Commit | Line | Data |
---|---|---|
eafe3d52 AC |
1 | <% @header [("title", ["SSL certificate signing requests"])]; |
2 | ||
3 | val admin = Group.inGroupName "server"; | |
4 | ||
5 | if $"new" <> "" then | |
6 | val req = $"req"; | |
7 | val key = $"key"; | |
8 | val days = Web.stoi ($"days"); | |
9 | val domain = $"domain"; | |
10 | val msg = $"msg"; | |
11 | ||
12 | if req = "" then | |
13 | %><h3>Please fill in a path to a certificate request.</h3><% | |
14 | elseif key = "" then | |
15 | %><h3>Please fill in a path to a key.</h3><% | |
16 | elseif days <= 0 then | |
17 | %><h3>Please give a positive number of days for the certificate to live.</h3><% | |
18 | elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then | |
19 | %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><% | |
20 | else | |
21 | %>Are you sure you want to ask for permissions on an SSL certificate | |
22 | <li> with request <tt><% Web.html req %></tt>,</li> | |
23 | <li> with key <tt><% Web.html key %></tt>,</li> | |
24 | <li> for domain <tt><% domain %></tt>,</li> | |
25 | <li> lasting <% days %> days?</li> | |
26 | <a href="?cmd=request&req=<% Web.html req %>&key=<% Web.html key %>&days=<% days %>&domain=<% Web.html domain %>&msg=<% Web.urlEncode msg %>">Yes, I want to request that.</a><% | |
27 | end | |
28 | elseif $"cmd" = "request" then | |
29 | val req = $"req"; | |
30 | val key = $"key"; | |
31 | val days = Web.stoi ($"days"); | |
32 | val domain = $"domain"; | |
33 | val msg = $"msg"; | |
34 | ||
35 | if req = "" then | |
36 | %><h3>Please fill in a path to a certificate request.</h3><% | |
37 | elseif key = "" then | |
38 | %><h3>Please fill in a path to a key.</h3><% | |
39 | elseif days <= 0 then | |
40 | %><h3>Please give a positive number of days for the certificate to live.</h3><% | |
41 | elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then | |
42 | %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><% | |
43 | else | |
44 | val gen = req; | |
45 | ||
46 | val text = "/afs/hcoop.net/common/etc/scripts/ca-sign " | |
47 | ^ Int.toString days ^ " " | |
48 | ^ req ^ " " | |
49 | ^ key ^ " " | |
50 | ^ gen ^ " " | |
51 | ^ domain; | |
52 | ||
53 | val id = Sign.add (Init.getUserId (), text, msg); | |
54 | if not (Sign.notifyNew id) then | |
55 | %><h3>Error sending e-mail notification</h3><% | |
56 | end | |
57 | %><h3>Request added</h3><% | |
58 | end | |
59 | elseif $"cmd" = "open" then | |
60 | %><h3>Open requests</h3> | |
61 | <a href="?cmd=list">List all requests</a><% | |
62 | ||
63 | foreach (name, req) in Sign.listOpen () do %> | |
64 | <br><hr><br> | |
65 | <table class="blanks"> | |
66 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
67 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> | |
68 | <tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr> | |
69 | <tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr> | |
70 | </table> | |
71 | ||
72 | <% if admin then %> | |
73 | <br> | |
74 | <a href="?mod=<% #id req %>">[Modify]</a> | |
75 | <a href="?del=<% #id req %>">[Delete]</a><br> | |
76 | <% end %> | |
77 | ||
78 | <% end | |
79 | ||
80 | elseif $"cmd" = "list" then | |
81 | %><h3>All requests</h3><% | |
82 | ||
83 | foreach (name, req) in Sign.list () do %> | |
84 | <br><hr><br> | |
85 | <table class="blanks"> | |
86 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
87 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> | |
88 | <tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr> | |
89 | <tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr> | |
90 | </table> | |
91 | ||
92 | <% if admin then %> | |
93 | <br> | |
94 | <a href="?mod=<% #id req %>">[Modify]</a> | |
95 | <a href="?del=<% #id req %>">[Delete]</a> | |
96 | <% end %> | |
97 | ||
98 | <% end | |
99 | ||
100 | elseif $"mod" <> "" then | |
101 | Group.requireGroupName "server"; | |
102 | val id = Web.stoi ($"mod"); | |
103 | val req = Sign.lookup id; | |
104 | val user = Init.lookupUser (#usr req) %> | |
105 | <h3>Handle request</h3> | |
106 | ||
107 | <form method="post"> | |
108 | <input type="hidden" name="save" value="<% id %>"> | |
109 | <table class="blanks"> | |
110 | <tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr> | |
111 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> | |
112 | <tr> <td>Status:</td> <td><select name="status"> | |
113 | <option value="0"<% if #status req = Sign.NEW then %> selected<% end %>>New</option> | |
114 | <option value="1"<% if #status req = Sign.INSTALLED then %> selected<% end %>>Installed</option> | |
115 | <option value="2"<% if #status req = Sign.REJECTED then %> selected<% end %>>Rejected</option> | |
116 | </select></td> </tr> | |
117 | <tr> <td>Request:</td> <td><input name="req" size="60" value="<% Web.html (#data req) %>"></td> </tr> | |
118 | <tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr> | |
119 | <tr> <td><input type="submit" value="Save"></td> </tr> | |
120 | </table> | |
121 | </form> | |
122 | ||
123 | <% elseif $"save" <> "" then | |
124 | Group.requireGroupName "server"; | |
125 | val id = Web.stoi ($"save"); | |
126 | val req = Sign.lookup id; | |
127 | val oldStatus = #status req; | |
128 | val newStatus = Sign.statusFromInt (Web.stoi ($"status")); | |
129 | Sign.modify {req with data = $"req", msg = $"msg", status = newStatus}; | |
8812fb4d AC |
130 | if not (Sign.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then |
131 | %><h3>Error sending e-mail notification</h3><% | |
eafe3d52 AC |
132 | end |
133 | %><h3>Request modified</h3> | |
134 | Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a> | |
135 | ||
136 | <% elseif $"del" <> "" then | |
137 | Group.requireGroupName "server"; | |
138 | val id = Web.stoi ($"del"); | |
139 | val req = Sign.lookup id; | |
140 | val user = Init.lookupUser (#usr req) | |
141 | %><h3>Are you sure you want to delete request by <% #name user %> for <tt><% #data req %></tt>?</h3> | |
142 | <a href="?del2=<% id %>">Yes, I'm sure!</a> | |
143 | ||
144 | <% elseif $"del2" <> "" then | |
145 | Group.requireGroupName "server"; | |
146 | val id = Web.stoi ($"del2"); | |
147 | Sign.delete id | |
148 | %><h3>Request deleted</b><h3> | |
149 | Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a> | |
150 | ||
151 | <% else %> | |
152 | ||
153 | <h3>Request SSL certificate signing</h3> | |
154 | ||
155 | <p>Use this form to request that we sign an an SSL certificate with our certificate authority. Give the location of your certificate request (<tt>.csr</tt> file) and key (<tt>.key</tt> file) within <tt>/afs/hcoop.net</tt>.</p> | |
156 | ||
157 | <p>The <a href="http://wiki.hcoop.net/MemberManual/ServingWebsites/SslCert">instructions on our wiki for creating SSL certificates</a> may be helpful.</p> | |
158 | ||
159 | <form method="post"> | |
160 | <input type="hidden" name="new" value="1"> | |
161 | <table class="blanks"> | |
162 | <tr> <td>Domain:</td> <td><% @chooseDomain[] %></td> </tr> | |
163 | <tr> <td>OpenSSL request file:</td> <td><input name="req" size="60"></td> </tr> | |
164 | <tr> <td>OpenSSL key file:</td> <td><input name="key" size="60"></td> </tr> | |
165 | <tr> <td>Certificate lifetime, in days:</td> <td><input name="days" size="5" value="3650"></td></tr> | |
166 | <tr> <td>Additional comments:</td> <td><textarea name="msg" rows="5" cols="80" wrap="soft"></textarea></td> </tr> | |
167 | <tr> <td><input type="submit" value="Request"></td> </tr> | |
168 | </table> | |
169 | </form> | |
170 | ||
171 | <% end %> | |
172 | ||
173 | <% @footer[] %> |