Commit | Line | Data |
---|---|---|
95a4653e AC |
1 | <% @header [("title", ["SSL certificate permission requests"])]; |
2 | ||
3 | val admin = Group.inGroupName "server"; | |
4 | ||
5 | if $"new" <> "" then | |
eafe3d52 AC |
6 | val cert = $"cert"; |
7 | val domain = $"domain"; | |
b5001e8f | 8 | val subdomain = $"subdomain"; |
eafe3d52 AC |
9 | val msg = $"msg"; |
10 | ||
11 | if cert = "" then | |
12 | %><h3>Please fill in a path to a certificate.</h3><% | |
13 | elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then | |
14 | %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><% | |
15 | else | |
16 | %>Are you sure you want to ask for permissions on an SSL certificate | |
b5001e8f | 17 | <ul> |
eafe3d52 | 18 | <li> at <tt><% Web.html cert %></tt>,</li> |
b5001e8f CE |
19 | <li> for domain <tt><% Sec.fulldomain (subdomain, domain) %></tt>?</li> |
20 | </ul> | |
21 | <a href="?cmd=request&cert=<% Web.html cert %>&domain=<% Web.html domain %>&subdomain=<% Web.html subdomain %>&msg=<% Web.urlEncode msg %>">Yes, I want to request that.</a><% | |
eafe3d52 | 22 | end |
95a4653e | 23 | elseif $"cmd" = "request" then |
eafe3d52 AC |
24 | val cert = $"cert"; |
25 | val domain = $"domain"; | |
b5001e8f | 26 | val subdomain = $"subdomain"; |
eafe3d52 AC |
27 | val msg = $"msg"; |
28 | ||
29 | if cert = "" then | |
30 | %><h3>Please fill in a path to a certificate.</h3><% | |
31 | elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then | |
32 | %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><% | |
33 | else | |
34 | val text = "/afs/hcoop.net/common/etc/scripts/ca-install " | |
35 | ^ Init.getUserName () ^ " " | |
b5001e8f | 36 | ^ (Sec.fulldomain (subdomain, domain)) ^ " " |
eafe3d52 AC |
37 | ^ cert |
38 | ||
39 | val id = Cert.add (Init.getUserId (), text, msg); | |
40 | if not (Cert.notifyNew id) then | |
41 | %><h3>Error sending e-mail notification</h3><% | |
42 | end | |
43 | %><h3>Request added</h3><% | |
44 | end | |
95a4653e AC |
45 | elseif $"cmd" = "open" then |
46 | %><h3>Open requests</h3> | |
eafe3d52 | 47 | <a href="?cmd=list">List all requests</a><% |
95a4653e AC |
48 | |
49 | foreach (name, req) in Cert.listOpen () do %> | |
50 | <br><hr><br> | |
51 | <table class="blanks"> | |
52 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
6b8b767b | 53 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> |
eafe3d52 | 54 | <tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr> |
95a4653e AC |
55 | <tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr> |
56 | </table> | |
57 | ||
58 | <% if admin then %> | |
59 | <br> | |
eafe3d52 AC |
60 | <a href="?mod=<% #id req %>">[Modify]</a> |
61 | <a href="?del=<% #id req %>">[Delete]</a><br> | |
95a4653e AC |
62 | <% end %> |
63 | ||
64 | <% end | |
65 | ||
66 | elseif $"cmd" = "list" then | |
67 | %><h3>All requests</h3><% | |
68 | ||
69 | foreach (name, req) in Cert.list () do %> | |
70 | <br><hr><br> | |
71 | <table class="blanks"> | |
72 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
6b8b767b | 73 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> |
eafe3d52 | 74 | <tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr> |
95a4653e AC |
75 | <tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr> |
76 | </table> | |
77 | ||
78 | <% if admin then %> | |
79 | <br> | |
eafe3d52 AC |
80 | <a href="?mod=<% #id req %>">[Modify]</a> |
81 | <a href="?del=<% #id req %>">[Delete]</a> | |
95a4653e AC |
82 | <% end %> |
83 | ||
84 | <% end | |
85 | ||
86 | elseif $"mod" <> "" then | |
87 | Group.requireGroupName "server"; | |
88 | val id = Web.stoi ($"mod"); | |
89 | val req = Cert.lookup id; | |
90 | val user = Init.lookupUser (#usr req) %> | |
91 | <h3>Handle request</h3> | |
92 | ||
93 | <form method="post"> | |
94 | <input type="hidden" name="save" value="<% id %>"> | |
95 | <table class="blanks"> | |
96 | <tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr> | |
6b8b767b | 97 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> |
95a4653e AC |
98 | <tr> <td>Status:</td> <td><select name="status"> |
99 | <option value="0"<% if #status req = Cert.NEW then %> selected<% end %>>New</option> | |
100 | <option value="1"<% if #status req = Cert.INSTALLED then %> selected<% end %>>Installed</option> | |
101 | <option value="2"<% if #status req = Cert.REJECTED then %> selected<% end %>>Rejected</option> | |
102 | </select></td> </tr> | |
103 | <tr> <td>Request:</td> <td><input name="req" size="60" value="<% Web.html (#data req) %>"></td> </tr> | |
104 | <tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr> | |
105 | <tr> <td><input type="submit" value="Save"></td> </tr> | |
106 | </table> | |
107 | </form> | |
108 | ||
109 | <% elseif $"save" <> "" then | |
110 | Group.requireGroupName "server"; | |
111 | val id = Web.stoi ($"save"); | |
112 | val req = Cert.lookup id; | |
113 | val oldStatus = #status req; | |
114 | val newStatus = Cert.statusFromInt (Web.stoi ($"status")); | |
115 | Cert.modify {req with data = $"req", msg = $"msg", status = newStatus}; | |
8812fb4d AC |
116 | if not (Cert.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then |
117 | %><h3>Error sending e-mail notification</h3><% | |
95a4653e AC |
118 | end |
119 | %><h3>Request modified</h3> | |
eafe3d52 | 120 | Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a> |
95a4653e AC |
121 | |
122 | <% elseif $"del" <> "" then | |
123 | Group.requireGroupName "server"; | |
124 | val id = Web.stoi ($"del"); | |
125 | val req = Cert.lookup id; | |
126 | val user = Init.lookupUser (#usr req) | |
127 | %><h3>Are you sure you want to delete request by <% #name user %> for <tt><% #data req %></tt>?</h3> | |
eafe3d52 | 128 | <a href="?del2=<% id %>">Yes, I'm sure!</a> |
95a4653e AC |
129 | |
130 | <% elseif $"del2" <> "" then | |
131 | Group.requireGroupName "server"; | |
132 | val id = Web.stoi ($"del2"); | |
133 | Cert.delete id | |
134 | %><h3>Request deleted</b><h3> | |
eafe3d52 | 135 | Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a> |
95a4653e AC |
136 | |
137 | <% else %> | |
138 | ||
eafe3d52 | 139 | <h3>Request installation of an SSL certificate</h3> |
f986e0f2 | 140 | |
eafe3d52 | 141 | <p>Use this form to request Domtool permissions to use an SSL certificate. Give the location of your certificate/key (<tt>.pem</tt>) file within <tt>/afs/hcoop.net</tt>.</p> |
f986e0f2 | 142 | |
090e5fb2 | 143 | <p>The <a href="http://wiki.hcoop.net/MemberManual/ServingWebsites/SslCert">instructions on our wiki for creating SSL certificates</a> may be helpful.</p> |
acd6676c | 144 | |
2d53edb7 | 145 | <p>If you need to install <strong>intermediate certificates</strong>, please include the intermediate certificate chain in the combined <tt>pem</tt> file after the private key.</p> |
b5001e8f | 146 | |
95a4653e AC |
147 | <form method="post"> |
148 | <input type="hidden" name="new" value="1"> | |
149 | <table class="blanks"> | |
b5001e8f CE |
150 | <tr> <td>Subdomain <span style="font-size: smaller">(optional)</span>:</td> <td><input name="subdomain" /></td></tr> |
151 | <tr> <td>Domain:</td> <td><% @chooseDomain [] %></td> </tr> | |
10e55875 | 152 | <tr> <td>OpenSSL certificate:</td> <td><input name="cert" size="60" required="required" value="<% Quotas.path ("user." ^ Init.getUserName ()) ^ "/certificates/" %>" ></td> </tr> |
95a4653e AC |
153 | <tr> <td>Additional comments:</td> <td><textarea name="msg" rows="5" cols="80" wrap="soft"></textarea></td> </tr> |
154 | <tr> <td><input type="submit" value="Request"></td> </tr> | |
155 | </table> | |
156 | </form> | |
157 | ||
b5001e8f CE |
158 | <h3>Your certificates</h3> |
159 | ||
160 | <ul> | |
161 | <% foreach cert in Domtool.perms "cert" (Init.getUserName ()) do %> | |
162 | <li><tt><% cert %></tt></li> | |
163 | <% end %> | |
164 | </ul> | |
165 | ||
166 | <h3>Your intermediate certificates</h3> | |
167 | ||
168 | <ul> | |
169 | <% foreach cert in Domtool.perms "cacert" (Init.getUserName ()) do %> | |
170 | <li><tt><% cert %></tt></li> | |
171 | <% end %> | |
172 | </ul> | |
173 | ||
95a4653e AC |
174 | <% end %> |
175 | ||
176 | <% @footer[] %> |