diff options
author | Jordan Running <jr@getchef.com> | 2016-02-18 15:43:56 -0600 |
---|---|---|
committer | Jordan Running <jr@getchef.com> | 2016-02-24 14:16:30 -0600 |
commit | b0971ce66e69cefd6e148a648f01667c0146e577 (patch) | |
tree | 87f2d5b56f1fe50f27d69150133f5201a12ae527 /lib/chef_zero/endpoints/actor_default_key_endpoint.rb | |
parent | 2469894eab12f24893916b571a981e082dfe97df (diff) | |
download | chef-zero-b0971ce66e69cefd6e148a648f01667c0146e577.tar.gz |
Move default keys logic into ActorDefaultKeyEndpoint; fix #putjr/pedant-keys-2
Diffstat (limited to 'lib/chef_zero/endpoints/actor_default_key_endpoint.rb')
-rw-r--r-- | lib/chef_zero/endpoints/actor_default_key_endpoint.rb | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/lib/chef_zero/endpoints/actor_default_key_endpoint.rb b/lib/chef_zero/endpoints/actor_default_key_endpoint.rb new file mode 100644 index 0000000..f63ffb9 --- /dev/null +++ b/lib/chef_zero/endpoints/actor_default_key_endpoint.rb @@ -0,0 +1,70 @@ +require 'chef_zero/rest_base' + +module ChefZero + module Endpoints + # ActorDefaultKeyEndpoint + # + # This class handles DELETE/GET/PUT requests for client/user default public + # keys, i.e. requests with identity key "default". All others are handled + # by ActorKeyEndpoint. + # + # Default public keys are stored with the actor (client or user) instead of + # under user/client_keys. Handling those in a separate endpoint offloads + # the branching logic onto the router rather than branching in every + # endpoint method (`if request.rest_path[-1] == "default" ...`). + # + # /users/USER/keys/default + # /organizations/ORG/clients/CLIENT/keys/default + class ActorDefaultKeyEndpoint < RestBase + DEFAULT_PUBLIC_KEY_NAME = "default".freeze + + def get(request) + # 404 if actor doesn't exist + actor_data = get_actor_data(request) + json_response(200, default_public_key_from_actor(actor_data)) + end + + def delete(request) + path = actor_path(request) + actor_data = get_actor_data(request) # 404 if actor doesn't exist + + default_public_key = delete_actor_default_public_key!(request, path, actor_data) + json_response(200, default_public_key) + end + + def put(request) + # 404 if actor doesn't exist + actor_data = get_actor_data(request) + + new_public_key = parse_json(request.body)["public_key"] + actor_data["public_key"] = new_public_key + + set_data(request, actor_path(request), to_json(actor_data)) + end + + private + + def actor_path(request) + return request.rest_path[0..3] if request.rest_path[2] == "clients" + request.rest_path[0..1] + end + + def get_actor_data(request) + path = actor_path(request) + parse_json(get_data(request, path)) + end + + def default_public_key_from_actor(actor_data) + { "name" => DEFAULT_PUBLIC_KEY_NAME, + "public_key" => actor_data["public_key"], + "expiration_date" => "infinity" } + end + + def delete_actor_default_public_key!(request, path, actor_data) + new_actor_data = actor_data.merge("public_key" => nil) + set_data(request, path, to_json(new_actor_data)) + default_public_key_from_actor(actor_data) + end + end + end +end |