diff --git a/app/controllers/repp/v1/account_controller.rb b/app/controllers/repp/v1/accounts_controller.rb similarity index 92% rename from app/controllers/repp/v1/account_controller.rb rename to app/controllers/repp/v1/accounts_controller.rb index 85d79fe68..0204e7943 100644 --- a/app/controllers/repp/v1/account_controller.rb +++ b/app/controllers/repp/v1/accounts_controller.rb @@ -1,9 +1,9 @@ module Repp module V1 - class AccountController < BaseController # rubocop:disable Metrics/ClassLength + class AccountsController < BaseController # rubocop:disable Metrics/ClassLength load_and_authorize_resource - api :get, '/repp/v1/account' + api :get, '/repp/v1/accounts' desc 'Get all activities' def index records = current_user.registrar.cash_account.activities @@ -20,7 +20,7 @@ module Repp types_for_select: AccountActivity.types_for_select }) end - api :get, '/repp/v1/account/details' + api :get, '/repp/v1/accounts/details' desc 'Get current registrar account details' def details registrar = current_user.registrar @@ -34,7 +34,7 @@ module Repp render_success(data: resp) end - api :put, '/repp/v1/account' + api :put, '/repp/v1/accounts' desc 'Update current registrar account details' def update registrar = current_user.registrar @@ -47,7 +47,7 @@ module Repp message: I18n.t('registrar.account.update.saved')) end - api :post, '/repp/v1/account/update_auto_reload_balance' + api :post, '/repp/v1/accounts/update_auto_reload_balance' desc 'Enable current registrar balance auto reload' def update_auto_reload_balance type = BalanceAutoReloadTypes::Threshold.new(type_params) @@ -62,7 +62,7 @@ module Repp message: I18n.t('registrar.settings.balance_auto_reload.update.saved')) end - api :get, '/repp/v1/account/disable_auto_reload_balance' + api :get, '/repp/v1/accounts/disable_auto_reload_balance' desc 'Disable current registrar balance auto reload' def disable_auto_reload_balance registrar = current_user.registrar @@ -73,7 +73,7 @@ module Repp message: I18n.t('registrar.settings.balance_auto_reload.destroy.disabled')) end - api :get, '/repp/v1/account/balance' + api :get, '/repp/v1/accounts/balance' desc "Get account's balance" def balance resp = { balance: current_user.registrar.cash_account.balance, diff --git a/app/controllers/repp/v1/base_controller.rb b/app/controllers/repp/v1/base_controller.rb index da906383c..977df0323 100644 --- a/app/controllers/repp/v1/base_controller.rb +++ b/app/controllers/repp/v1/base_controller.rb @@ -6,8 +6,8 @@ module Repp around_action :log_request before_action :authenticate_user before_action :validate_webclient_ca - before_action :check_ip_restriction before_action :validate_client_certs + before_action :check_ip_restriction before_action :set_paper_trail_whodunnit private @@ -126,7 +126,7 @@ module Repp end def webclient_request? - return if Rails.env.test? + return false if Rails.env.test? || Rails.env.development? ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip) end @@ -147,8 +147,9 @@ module Repp def validate_client_certs return if Rails.env.development? || Rails.env.test? + return if webclient_request? return if @current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], - request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false) + request.env['HTTP_SSL_CLIENT_S_DN_CN']) @response = { code: 2202, message: 'Invalid certificate' } render(json: @response, status: :unauthorized) diff --git a/app/models/api_user.rb b/app/models/api_user.rb index f73fe616a..d357a2e75 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -61,8 +61,6 @@ class ApiUser < User end def pki_ok?(crt, com, api: true) - p crt - p com return false if crt.blank? || com.blank? origin = api ? certificates.api : certificates.registrar diff --git a/config/routes.rb b/config/routes.rb index 2ea79e1c0..81b6dc95c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -75,9 +75,9 @@ Rails.application.routes.draw do end end - resource :account, controller: :account, only: %i[index update] do + resource :accounts, only: %i[index update] do collection do - get '/', to: 'account#index' + get '/', to: 'accounts#index' get 'balance' get 'details' post 'update_auto_reload_balance'