put Ael config to Registry

Nebo15 · May 19, 2017 · 1634071 · 1634071
1 parent cb574c2
commit 1634071
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 19 deletions.
diff --git a/config/config.exs b/config/config.exs
@@ -49,7 +49,7 @@ config :logger_json, :backend,
   metadata: :all
 
 config :ael_api,
-  known_buckets: {:system, :list, "KNOWN_BUCKETS", ["legal-entities-dev"]},
+  known_buckets: {:system, :list, "KNOWN_BUCKETS", []},
   secrets_ttl: {:system, :integer, "SECRETS_TTL", 600} # seconds
 
 config :ael_api, :google_cloud_storage,

diff --git a/lib/ael_api/application.ex b/lib/ael_api/application.ex
@@ -55,6 +55,8 @@ defmodule Ael do
 
     Registry.register(Ael.Registry, :gcs_service_account_id, Map.get(gcs_service_account, "client_email"))
     Registry.register(Ael.Registry, :gcs_service_account_key, :public_key.der_decode(:'RSAPrivateKey', der))
+    Registry.register(Ael.Registry, :gcs_service_secrets_ttl, Confex.get(:ael_api, :secrets_ttl))
+    Registry.register(Ael.Registry, :gcs_service_known_buckets, Confex.get(:ael_api, :known_buckets))
   end
 
   def load_gcs_service_config do

diff --git a/lib/ael_api/secrets/api.ex b/lib/ael_api/secrets/api.ex
@@ -6,9 +6,6 @@ defmodule Ael.Secrets.API do
   alias Ecto.Changeset
   alias Ael.Secrets.Secret
 
-  @secrets_ttl Confex.get(:ael_api, :secrets_ttl) || raise ArgumentError, "Can not read SECRETS_TTL env."
-  @known_buckets Confex.get(:ael_api, :known_buckets) || raise ArgumentError, "Can not read KNOWN_BUCKETS env."
-
   @doc """
   Creates a secret.
 
@@ -43,7 +40,7 @@ defmodule Ael.Secrets.API do
     expires_at =
       now
       |> DateTime.to_unix()
-      |> Kernel.+(@secrets_ttl)
+      |> Kernel.+(get_gcs_signed_url_ttl())
       |> DateTime.from_unix!()
       |> DateTime.to_iso8601()
 
@@ -83,16 +80,6 @@ defmodule Ael.Secrets.API do
     DateTime.to_unix(datetime)
   end
 
-  defp get_gcs_service_account_id do
-    [{_pid, account_id}] = Registry.lookup(Ael.Registry, :gcs_service_account_id)
-    account_id
-  end
-
-  defp get_gcs_service_account_key do
-    [{_pid, account_key}] = Registry.lookup(Ael.Registry, :gcs_service_account_key)
-    account_key
-  end
-
   defp get_canonicalized_resource(%Secret{bucket: bucket, resource_id: resource_id, resource_name: resource_name})
     when is_binary(resource_name) and resource_name != "" do
     "/#{bucket}/#{resource_id}/#{resource_name}"
@@ -107,13 +94,31 @@ defmodule Ael.Secrets.API do
   @verbs ["PUT", "GET", "HEAD"]
 
   defp secret_changeset(%Secret{} = secret, attrs) do
-    require Logger
-    Logger.error("buckets: #{inspect(@known_buckets)}")
-
     secret
     |> cast(attrs, @attrs)
     |> validate_required(@required_attrs)
     |> validate_inclusion(:action, @verbs)
-    |> validate_inclusion(:bucket, @known_buckets)
+    |> validate_inclusion(:bucket, get_gcs_allowed_buckets())
+  end
+
+  defp get_gcs_service_account_id do
+    get_from_registry(:gcs_service_account_id)
+  end
+
+  defp get_gcs_service_account_key do
+    get_from_registry(:gcs_service_account_key)
+  end
+
+  defp get_gcs_signed_url_ttl do
+    get_from_registry(:gcs_service_secrets_ttl)
+  end
+
+  defp get_gcs_allowed_buckets do
+    get_from_registry(:gcs_service_known_buckets)
+  end
+
+  defp get_from_registry(key) do
+    [{_pid, val}] = Registry.lookup(Ael.Registry, key)
+    val
   end
 end