% @header [("title", ["SSL certificate permission requests"])];
val admin = Group.inGroupName "server";
if $"new" <> "" then
val cert = $"cert";
val domain = $"domain";
val subdomain = $"subdomain";
val msg = $"msg";
if cert = "" then
%>
Please fill in a path to a certificate.
<%
elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
%>
You don't have permissions on domain <% Web.html domain %>.
<%
else
%>Are you sure you want to ask for permissions on an SSL certificate
at <% Web.html cert %>,
for domain <% Sec.fulldomain (subdomain, domain) %>?
Yes, I want to request that.<%
end
elseif $"cmd" = "request" then
val cert = $"cert";
val domain = $"domain";
val subdomain = $"subdomain";
val msg = $"msg";
if cert = "" then
%>
Please fill in a path to a certificate.
<%
elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
%>
You don't have permissions on domain <% Web.html domain %>.
<%
else
val text = "/afs/hcoop.net/common/etc/scripts/ca-install "
^ Init.getUserName () ^ " "
^ (Sec.fulldomain (subdomain, domain)) ^ " "
^ cert
val id = Cert.add (Init.getUserId (), text, msg);
if not (Cert.notifyNew id) then
%>
<% if admin then %>
[Modify][Delete]
<% end %>
<% end
elseif $"mod" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"mod");
val req = Cert.lookup id;
val user = Init.lookupUser (#usr req) %>
Handle request
<% elseif $"save" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"save");
val req = Cert.lookup id;
val oldStatus = #status req;
val newStatus = Cert.statusFromInt (Web.stoi ($"status"));
Cert.modify {req with data = $"req", msg = $"msg", status = newStatus};
if not (Cert.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then
%>
Error sending e-mail notification
<%
end
%>
Request modified
Back to: open requests, all requests
<% elseif $"del" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del");
val req = Cert.lookup id;
val user = Init.lookupUser (#usr req)
%>
Are you sure you want to delete request by <% #name user %> for <% #data req %>?
Yes, I'm sure!
<% elseif $"del2" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del2");
Cert.delete id
%>
If you need to install an intermediate certificate, please include the url to either the certificate or the CA's webpage (e.g. Gandi, StartSSL) in your additional comments.
Your certificates
<% foreach cert in Domtool.perms "cert" (Init.getUserName ()) do %>
<% cert %>
<% end %>
Your intermediate certificates
<% foreach cert in Domtool.perms "cacert" (Init.getUserName ()) do %>