Merge admin and api users

2025-05-17 17:59:47 +02:00 · 2015-02-13 13:05:01 +02:00 · 2015-02-13 13:05:01 +02:00 · f3215680d5
commit f3215680d5
parent fcd3f4146b
6 changed files with 114 additions and 37 deletions
--- a/app/models/admin_user.rb
+++ b/app/models/admin_user.rb
@ -0,0 +1,32 @@
+class AdminUser < User
+  devise :trackable, :timeoutable
+  # TODO: Foreign user will get email with activation link,email,temp-password.
+  # After activisation, system should require to change temp password.
+  # TODO: Estonian id validation
+
+  validates :username, :password, :country_code, presence: true
+  validates :identity_code, uniqueness: true, allow_blank: true
+  validates :identity_code, presence: true, if: -> { country_code == 'EE' }
+  validates :email, presence: true, if: -> { country_code != 'EE' }
+
+  validate :validate_identity_code
+  belongs_to :country_deprecated, foreign_key: :country_id
+
+  ROLES = %w(user customer_service admin)
+
+  def to_s
+    username
+  end
+
+  def country
+    Country.new(country_code)
+  end
+
+  private
+
+  def validate_identity_code
+    return unless identity_code.present?
+    code = Isikukood.new(identity_code)
+    errors.add(:identity_code, :invalid) unless code.valid?
+  end
+end
--- a/app/models/api_user.rb
+++ b/app/models/api_user.rb
@ -1,8 +1,7 @@
 require 'open3'

 # rubocop: disable Metrics/ClassLength
-class ApiUser < ActiveRecord::Base
-  include Versions # version/api_user_version.rb
+class ApiUser < User
  # TODO: should have max request limit per day
  belongs_to :registrar
  has_many :contacts
--- a/app/models/api_user_deprecated.rb
+++ b/app/models/api_user_deprecated.rb
@ -0,0 +1,52 @@
+require 'open3'
+
+# rubocop: disable Metrics/ClassLength
+class ApiUserDeprecated < ActiveRecord::Base
+  self.table_name = "api_users"
+  # TODO: should have max request limit per day
+  belongs_to :registrar
+  has_many :contacts
+
+  validates :username, :password, :registrar, presence: true
+  validates :username, uniqueness: true
+
+  before_save :create_crt, if: -> (au) { au.csr_changed? }
+
+  attr_accessor :registrar_typeahead
+
+  def registrar_typeahead
+    @registrar_typeahead || registrar || nil
+  end
+
+  def to_s
+    username
+  end
+
+  def queued_messages
+    registrar.messages.queued
+  end
+
+  def create_crt
+    csr_file = Tempfile.new('client_csr')
+    csr_file.write(csr)
+    csr_file.rewind
+
+    crt_file = Tempfile.new('client_crt')
+    _out, err, _st = Open3.capture3("openssl ca -keyfile #{APP_CONFIG['ca_key_path']} \
+    -cert #{APP_CONFIG['ca_cert_path']} \
+    -extensions usr_cert -notext -md sha256 \
+    -in #{csr_file.path} -out #{crt_file.path} -key '#{APP_CONFIG['ca_key_password']}' -batch")
+
+    if err.match(/Data Base Updated/)
+      crt_file.rewind
+      self.crt = crt_file.read
+      return true
+    else
+      errors.add(:base, I18n.t('failed_to_create_certificate'))
+      logger.error('FAILED TO CREATE CLIENT CERTIFICATE')
+      logger.error(err)
+      return false
+    end
+  end
+end
+# rubocop: enable Metrics/ClassLength
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1,35 +1,3 @@
 class User < ActiveRecord::Base
  include Versions # version/user_version.rb
-  # Include default devise modules. Others available are:
-  # :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :trackable, :timeoutable
-  # TODO: Foreign user will get email with activation link,email,temp-password.
-  # After activisation, system should require to change temp password.
-  # TODO: Estonian id validation
-
-  validates :username, :password, :country_code, presence: true
-  validates :identity_code, uniqueness: true, allow_blank: true
-  validates :identity_code, presence: true, if: -> { country_code == 'EE' }
-  validates :email, presence: true, if: -> { country_code != 'EE' }
-
-  validate :validate_identity_code
-  belongs_to :country_deprecated, foreign_key: :country_id
-
-  ROLES = %w(user customer_service admin)
-
-  def to_s
-    username
-  end
-
-  def country
-    Country.new(country_code)
-  end
-
-  private
-
-  def validate_identity_code
-    return unless identity_code.present?
-    code = Isikukood.new(identity_code)
-    errors.add(:identity_code, :invalid) unless code.valid?
-  end
 end
--- a/db/migrate/20150213104014_merge_api_user_and_user.rb
+++ b/db/migrate/20150213104014_merge_api_user_and_user.rb
@ -0,0 +1,21 @@
+class MergeApiUserAndUser < ActiveRecord::Migration
+  def change
+    add_column :users, :registrar_id, :integer
+    add_column :users, :active, :boolean, default: false
+    add_column :users, :csr, :text
+    add_column :users, :crt, :text
+    add_column :users, :type, :string
+
+    User.all.each do |x|
+      x.type = 'AdminUser'
+      x.save
+    end
+
+    ApiUserDeprecated.all.each do |x|
+      attrs = x.attributes
+      attrs.delete('id')
+      ApiUser.skip_callback(:save, :before, :create_crt)
+      ApiUser.create!(attrs)
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema.define(version: 20150203135303) do
+ActiveRecord::Schema.define(version: 20150213104014) do

  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@ -625,6 +625,11 @@ ActiveRecord::Schema.define(version: 20150203135303) do
    t.string   "creator_str"
    t.string   "updator_str"
    t.string   "country_code"
+    t.integer  "registrar_id"
+    t.boolean  "active",             default: false
+    t.text     "csr"
+    t.text     "crt"
+    t.string   "type"
  end

  create_table "versions", force: :cascade do |t|