Added endpoints for creating and downloading api user certificates

2025-07-30 22:46:22 +02:00 · 2023-06-28 15:48:40 +03:00 · 2023-06-28 15:48:40 +03:00 · 47b6a1b87a
commit 47b6a1b87a
parent b558c80e83
18 changed files with 377 additions and 102 deletions
--- a/app/controllers/repp/v1/api_users_controller.rb
+++ b/app/controllers/repp/v1/api_users_controller.rb
@ -2,6 +2,7 @@ require 'serializers/repp/api_user'
 module Repp
  module V1
    class ApiUsersController < BaseController
+      before_action :find_api_user, only: %i[show update destroy]
      load_and_authorize_resource

      THROTTLED_ACTIONS = %i[index show create update destroy].freeze
@ -60,6 +61,10 @@ module Repp

      private

+      def find_api_user
+        @api_user = current_user.registrar.api_users.find(params[:id])
+      end
+
      def api_user_params
        params.require(:api_user).permit(:username, :plain_text_password, :active,
                                         :identity_code, { roles: [] })
--- a/app/controllers/repp/v1/certificates_controller.rb
+++ b/app/controllers/repp/v1/certificates_controller.rb
@ -1,29 +1,52 @@
+require 'serializers/repp/certificate'
 module Repp
  module V1
    class CertificatesController < BaseController
-      THROTTLED_ACTIONS = %i[create].freeze
+      before_action :find_certificate, only: %i[show download]
+      load_and_authorize_resource param_method: :cert_params
+
+      THROTTLED_ACTIONS = %i[show create download].freeze
      include Shunter::Integration::Throttle

+      api :GET, '/repp/v1/api_users/:api_user_id/certificates/:id'
+      desc "Get a specific api user's specific certificate data"
+      def show
+        serializer = Serializers::Repp::Certificate.new(@certificate)
+        render_success(data: { cert: serializer.to_json })
+      end
+
      api :POST, '/repp/v1/certificates'
      desc 'Submit a new api user certificate signing request'
      def create
-        authorize! :create, Certificate
        @api_user = current_user.registrar.api_users.find(cert_params[:api_user_id])

        csr = decode_cert_params(cert_params[:csr])

        @certificate = @api_user.certificates.build(csr: csr)
-        unless @certificate.save
-          handle_non_epp_errors(@certificate)
-          return
-        end

-        notify_admins
-        render_success(data: { api_user: { id: @api_user.id } })
+        if @certificate.save
+          notify_admins
+          render_success(data: { api_user: { id: @api_user.id } })
+        else
+          handle_non_epp_errors(@certificate)
+        end
+      end
+
+      api :get, '/repp/v1/api_users/:api_user_id/certificates/:id/download'
+      desc "Download a specific api user's specific certificate"
+      param :type, String, required: true, desc: 'Type of certificate (csr or crt)'
+      def download
+        filename = "#{@api_user.username}_#{Time.zone.today.strftime('%y%m%d')}_portal.#{params[:type]}.pem"
+        send_data @certificate[params[:type].to_s], filename: filename
      end

      private

+      def find_certificate
+        @api_user = current_user.registrar.api_users.find(params[:api_user_id])
+        @certificate = @api_user.certificates.find(params[:id])
+      end
+
      def cert_params
        params.require(:certificate).permit(:api_user_id, csr: %i[body type])
      end
@ -40,9 +63,9 @@ module Repp
        return if admin_users_emails.empty?

        admin_users_emails.each do |email|
-          CertificateMailer.new_certificate_signing_request(email: email,
-                                                            api_user: @api_user,
-                                                            csr: @certificate)
+          CertificateMailer.certificate_signing_requested(email: email,
+                                                          api_user: @api_user,
+                                                          csr: @certificate)
                           .deliver_now
        end
      end
--- a/app/controllers/repp/v1/invoices_controller.rb
+++ b/app/controllers/repp/v1/invoices_controller.rb
@ -2,6 +2,7 @@ require 'serializers/repp/invoice'
 module Repp
  module V1
    class InvoicesController < BaseController # rubocop:disable Metrics/ClassLength
+      before_action :find_invoice, only: %i[show download send_to_recipient cancel]
      load_and_authorize_resource

      THROTTLED_ACTIONS = %i[download add_credit send_to_recipient cancel index show].freeze
@ -35,8 +36,6 @@ module Repp
      desc 'Download a specific invoice as pdf file'
      def download
        filename = "Invoice-#{@invoice.number}.pdf"
-        @response = { code: 1000, message: 'Command completed successfully',
-                      data: filename }
        send_data @invoice.as_pdf, filename: filename
      end

@ -91,6 +90,10 @@ module Repp

      private

+      def find_invoice
+        @invoice = current_user.registrar.invoices.find(params[:id])
+      end
+
      def index_params
        params.permit(:id, :limit, :offset, :details, :q, :simple,
                      :page, :per_page,
--- a/app/controllers/repp/v1/white_ips_controller.rb
+++ b/app/controllers/repp/v1/white_ips_controller.rb
@ -1,6 +1,7 @@
 module Repp
  module V1
    class WhiteIpsController < BaseController
+      before_action :find_white_ip, only: %i[show update destroy]
      load_and_authorize_resource

      THROTTLED_ACTIONS = %i[index show create update destroy].freeze
@ -57,6 +58,10 @@ module Repp

      private

+      def find_white_ip
+        @white_ip = current_user.registrar.white_ips.find(params[:id])
+      end
+
      def white_ip_params
        params.require(:white_ip).permit(:ipv4, :ipv6, interfaces: [])
      end