diff --git a/app/controllers/repp/v1/registrar/accreditation_info_controller.rb b/app/controllers/repp/v1/registrar/accreditation_info_controller.rb index 3851ded65..cd86ce9ed 100644 --- a/app/controllers/repp/v1/registrar/accreditation_info_controller.rb +++ b/app/controllers/repp/v1/registrar/accreditation_info_controller.rb @@ -6,22 +6,32 @@ module Repp desc 'check login user and return data' def index - @login = current_user + login = current_user registrar = current_user.registrar - # name = registrar.name - # reg_no = registrar.reg_no - # rubocop:disable Style/AndOr - render_success(data: nil) and return unless @login + render_success(data: nil) and return unless login # rubocop:enable Style/AndOr - data = @login.as_json(only: %i[id username name reg_no uuid roles accreditation_date accreditation_expire_date]) - data[:registrar_name] = registrar.name - data[:registrar_reg_no] = registrar.reg_no + data = set_values_to_data(login: login, registrar: registrar) render_success(data: data) end + + private + + def set_values_to_data(login:, registrar:) + data = login.as_json(only: %i[id + username + name + uuid + roles + accreditation_date + accreditation_expire_date]) + data[:registrar_name] = registrar.name + data[:registrar_reg_no] = registrar.reg_no + data + end end end end diff --git a/app/controllers/repp/v1/registrar/accreditation_results_controller.rb b/app/controllers/repp/v1/registrar/accreditation_results_controller.rb index a959159c8..b0ed06c4c 100644 --- a/app/controllers/repp/v1/registrar/accreditation_results_controller.rb +++ b/app/controllers/repp/v1/registrar/accreditation_results_controller.rb @@ -2,65 +2,51 @@ module Repp module V1 module Registrar class AccreditationResultsController < ActionController::API - before_action :authenticate_admin + before_action :authenticate_shared_key - # api :POST, 'repp/v1/registrar/push_results' - api :GET, 'repp/v1/registrar/accreditation/push_results' + TEMPARY_SECRET_KEY = 'tempary-secret-key'.freeze + + api :POST, 'repp/v1/registrar/accreditation/push_results' desc 'added datetime results' - def index - @login = @current_user + def create + username = params[:accreditation_result][:username] + result = params[:accreditation_result][:result] - # rubocop:disable Style/AndOr - render_success(data: nil) and return unless @login - # rubocop:enable Style/AndOr - - data = @login - render_success(data: data) + record_accreditation_result(username, result) if result + rescue ActiveRecord::RecordNotFound + record_not_found(username) end - # def create - # @login = current_user - # registrar = current_user.registrar - - # rubocop:disable Style/AndOr - # render_success(data: nil) and return unless @login - # rubocop:enable Style/AndOr - - # user = ApiUser.find(params[:user_id]) - # user.accreditation_date = Date.now - # user.save - - - - # data = @login.as_json(only: %i[id username name reg_no uuid roles accreditation_date accreditation_expire_date]) - # data[:registrar_name] = registrar.name - # data[:registrar_reg_no] = registrar.reg_no - - # render_success(data: data) - # end - private - def authenticate_admin - # TODO: ADD MORE CONDITIONS FOR ACCR ADMIN REQUESTS - username, password = Base64.urlsafe_decode64(basic_token).split(':') - @current_user ||= User.find_by(username: username, plain_text_password: password) + def record_accreditation_result(username, result) + user = ApiUser.find_by(username: username) - return if @current_user - # return if @current_user.roles.include? "admin" + raise ActiveRecord::RecordNotFound if user.nil? - raise(ArgumentError) - rescue NoMethodError, ArgumentError - @response = { code: 2202, message: 'Invalid authorization information' } - render(json: @response, status: :unauthorized) + user.accreditation_date = DateTime.current + + return unless user.save + + render_success(data: { user: user, + result: result, + message: 'Accreditation info successfully added' }) end - def basic_token - pattern = /^Basic / - header = request.headers['Authorization'] - header = header.gsub(pattern, '') if header&.match(pattern) - header.strip + def authenticate_shared_key + api_key = "Basic #{TEMPARY_SECRET_KEY}" + render_failed unless api_key == request.authorization + end + + def record_not_found(username) + @response = { code: 2303, message: "Object '#{username}' does not exist" } + render(json: @response) + end + + def render_failed + @response = { code: 2202, message: 'Invalid authorization information' } + render(json: @response, status: :unauthorized) end def render_success(code: nil, message: nil, data: nil) diff --git a/config/routes.rb b/config/routes.rb index a1e3d58e8..e69e5affe 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -75,7 +75,7 @@ Rails.application.routes.draw do resource :accreditation, only: [:index] do collection do get '/get_info', to: 'accreditation_info#index' - get '/push_results', to: 'accreditation_results#index' + post '/push_results', to: 'accreditation_results#create' end end resources :nameservers do diff --git a/test/integration/repp/v1/registrar/accreditaion_info_test.rb b/test/integration/repp/v1/registrar/accreditaion_info_test.rb index 237fa319a..4efba5d38 100644 --- a/test/integration/repp/v1/registrar/accreditaion_info_test.rb +++ b/test/integration/repp/v1/registrar/accreditaion_info_test.rb @@ -15,7 +15,9 @@ class ReppV1AccreditationInfoTest < ActionDispatch::IntegrationTest assert_response :ok assert_equal json[:data][:username], @user.username - assert_equal json[:data][:identity_code], @user.identity_code + assert json[:data][:roles].include? 'super' + assert_equal json[:data][:registrar_name], 'Best Names' + assert_equal json[:data][:registrar_reg_no], '1234' end def test_invalid_login diff --git a/test/integration/repp/v1/registrar/accreditation_results_test.rb b/test/integration/repp/v1/registrar/accreditation_results_test.rb new file mode 100644 index 000000000..8d2338ecf --- /dev/null +++ b/test/integration/repp/v1/registrar/accreditation_results_test.rb @@ -0,0 +1,49 @@ +require 'test_helper' + +class ReppV1AccreditationResultsTest < ActionDispatch::IntegrationTest + TEMPARY_SECRET_KEY = 'tempary-secret-key'.freeze + + def setup + @user = users(:api_bestnames) + + token = "Basic #{TEMPARY_SECRET_KEY}" + + @auth_headers = { 'Authorization' => token } + end + + def test_should_return_valid_response + post '/repp/v1/registrar/accreditation/push_results', + headers: @auth_headers, + params: {accreditation_result: {username: @user.username, result: true} } + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal json[:data][:user][:username], @user.username + assert_equal json[:data][:result], "true" + assert_equal json[:data][:message], "Accreditation info successfully added" + end + + def test_should_return_valid_response_invalid_authorization + post '/repp/v1/registrar/accreditation/push_results', + headers: { 'Authorization' => 'Basic tempary-secret-ke'}, + params: {accreditation_result: {username: @user.username, result: true} } + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :unauthorized + + assert_equal json[:code], 2202 + assert_equal json[:message], 'Invalid authorization information' + end + + def test_should_return_valid_response_record_exception + post '/repp/v1/registrar/accreditation/push_results', + headers: @auth_headers, + params: {accreditation_result: { username: "chungachanga", result: true} } + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal json[:code], 2303 + assert_equal json[:message], "Object 'chungachanga' does not exist" + end +end