kotovalexarian/lpr-partynest
Archived
1
0
Fork 0
Code Activity

Add action Staffs::X509Certificates::PrivateKeysController#show

Browse source
This commit is contained in:
Alex Kotov 2019-09-12 05:07:59 +05:00
parent f5ada66390
commit 646b6e41fa
Signed by: kotovalexarian
GPG key ID: 553C0EBBEB5D5F08
8 changed files with 86 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
app/controllers/staffs/x509_certificates/private_keys_controller.rb Normal file
View file

@ -0,0 +1,35 @@
# frozen_string_literal: true
class Staffs::X509Certificates::PrivateKeysController < ApplicationController
before_action :set_x509_certificate
before_action :set_rsa_public_key
# GET /staff/x509_certificates/:x509_certificate_id/private_key
def show
authorize [:staff, X509Certificate, PublicKeyPrivateKey.new(@rsa_public_key)]
cipher = OpenSSL::Cipher::AES256.new
cipher.decrypt
cipher.iv = @rsa_public_key.private_key_pem_iv
cipher.key = Base64.urlsafe_decode64 params[:private_key_secret]
cleartext = [
cipher.update(@rsa_public_key.private_key_pem_ciphertext),
cipher.final,
].join
respond_to do |format|
format.key { send_data cleartext, filename: 'private.key' }
end
end
private
def set_x509_certificate
@x509_certificate = X509Certificate.find params[:x509_certificate_id]
end
def set_rsa_public_key
@rsa_public_key = @x509_certificate.rsa_public_key
end
end

11
app/policies/staff/x509_certificate/private_key_policy.rb Normal file
View file

@ -0,0 +1,11 @@
# frozen_string_literal: true
class Staff::X509Certificate::PrivateKeyPolicy < ApplicationPolicy
def show?
return false if restricted?
account&.superuser? &&
record.exist? &&
params[:private_key_secret].present?
end
end

2
app/primitives/public_key_private_key.rb
View file

@ -4,7 +4,7 @@ class PublicKeyPrivateKey
attr_reader :public_key
def self.policy_class
'RSAPrivateKey'
'PrivateKeyPolicy'
end
def initialize(public_key)

20
app/views/staffs/x509_certificates/show.html.erb
View file

@ -66,6 +66,12 @@
</div>
<div class="col-md-6">
<% if policy([
:staff,
X509Certificate,
PublicKeyPrivateKey.new(@x509_certificate.rsa_public_key),
]).show? %>
<div class="alert alert-warning" role="alert">
<h4 class="alert-heading">
<%= translate '.private_key_alert_header' %>
@ -75,10 +81,18 @@
<p><%= translate '.private_key_alert_text' %></p>
<%= link_to translate('.private_key_alert_link'),
'#',
class: 'btn btn-warning' %>
<%= link_to(
translate('.private_key_alert_link'),
staff_x509_certificate_private_key_path(
@x509_certificate,
format: :key,
private_key_secret: params[:private_key_secret],
),
class: 'btn btn-warning',
) %>
</div>
<% end %>
</div>
</div>
</div>

3
config/initializers/mime_types.rb
View file

@ -2,5 +2,4 @@
# Be sure to restart your server when you modify this file.
# Add new mime types for use in respond_to blocks:
# Mime::Type.register "text/richtext", :rtf
Mime::Type.register 'application/pkcs8', :key

6
config/routes.rb
View file

@ -61,7 +61,11 @@ Rails.application.routes.draw do
resources :accounts, param: :nickname, only: %i[index show]
resources :x509_certificates, only: %i[index show new create]
resources :x509_certificates, only: %i[index show new create] do
resource :private_key,
controller: 'x509_certificates/private_keys',
only: :show
end
resources :people, only: %i[index show new create] do
resources :person_comments,

7
spec/policies/staff/x509_certificate/private_key_policy_spec.rb Normal file
View file

@ -0,0 +1,7 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe Staff::X509Certificate::PrivateKeyPolicy do
pending "add some examples to (or delete) #{__FILE__}"
end

9
spec/requests/staff/x509_certificates/private_keys/show_spec.rb Normal file
View file

@ -0,0 +1,9 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe(
'GET /staff/x509_certificates/:x509_certificate_id/private_key',
) do
pending "add some examples to (or delete) #{__FILE__}"
end