Merge pull request bengler#59 from bengler/trusted

Associate arbitrary hosts with a domain registered for a realm
hennikul · May 27, 2013 · 2a98ea7 · 2a98ea7
2 parents e08637d + e5620be
commit 2a98ea7
Show file tree

Hide file tree

Showing 6 changed files with 227 additions and 157 deletions.
diff --git a/api/v1/domains.rb b/api/v1/domains.rb
@@ -24,6 +24,25 @@ class CheckpointV1 < Sinatra::Base
     pg :domain, :locals => {:domain => domain}
   end
 
+  # @apidoc
+  # Test if a domain associated with Checkpoint trusts an abritary domain
+  #
+  # @category Checkpoint/Domains
+  # @path /api/checkpoint/v1/domains/:name/allows/:origin
+  # @http GET
+  # @required [String] name The domain name associated with Checkpoint.
+  # @required [String] origin The abritary domain name to test against.
+  # @example /api/checkpoint/v1/domains/acme.org/allows/pinshing.com
+  # @status 404 No associated domain name.
+  # @status 200 [JSON] allowed: true/false
+
+  get '/domains/:name/allows/:origin' do |name, origin|
+    domain = Domain.find_by_name(name)
+    halt 404, "No associated domain name" unless domain
+    content_type :json
+    {allowed: domain.allow_origin?(origin)}.to_json
+  end
+
   # @apidoc
   # Add a domain to a realm.
   #
@@ -48,6 +67,32 @@ class CheckpointV1 < Sinatra::Base
     [201, pg(:domain, :locals => {:domain => domain})]
   end
 
+  # @apidoc
+  # Add an origin host to a domain.
+  #
+  # @description Add a host to the domain's origins
+  # @note Only gods of the realm may do this.
+  # @category Checkpoint/Domains
+  # @path /api/checkpoint/v1/realms/:label/domains/:name/origins
+  # @http POST
+  # @required [String] label The realm.
+  # @required [String] name The domain name.
+  # @required [String] origin The origin domain name.
+  # @example /api/checkpoint/v1/realms/acme/acme.org/origins
+  # @status 403 The domain is connected to a different realm.
+  # @status 409 You are not a god in this realm.
+  # @status 201 OK
+
+  post '/realms/:label/domains/:name/origins' do |label, name|
+    halt 400, "param origin missing" unless params[:origin]
+    realm = find_realm_by_label(label)
+    check_god_credentials(realm.id)
+    domain = Domain.find_by_name(name)
+    halt 403, "Domain is connected to realm '#{domain.realm.label}'" if domain && domain.name != name
+    domain.add_origin(params[:origin])
+    [201, pg(:domain, :locals => {:domain => domain})]
+  end
+
   # @apidoc
   # Delete a domain from a realm.
   #
@@ -70,4 +115,26 @@ class CheckpointV1 < Sinatra::Base
     halt 204
   end
 
+  # @apidoc
+  # Delete an origin host from a domain.
+  #
+  # @note Only gods of the realm may do this.
+  # @category Checkpoint/Domains
+  # @path /api/checkpoint/v1/realms/:label/domains/:name/origins/:origin
+  # @http DELETE
+  # @required [String] label The realm.
+  # @required [String] name The domain name.
+  # @required [String] origin The origin domain name.
+  # @example /api/checkpoint/v1/realms/acme/domains/acme.org/origins/pinshing.com
+  # @status 403 The domain is connected to a different realm.
+  # @status 409 You are not a god in this realm.
+  # @status 204 Ok.
+
+  delete '/realms/:label/domains/:name/origins/:origin' do |label, name, origin|
+    domain = Domain.find_by_name(name)
+    halt 403, "Domain is connected to '#{domain.realm.label}'" unless domain.realm.label == label
+    check_god_credentials(domain.realm.id)
+    domain.remove_origin(origin)
+    halt 204
+  end
 end
diff --git a/api/v1/views/domain.pg b/api/v1/views/domain.pg
@@ -1,4 +1,4 @@
 node :domain => domain do
-  attributes :name
+  attributes :name, :origins
   node :realm => domain.realm.label
 end