app/controllers/repp/v1/certificates_controller.rb
require 'serializers/repp/certificate'
module Repp
module V1
class CertificatesController < BaseController
before_action :find_certificate, only: %i[show download]
load_and_authorize_resource param_method: :cert_params
THROTTLED_ACTIONS = %i[show create download].freeze
include Shunter::Integration::Throttle
api :GET, '/repp/v1/api_users/:api_user_id/certificates/:id'
desc "Get a specific api user's specific certificate data"
def show
serializer = Serializers::Repp::Certificate.new(@certificate)
render_success(data: { cert: serializer.to_json })
end
api :POST, '/repp/v1/certificates'
desc 'Submit a new api user certificate signing request'
def create
@api_user = current_user.registrar.api_users.find(cert_params[:api_user_id])
csr = decode_cert_params(cert_params[:csr])
@certificate = @api_user.certificates.build(csr: csr)
if @certificate.save
notify_admins
render_success(data: { api_user: { id: @api_user.id } })
else
handle_non_epp_errors(@certificate)
end
end
api :get, '/repp/v1/api_users/:api_user_id/certificates/:id/download'
desc "Download a specific api user's specific certificate"
param :type, String, required: true, desc: 'Type of certificate (csr or crt)'
def download
filename = "#{@api_user.username}_#{Time.zone.today.strftime('%y%m%d')}_portal.#{params[:type]}.pem"
send_data @certificate[params[:type].to_s], filename: filename
end
private
def find_certificate
@api_user = current_user.registrar.api_users.find(params[:api_user_id])
@certificate = @api_user.certificates.find(params[:id])
end
def cert_params
params.require(:certificate).permit(:api_user_id, csr: %i[body type])
end
def decode_cert_params(csr_params)
return if csr_params.blank?
Base64.decode64(csr_params[:body])
end
def notify_admins
admin_users_emails = User.admin.pluck(:email).reject(&:blank?)
return if admin_users_emails.empty?
admin_users_emails.each do |email|
CertificateMailer.certificate_signing_requested(email: email,
api_user: @api_user,
csr: @certificate)
.deliver_now
end
end
end
end
end