Make serial number the main identifier of UserCert

tatu/api/app.py

@@ -23,7 +23,7 @@ def create_app(sa):
     api.add_route('/authorities', models.Authorities())
     api.add_route('/authorities/{auth_id}', models.Authority())
     api.add_route('/usercerts', models.UserCerts())
-    api.add_route('/usercerts/{user_id}/{fingerprint}', models.UserCert())
+    api.add_route('/usercerts/{serial}', models.UserCert())
     api.add_route('/hostcerts', models.HostCerts())
     api.add_route('/hostcerts/{host_id}/{fingerprint}', models.HostCert())
     api.add_route('/hosttokens', models.Tokens())

tatu/api/models.py

@@ -164,8 +164,8 @@ class UserCerts(object):
 
 class UserCert(object):
     @falcon.before(validate)
-    def on_get(self, req, resp, user_id, fingerprint):
+    def on_get(self, req, resp, serial):
-        user = db.getUserCert(self.session, user_id, fingerprint)
+        user = db.getUserCertBySerial(self.session, serial)
         if user is None:
             resp.status = falcon.HTTP_NOT_FOUND
             return
@@ -316,3 +316,4 @@ class RevokedUserKeys(object):
             cert=req.body.get('cert', None)
         )
         resp.status = falcon.HTTP_OK
+        resp.body = json.dumps({})

tatu/db/models.py

@@ -78,7 +78,10 @@ sa.Index('idx_user_finger', UserCert.user_id, UserCert.fingerprint, unique=True)
 
 
 def getUserCertBySerial(session, serial):
-    return session.query(UserCert).get(serial)
+    try:
+        return session.query(UserCert).get(serial)
+    except Exception:
+        return None
 
 
 def getUserCert(session, user_id, fingerprint):