message} rescue Keyring::Error, ActionController::ParameterMissing => e render status: 422, json: {error: e.message} end + def destroy + keyring.delete type, rev: rev + head :no_content + rescue Keyring::NotFound => e + render status: 404, json: {error: e.message} + rescue Keyring::Error, ActionController::ParameterMissing => e + render status: 422, json: {error: e.message} + end + + protected def require_enabled diff --git a/app/models/identity.rb b/app/models/identity.rb index 92f8f7a..b8c2245 100644 --- a/app/models/identity.rb +++ b/app/models/identity.rb @@ -136,6 +136,11 @@ class Identity < CouchRest::Model::Base write_attribute('keys', keys.merge(type => key.to_s)) end + def delete_key(type) + raise 'key not found' unless keys[type] + write_attribute('keys', keys.except(type)) + end + def cert_fingerprints read_attribute('cert_fingerprints') || Hash.new end diff --git a/app/models/keyring.rb b/app/models/keyring.rb index 6779d5d..66f7bfd 100644 --- a/app/models/keyring.rb +++ b/app/models/keyring.rb @@ -8,6 +8,12 @@ class Keyring class Error < RuntimeError end + class NotFound < Error + def initialize(type) + super "no such key: #{type}" + end + end + def initialize(storage) @storage = storage end @@ -19,19 +25,30 @@ class Keyring end def update(type, rev:, value:) - old_rev = key_of_type(type)['rev'] - raise Error, "wrong revision: #{rev}" unless old_rev == rev + check_rev type, rev storage.set_key type, {type: type, value: value, rev: new_rev}.to_json storage.save end + def delete(type, rev:) + check_rev type, rev + storage.delete_key type + storage.save + end + def key_of_type(type) - JSON.parse(storage.keys[type]) + JSON.parse(storage.keys[type]) if storage.keys[type] end protected attr_reader :storage + def check_rev(type, rev) + old = key_of_type(type) + raise NotFound, type unless old + raise Error, "wrong revision: #{rev}" unless old['rev'] == rev + end + def new_rev SecureRandom.urlsafe_base64(8) end |