From bdfd82c6c56c78edec7e6ec33928d088e31e0e29 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Thu, 5 Sep 2019 15:56:24 -0300
Subject: [PATCH] API para sitios permitidos

---
 app/controllers/api/v1/base_controller.rb     | 10 ++++++
 app/controllers/api/v1/sites_controller.rb    | 20 ++++++++++++
 config/routes.rb                              |  8 +++++
 .../api/v1/sites_controller_test.rb           | 32 +++++++++++++++++++
 4 files changed, 70 insertions(+)
 create mode 100644 app/controllers/api/v1/base_controller.rb
 create mode 100644 app/controllers/api/v1/sites_controller.rb
 create mode 100644 test/controllers/api/v1/sites_controller_test.rb

diff --git a/app/controllers/api/v1/base_controller.rb b/app/controllers/api/v1/base_controller.rb
new file mode 100644
index 00000000..c1d58ff6
--- /dev/null
+++ b/app/controllers/api/v1/base_controller.rb
@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Api
+  module V1
+    # API
+    class BaseController < ActionController::Base
+      protect_from_forgery with: :null_session
+    end
+  end
+end
diff --git a/app/controllers/api/v1/sites_controller.rb b/app/controllers/api/v1/sites_controller.rb
new file mode 100644
index 00000000..8e79c880
--- /dev/null
+++ b/app/controllers/api/v1/sites_controller.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Api
+  module V1
+    # API para sitios
+    class SitesController < BaseController
+      # Detecta si se puede generar un certificado
+      def allowed
+        name = params[:domain].gsub(/\.#{Site.domain}\Z/, '')
+        site = Site.find_by(name: name)
+
+        if site
+          head :ok
+        else
+          head :not_found
+        end
+      end
+    end
+  end
+end
diff --git a/config/routes.rb b/config/routes.rb
index a492ba90..137ef940 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -11,6 +11,14 @@ Rails.application.routes.draw do
   # como un objeto válido
   resources :invitadxs, only: [:create]
 
+  constraints subdomain: 'api' do
+    scope module: 'api' do
+      namespace :v1 do
+        get 'sites/allowed', to: 'sites#allowed'
+      end
+    end
+  end
+
   resources :sites, constraints: { site_id: %r{[^/]+}, id: %r{[^/]+} } do
     get 'public/:type/:basename', to: 'sites#send_public_file'
 
diff --git a/test/controllers/api/v1/sites_controller_test.rb b/test/controllers/api/v1/sites_controller_test.rb
new file mode 100644
index 00000000..b55273c0
--- /dev/null
+++ b/test/controllers/api/v1/sites_controller_test.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+module Api
+  module V1
+    class SitesControllerTest < ActionDispatch::IntegrationTest
+      setup do
+        @rol = create :rol
+        @site = @rol.site
+        @usuarie = @rol.usuarie
+
+        @authorization = {
+          Authorization: ActionController::HttpAuthentication::Basic
+                         .encode_credentials(@usuarie.email, @usuarie.password)
+        }
+      end
+
+      teardown do
+        @site.destroy
+      end
+
+      test 'se puede generar un certificado' do
+        get v1_sites_allowed_url, params: { domain: @site.name }
+        assert_response :ok
+
+        get v1_sites_allowed_url, params: { domain: SecureRandom.hex }
+        assert_response :not_found
+      end
+    end
+  end
+end