[PR-23132] Add the ability to store certificates in the database #1
Conversation
| @@ -2,8 +2,11 @@ module Passkit | |||
| class Factory | |||
| class << self | |||
| # generator is an optional ActiveRecord object, the application data for the pass | |||
| def create_pass(pass_class, generator = nil) | |||
| pass = Passkit::Pass.create!(klass: pass_class, generator: generator) | |||
| def create_pass(pass_class, generator: nil, site_id: nil) | |||
There was a problem hiding this comment.
IMO everything site-related is part of Talkable-specific custom logic and should be in Talkable, not in gem.
Changes here should be more universal so that we could open source our changes.
There was a problem hiding this comment.
My point is you should not hardcode site_id, not that you should not allow providing extra metadata. That can be some “options” hash that would not be tied to Talkable and would work for much more cases than this one and allow using our gem in other companies potentially.
| class Passkit::CertificateSources::Factory | ||
| def self.find_source(site_id) | ||
| if Passkit.configuration.use_database_for_certificates | ||
| Passkit::CertificateSources::Database.new(site_id) |
There was a problem hiding this comment.
We can built this source in Talkable and pass source (instead of site_id) as an argument.
| render json: {}, status: :ok unless @device | ||
|
|
||
| registrations = @pass.registrations.where(passkit_device_id: @device.id) | ||
| registrations.destroy_all | ||
| render json: {}, status: :ok |
There was a problem hiding this comment.
Double render happens here, you need to return after the first render, or better rewrite this to only have a single render.
There was a problem hiding this comment.
good point
will be fixed
| @@ -9,12 +9,12 @@ def create | |||
|
|
|||
| if @generator && @payload[:collection_name].present? | |||
| files = @generator.public_send(@payload[:collection_name]).collect do |collection_item| | |||
| Passkit::Factory.create_pass(@payload[:pass_class], collection_item) | |||
| Passkit::Factory.create_pass(@payload[:pass_class], generator: collection_item, site_id: params[:site_id]) | |||
There was a problem hiding this comment.
Could we have some method that can be redefined in child controller, e.g. pass_attributes instead of using hardcoded site_id in gem? Don’t want gem to know anything about sites.
| and update the configuration as follows: | ||
| ```ruby | ||
| Passkit.configure do |config| | ||
| config.use_database_for_certificates = false |
There was a problem hiding this comment.
This configuration is not needed if we make the gem accept certificate_source object and call #certificate and #password methods on it.
There was a problem hiding this comment.
without this configuration, ENV variables will be checked each time
There was a problem hiding this comment.
Why check ENV variables when certificate_source is passed?
| @@ -0,0 +1,22 @@ | |||
| class Passkit::CertificateSources::Database | |||
There was a problem hiding this comment.
maybe worth of adding db migration as well, but optional.
| private | ||
|
|
||
| def certificate_record | ||
| @certificate_record ||= Passkit::Certificate.find_by!(site_id: @site_id) |
There was a problem hiding this comment.
definitely we shouldn't search here by site_id.
| @@ -155,5 +158,9 @@ def compress_pass_file | |||
| end | |||
| zip_path | |||
| end | |||
|
|
|||
| def certificate_source | |||
| @certificate_source ||= Passkit::CertificateSources::Factory.find_source(@pass.site_id) | |||
| render json: {}, status: :ok unless @device | ||
|
|
||
| registrations = @pass.registrations.where(passkit_device_id: @device.id) | ||
| registrations.destroy_all | ||
| render json: {}, status: :ok |
|
as an idea, we can pass intermediate and p12_certificate into as it looks like this is only the one place where certificate actually used passkit/lib/passkit/generator.rb Lines 131 to 142 in 83c9c8d how this can be used: module Passkit
class Factory
class << self
# generator is an optional ActiveRecord object, the application data for the pass
def create_pass(pass_class, generator = nil, options = {})
pass = Passkit::Pass.find_or_create_by!(klass: pass_class, generator: generator, **options)
p12_certificate = OpenSSL::PKCS12.new(db.certificate, db.password)
intermediate_certificate = OpenSSL::X509::Certificate.new(File.read(INTERMEDIATE_CERTIFICATE))
Passkit::Generator.new(pass).generate_and_sign(p12_certificate, intermediate_certificate)
end
end
end
endfeel free to reach out and set up a quick call to with me and @zhuravel |
Specs will be added and modified after the review of the main logic.