From 71dcf3f4e5d423b78b47f675297fc98b28ef3442 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 15 May 2014 11:17:47 +0200 Subject: SmtpCertsController, routes and tests --- app/controllers/v1/smtp_certs_controller.rb | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 app/controllers/v1/smtp_certs_controller.rb (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb new file mode 100644 index 0000000..001425d --- /dev/null +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -0,0 +1,21 @@ +class V1::SmtpCertsController < ApplicationController + + before_filter :require_login + before_filter :require_email_account + + # GET /cert + def show + @cert = ClientCertificate.new prefix: current_user.email_address + render text: @cert.to_s, content_type: 'text/plain' + end + + protected + + def require_email_account + access_denied unless service_level.provides? 'email' + end + + def service_level + current_user.effective_service_level + end +end -- cgit v1.2.3 From 17b67aeda81dee2273ce1161ac7292a328c3efaa Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 15 May 2014 16:29:49 +0200 Subject: store cert fingerprint with main user identity --- app/controllers/v1/smtp_certs_controller.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 001425d..258b391 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -6,6 +6,8 @@ class V1::SmtpCertsController < ApplicationController # GET /cert def show @cert = ClientCertificate.new prefix: current_user.email_address + current_user.identity.cert_fingerprints << @cert.fingerprint + current_user.identity.save render text: @cert.to_s, content_type: 'text/plain' end -- cgit v1.2.3 From e8ba98df64cb537e85de8624c0ebb08c4135ccca Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 May 2014 14:50:16 +0200 Subject: minor: fix tests --- app/controllers/v1/smtp_certs_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 258b391..533a19a 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -3,7 +3,7 @@ class V1::SmtpCertsController < ApplicationController before_filter :require_login before_filter :require_email_account - # GET /cert + # GET /1/smtp_cert def show @cert = ClientCertificate.new prefix: current_user.email_address current_user.identity.cert_fingerprints << @cert.fingerprint -- cgit v1.2.3 From 3a84578cf33685800c9216cfb4da12ea1fb0032f Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 May 2014 15:07:02 +0200 Subject: store fingerprints with timestamp Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps --- app/controllers/v1/smtp_certs_controller.rb | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 533a19a..fcc00b8 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -2,22 +2,36 @@ class V1::SmtpCertsController < ApplicationController before_filter :require_login before_filter :require_email_account + before_filter :fetch_identity # GET /1/smtp_cert def show @cert = ClientCertificate.new prefix: current_user.email_address - current_user.identity.cert_fingerprints << @cert.fingerprint - current_user.identity.save + @identity.register_cert(@cert) + @identity.save render text: @cert.to_s, content_type: 'text/plain' end protected + # + # Filters + # + def require_email_account access_denied unless service_level.provides? 'email' end + def fetch_identity + @identity = current_user.identity + end + + # + # Helper methods + # + def service_level current_user.effective_service_level end + end -- cgit v1.2.3 From 00d5adc90ccadc7f4a2a0d54a5a31a1ad02f05be Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 May 2014 09:31:36 +0200 Subject: change from GET to POST for certs We create them. let's reflect that in the verb. --- app/controllers/v1/certs_controller.rb | 8 ++++++++ app/controllers/v1/smtp_certs_controller.rb | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb index 73409ef..b6d1d0b 100644 --- a/app/controllers/v1/certs_controller.rb +++ b/app/controllers/v1/certs_controller.rb @@ -3,7 +3,15 @@ class V1::CertsController < ApplicationController before_filter :require_login, :unless => :anonymous_certs_allowed? # GET /cert + # deprecated - we actually create a new cert and that can + # be reflected in the action. GET /cert will eventually go + # away and be replaced by POST /cert def show + create + end + + # POST /cert + def create @cert = ClientCertificate.new(:prefix => service_level.cert_prefix) render text: @cert.to_s, content_type: 'text/plain' end diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index fcc00b8..377a49c 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -4,8 +4,8 @@ class V1::SmtpCertsController < ApplicationController before_filter :require_email_account before_filter :fetch_identity - # GET /1/smtp_cert - def show + # POST /1/smtp_cert + def create @cert = ClientCertificate.new prefix: current_user.email_address @identity.register_cert(@cert) @identity.save -- cgit v1.2.3