From 06700e76aa6f73fc3f38afa01b539d910a0a7dd9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ensar=20Saraj=C4=8Di=C4=87?= <esarajcic1@etf.unsa.ba>
Date: Sat, 3 Nov 2018 16:00:46 +0100
Subject: [PATCH] Add route for resetting device secret

---
 app/api/blueprint.py                          |  3 +++
 app/api/resources/device.py                   |  8 ++++++++
 .../swagger/reset_device_secret_spec.yaml     | 20 +++++++++++++++++++
 app/devices/api.py                            | 12 +++++++++++
 4 files changed, 43 insertions(+)
 create mode 100644 app/api/resources/swagger/reset_device_secret_spec.yaml

diff --git a/app/api/blueprint.py b/app/api/blueprint.py
index 5dc5918..25a543c 100644
--- a/app/api/blueprint.py
+++ b/app/api/blueprint.py
@@ -24,6 +24,7 @@ def add_resources():
                                    DeviceTypeListResource,
                                    DeviceConfigurationResource,
                                    DeviceSecretResource,
+                                   DeviceSecretResetResource,
                                    DeviceShareResource,
                                    DeviceShareActivationResource)
     from .resources.dashboard import (DashboardResource,
@@ -55,6 +56,8 @@ def add_resources():
                      '/v1/devices/<int:device_id>/configuration')
     api.add_resource(DeviceSecretResource,
                      '/v1/devices/<int:device_id>/secret')
+    api.add_resource(DeviceSecretResetResource,
+                     '/v1/devices/<int:device_id>/secret/reset')
     api.add_resource(DeviceShareResource,
                      '/v1/devices/<int:device_id>/share')
     api.add_resource(
diff --git a/app/api/resources/device.py b/app/api/resources/device.py
index ab9f627..a53b133 100644
--- a/app/api/resources/device.py
+++ b/app/api/resources/device.py
@@ -174,6 +174,14 @@ class DeviceSecretResource(ProtectedResource):
         return DeviceSecretSchema().dump(devices.get_device(device_id)), 200
 
 
+class DeviceSecretResetResource(ProtectedResource):
+    @swag_from('swagger/reset_device_secret_spec.yaml')
+    def post(self, device_id):
+        validate_device_ownership(device_id)
+        return DeviceSecretSchema().dump(
+                devices.reset_device_secret(device_id)), 200
+
+
 class DeviceShareResource(ProtectedResource):
     @use_args(DeviceShareSchema(), locations=('json',))
     @swag_from('swagger/create_device_share_token_spec.yaml')
diff --git a/app/api/resources/swagger/reset_device_secret_spec.yaml b/app/api/resources/swagger/reset_device_secret_spec.yaml
new file mode 100644
index 0000000..3219ac0
--- /dev/null
+++ b/app/api/resources/swagger/reset_device_secret_spec.yaml
@@ -0,0 +1,20 @@
+Resets a device secret info
+---
+tags:
+  - Device
+parameters:
+  - in: path
+    name: device_id
+    required: true
+    type: integer
+    description: Id of the device
+responses:
+  200:
+    description: Success
+    schema:
+      type: object
+      required:
+        - content
+      properties:
+        content:
+          $ref: '#/definitions/DeviceSecretInfo'
diff --git a/app/devices/api.py b/app/devices/api.py
index 260e2d7..1ad844d 100644
--- a/app/devices/api.py
+++ b/app/devices/api.py
@@ -2,6 +2,7 @@ import sys
 import hmac
 import urllib.parse
 import datetime
+from secrets import token_urlsafe
 from .models import (Device,
                      Recording,
                      DeviceAssociation,
@@ -150,6 +151,17 @@ def get_device(device_id):
     return Device.get(id=device_id)
 
 
+def reset_device_secret(device_id):
+    """
+    Resets device secret for device with given parameters. Raises error on
+    failure
+    """
+    device = Device.get(id=device_id)
+    device.device_secret = token_urlsafe(32)
+    device.save()
+    return device
+
+
 def can_user_access_device(account_id, device_id):
     """
     Checks if user with given account_id can access device with given device_id