From 1e347506b5be495ac5d48c20c57ac142f40c4c6b Mon Sep 17 00:00:00 2001
From: Roman P <pythonpro@gmail.com>
Date: Tue, 28 May 2019 18:59:55 +0400
Subject: [PATCH] Add a URL to check if the device has been claimed

Closes #206
---
 backend/device_registry/api_views.py | 19 +++++++++++++++++++
 backend/device_registry/tests.py     | 23 ++++++++++++++++++++++-
 backend/device_registry/urls.py      |  5 ++++-
 3 files changed, 45 insertions(+), 2 deletions(-)

diff --git a/backend/device_registry/api_views.py b/backend/device_registry/api_views.py
index 8cdfb7b20..a6b1651b0 100644
--- a/backend/device_registry/api_views.py
+++ b/backend/device_registry/api_views.py
@@ -473,3 +473,22 @@ def claim_by_link(request):
         return Response(f'Device {device.device_id} claimed!')
     return Response('Device not found', status=status.HTTP_404_NOT_FOUND)
 
+
+@api_view(['GET'])
+@permission_classes((permissions.AllowAny,))
+def mtls_is_claimed_view(request, format=None):
+    """
+    Return claimed status of a device.
+    """
+    device_id = is_mtls_authenticated(request)
+
+    if not device_id:
+        return Response(
+            'Invalid request.',
+            status=status.HTTP_400_BAD_REQUEST
+        )
+    if type(device_id) is Response:
+        return device_id
+
+    device = Device.objects.get(device_id=device_id)
+    return Response({'claimed': device.claimed})
diff --git a/backend/device_registry/tests.py b/backend/device_registry/tests.py
index 9ca4aa16e..33e99d293 100644
--- a/backend/device_registry/tests.py
+++ b/backend/device_registry/tests.py
@@ -16,7 +16,7 @@
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.x509.oid import NameOID
-from rest_framework.test import APIRequestFactory
+from rest_framework.test import APIRequestFactory, APITestCase
 
 from device_registry import ca_helper
 from .api_views import mtls_ping_view, claim_by_link, renew_expired_cert_view
@@ -731,3 +731,24 @@ def test_logins(self):
         self.assertEqual(response.status_code, 200)
         self.assertContains(response, '<pre>pi:')
         self.assertContains(response, 'success: 1')
+
+
+class APIIsClaimedTest(APITestCase):
+    def setUp(self):
+        self.url = reverse('mtls-is_claimed')
+        User = get_user_model()
+        self.user = User.objects.create_user('test')
+        self.device0 = Device.objects.create(device_id='device0.d.wott-dev.local', owner=self.user)
+        self.headers = {
+            'HTTP_SSL_CLIENT_SUBJECT_DN': 'CN=device0.d.wott-dev.local',
+            'HTTP_SSL_CLIENT_VERIFY': 'SUCCESS'
+        }
+
+    def test_get(self):
+        response = self.client.get(
+            self.url,
+            **self.headers,
+            format='json'
+        )
+        self.assertEqual(response.status_code, 200)
+        self.assertDictEqual(response.json(), {'claimed': True})
diff --git a/backend/device_registry/urls.py b/backend/device_registry/urls.py
index 205922ad1..1e74028a3 100644
--- a/backend/device_registry/urls.py
+++ b/backend/device_registry/urls.py
@@ -52,7 +52,10 @@
              api_views.mtls_tester_view,
              name='mtls-tester'),
         path('api/{}/action/<int:action_id>/<str:action_name>'.format(api_version),
-             api_views.action_view, name='action')
+             api_views.action_view, name='action'),
+        path('api/{}/claimed'.format(api_version),
+             api_views.mtls_is_claimed_view,
+             name='mtls-is_claimed'),
     ]
 
 # Front-end