// deregister is used by administrative clients to remove mailboxes. It deletes
// the mailbox and all messages from the database.
func deregister(w http.ResponseWriter, r *http.Request) {
var request api.RegisterRequest
err := readRequest(r, &request)
if err != nil {
sendError(w, err.Error())
return
}
accessKey, _ := mailbox.FindKeyByName(request.AccessKeyName)
if accessKey == nil {
sendError(w, "Access key is invalid")
return
}
if !request.Validate(accessKey.Secret) {
sendError(w, "Could not validate signature")
return
}
if !accessKey.CanAdmin() {
sendError(w, "Not allowed to deregister mailboxes")
return
}
err = mailbox.Deregister(request.Mailbox)
if err != nil {
sendError(w, err.Error())
return
}
resp := api.SimpleResponse{Success: true}
resp.Sign(accessKey.Name, accessKey.Secret)
writeResponse(&w, resp)
}
// register is used by administrative clients to reigster new mailboxes.
func register(w http.ResponseWriter, r *http.Request) {
var request api.RegisterRequest
err := readRequest(r, &request)
if err != nil {
sendError(w, err.Error())
return
}
accessKey, err := mailbox.FindKeyByName(request.AccessKeyName)
if accessKey == nil {
sendError(w, "Access key is invalid")
return
}
if !request.Validate(accessKey.Secret) {
sendError(w, "Could not validate signature")
return
}
if !accessKey.CanAdmin() {
sendError(w, "Not allowed to register mailboxes.")
return
}
if mailbox.KeyExists(request.Mailbox) {
sendError(w, "An access key already exists with that mailbox name")
return
}
mb, err := mailbox.Create(request.Mailbox)
if err != nil {
sendError(w, err.Error())
return
}
mbKey := &mailbox.AccessKey{
MailboxId: mb.Id,
}
err = mbKey.Create()
if err != nil {
sendError(w, err.Error())
return
}
resp := api.RegisterResponse{
Mailbox: mb.Id,
AccessKeyName: mbKey.Name,
AccessKeySecret: mbKey.Secret,
}
resp.Sign(accessKey.Name, accessKey.Secret)
writeResponse(&w, resp)
log.Infof("Mailbox %s registered.", mb.Id)
}
func TestRegister(t *testing.T) {
key := mailbox.AccessKey{FullAccess: true}
key.Create()
req := api.RegisterRequest{Mailbox: "register.test"}
req.Sign(key.Name, key.Secret)
var resp api.RegisterResponse
code := doRequest(t, req, &resp, "register")
if code != 200 {
t.Fatalf("Server repsponded with %d", code)
}
mb, err := mailbox.Find("register.test")
if err != nil {
t.Fatal(err)
}
if mb == nil {
t.Fatal("Mailbox not registered")
}
if !key.CanGet(mb) {
t.Fatal("Key not bound to mailbox")
}
}
