Cada sitio tiene su propia API

2020-05-29 12:42:39 -03:00 · 2020-05-29 12:42:39 -03:00 · e40f895402
parent 90d865bc3b
commit e40f895402
3 changed files with 31 additions and 12 deletions
--- a/app/controllers/api/v1/sites_controller.rb
+++ b/app/controllers/api/v1/sites_controller.rb
@ -7,21 +7,31 @@ module Api
      http_basic_authenticate_with name: ENV['HTTP_BASIC_USER'],
                                   password: ENV['HTTP_BASIC_PASSWORD']

+      # Lista de nombres de dominios a emitir certificados
      def index
-        render json: Site.all.order(:name).pluck(:name) +
-                     DeployAlternativeDomain.all.map(&:hostname)
+        render json: sites_names + alternative_names + api_names
      end

-      # Detecta si se puede generar un certificado
-      def allowed
-        name = params[:domain].gsub(/\.#{Site.domain}\Z/, '')
-        site = Site.find_by(name: name)
+      private

-        if site
-          head :ok
-        else
-          head :not_found
-        end
+      # Nombres de los sitios
+      def sites_names
+        Site.all.order(:name).pluck(:name)
+      end
+
+      # Dominios alternativos
+      def alternative_names
+        DeployAlternativeDomain.all.map(&:hostname)
+      end
+
+      # Obtener todos los sitios con API habilitada, es decir formulario
+      # de contacto y/o colaboración anónima.
+      #
+      # TODO: Optimizar
+      def api_names
+        Site.where(contact: true)
+            .or(Site.where(colaboracion_anonima: true))
+            .select("'api.' || name as name").map(&:name)
      end
    end
  end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -16,10 +16,10 @@ Rails.application.routes.draw do
    scope module: 'api' do
      namespace :v1 do
        resources :csp_reports, only: %i[create]
-        get 'sites/allowed', to: 'sites#allowed'
        resources :sites, only: %i[index], constraints: { site_id: /[a-z0-9\-\.]+/, id: /[a-z0-9\-\.]+/ } do
          get 'invitades/cookie', to: 'invitades#cookie'
          resources :posts, only: %i[create]
+          get :'contact/cookie', to: 'contact#cookie'
          post :contact, to: 'contact#receive'
        end
      end
--- a/db/migrate/20200527221900_add_contact_to_site.rb
+++ b/db/migrate/20200527221900_add_contact_to_site.rb
@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+# Los sitios pueden tener un formulario de contacto.  Pueden
+# deshabilitarlo si están recibiendo spam o un ataque.
+class AddContactToSite < ActiveRecord::Migration[6.0]
+  def change
+    add_column :sites, :contact, :boolean, default: false
+  end
+end