lib/chef_zero/endpoints/organizations_endpoint.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

require 'ffi_yajl'
require 'chef_zero/rest_base'
require 'chef_zero/chef_data/data_normalizer'
require 'uuidtools'

module ChefZero
  module Endpoints
    # /organizations
    class OrganizationsEndpoint < RestBase
      DEFAULT_PUBLIC_KEY_NAME = "default"

      def get(request)
        result = {}
        data_store.list(request.rest_path).each do |name|
          result[name] = build_uri(request.base_uri, request.rest_path + [name])
        end
        json_response(200, result)
      end

      def post(request)
        contents = FFI_Yajl::Parser.parse(request.body, :create_additions => false)
        name = contents['name']
        full_name = contents['full_name']
        if name.nil?
          error(400, "Must specify 'name' in JSON")
        elsif full_name.nil?
          error(400, "Must specify 'full_name' in JSON")
        elsif exists_data_dir?(request, request.rest_path + [ name ])
          error(409, "Organization already exists")
        else
          create_data_dir(request, request.rest_path, name, :requestor => request.requestor)

          org = {
            "guid" => UUIDTools::UUID.random_create.to_s.gsub('-', ''),
            "assigned_at" => Time.now.to_s
          }.merge(contents)

          org_path = request.rest_path + [ name ]
          set_data(request, org_path + [ 'org' ], FFI_Yajl::Encoder.encode(org, :pretty => true))

          if server.generate_real_keys?
            private_key = create_validator_client!(request, org_path)
          end

          json_response(201, {
            "uri" => build_uri(request.base_uri, org_path),
            "name" => name,
            "org_type" => org["org_type"],
            "full_name" => full_name,
            "clientname" => validator_name(name),
            "private_key" => private_key
          })
        end
      end

      private

      def validator_name(org_name)
        "#{org_name}-validator"
      end

      def create_validator_client!(request, org_path)
        name = validator_name(org_path.last)
        validator_path = [ *org_path, 'clients', name ]

        private_key, public_key = server.gen_key_pair

        validator = FFI_Yajl::Encoder.encode({
          'validator' => true,
        }, :pretty => true)

        set_data(request, validator_path, validator)

        store_default_public_key!(request, name, public_key)

        private_key
      end

      # Store the validator client's public key in client_keys
      def store_default_public_key!(request, client_name, public_key)
        path = [ "client_keys", client_name, "keys" ]

        data = FFI_Yajl::Encoder.encode(
          "name" => DEFAULT_PUBLIC_KEY_NAME,
          "public_key" => public_key,
          "expiration_date" => "infinity"
        )

        create_data(request, path, DEFAULT_PUBLIC_KEY_NAME, data, :create_dir)
      end
    end
  end
end