[hcoop/portal.git] / sign.mlt

<% @header [("title", ["SSL certificate signing requests"])];

val admin = Group.inGroupName "server";

if $"new" <> "" then
   val req = $"req";
   val key = $"key";
   val days = Web.stoi ($"days");
   val domain = $"domain";
   val msg = $"msg";

   if req = "" then
      %><h3>Please fill in a path to a certificate request.</h3><%
   elseif key = "" then
      %><h3>Please fill in a path to a key.</h3><%
   elseif days <= 0 then
      %><h3>Please give a positive number of days for the certificate to live.</h3><%
   elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
      %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><%
   else
      %>Are you sure you want to ask for permissions on an SSL certificate
      <li> with request <tt><% Web.html req %></tt>,</li>
      <li> with key <tt><% Web.html key %></tt>,</li>
      <li> for domain <tt><% domain %></tt>,</li>
      <li> lasting <% days %> days?</li>
      <a href="?cmd=request&req=<% Web.html req %>&key=<% Web.html key %>&days=<% days %>&domain=<% Web.html domain %>&msg=<% Web.urlEncode msg %>">Yes, I want to request that.</a><%
   end
elseif $"cmd" = "request" then
   val req = $"req";
   val key = $"key";
   val days = Web.stoi ($"days");
   val domain = $"domain";
   val msg = $"msg";

   if req = "" then
      %><h3>Please fill in a path to a certificate request.</h3><%
   elseif key = "" then
      %><h3>Please fill in a path to a key.</h3><%
   elseif days <= 0 then
      %><h3>Please give a positive number of days for the certificate to live.</h3><%
   elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
      %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><%
   else
     val gen = req;

     val text = "/afs/hcoop.net/common/etc/scripts/ca-sign "
       ^ Int.toString days ^ " "
       ^ req ^ " "
       ^ key ^ " "
       ^ gen ^ " "
       ^ domain;

     val id = Sign.add (Init.getUserId (), text, msg);
     if not (Sign.notifyNew id) then
	%><h3>Error sending e-mail notification</h3><%
     end
     %><h3>Request added</h3><%
  end
elseif $"cmd" = "open" then
	%><h3>Open requests</h3>
	<a href="?cmd=list">List all requests</a><%

	foreach (name, req) in Sign.listOpen () do %>
<br><hr><br>
<table class="blanks">
<tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr>
<tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr>
<tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr>
<tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr>
</table>

<% if admin then %>
	<br>
	<a href="?mod=<% #id req %>">[Modify]</a>
	<a href="?del=<% #id req %>">[Delete]</a><br>
<% end %>

<%	end

elseif $"cmd" = "list" then
	%><h3>All requests</h3><%

	foreach (name, req) in Sign.list () do %>
<br><hr><br>
<table class="blanks">
<tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr>
<tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr>
<tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr>
<tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr>
</table>

<% if admin then %>
	<br>
	<a href="?mod=<% #id req %>">[Modify]</a>
	<a href="?del=<% #id req %>">[Delete]</a>
<% end %>

<%	end

elseif $"mod" <> "" then
	Group.requireGroupName "server";
	val id = Web.stoi ($"mod");
	val req = Sign.lookup id;
	val user = Init.lookupUser (#usr req) %>
<h3>Handle request</h3>

<form method="post">
<input type="hidden" name="save" value="<% id %>">
<table class="blanks">
<tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr>
<tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr>
<tr> <td>Status:</td> <td><select name="status">
	<option value="0"<% if #status req = Sign.NEW then %> selected<% end %>>New</option>
	<option value="1"<% if #status req = Sign.INSTALLED then %> selected<% end %>>Installed</option>
	<option value="2"<% if #status req = Sign.REJECTED then %> selected<% end %>>Rejected</option>
</select></td> </tr>
<tr> <td>Request:</td> <td><input name="req" size="60" value="<% Web.html (#data req) %>"></td> </tr>
<tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr>
<tr> <td><input type="submit" value="Save"></td> </tr>
</table>
</form>

<% elseif $"save" <> "" then
	Group.requireGroupName "server";
	val id = Web.stoi ($"save");
	val req = Sign.lookup id;
	val oldStatus = #status req;
	val newStatus = Sign.statusFromInt (Web.stoi ($"status"));
	Sign.modify {req with data = $"req", msg = $"msg", status = newStatus};
	if not (Sign.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then
		%><h3>Error sending e-mail notification</h3><%
	end
	%><h3>Request modified</h3>
	Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a>

<% elseif $"del" <> "" then
	Group.requireGroupName "server";
	val id = Web.stoi ($"del");
	val req = Sign.lookup id;
	val user = Init.lookupUser (#usr req)
	%><h3>Are you sure you want to delete request by <% #name user %> for <tt><% #data req %></tt>?</h3>
	<a href="?del2=<% id %>">Yes, I'm sure!</a>

<% elseif $"del2" <> "" then
	Group.requireGroupName "server";
	val id = Web.stoi ($"del2");
	Sign.delete id
	%><h3>Request deleted</b><h3>
	Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a>

<% else %>

<h3>Request SSL certificate signing</h3>

<p>Use this form to request that we sign an an SSL certificate with our certificate authority.  Give the location of your certificate request (<tt>.csr</tt> file) and key (<tt>.key</tt> file) within <tt>/afs/hcoop.net</tt>.</p>

<p>The <a href="http://wiki.hcoop.net/MemberManual/ServingWebsites/SslCert">instructions on our wiki for creating SSL certificates</a> may be helpful.</p>

<form method="post">
<input type="hidden" name="new" value="1">
<table class="blanks">
<tr> <td>Domain:</td> <td><% @chooseDomain[] %></td> </tr>
<tr> <td>OpenSSL request file:</td> <td><input name="req" size="60"></td> </tr>
<tr> <td>OpenSSL key file:</td> <td><input name="key" size="60"></td> </tr>
<tr> <td>Certificate lifetime, in days:</td> <td><input name="days" size="5" value="3650"></td></tr>
<tr> <td>Additional comments:</td> <td><textarea name="msg" rows="5" cols="80" wrap="soft"></textarea></td> </tr>
<tr> <td><input type="submit" value="Request"></td> </tr>
</table>
</form>

<% end %>

<% @footer[] %>
Commit	Line	Data
eafe3d52 AC	1	<% @header [("title", ["SSL certificate signing requests"])];
	2
	3	val admin = Group.inGroupName "server";
	4
	5	if $"new" <> "" then
	6	val req = $"req";
	7	val key = $"key";
	8	val days = Web.stoi ($"days");
	9	val domain = $"domain";
	10	val msg = $"msg";
	11
	12	if req = "" then
	13	%><h3>Please fill in a path to a certificate request.</h3><%
	14	elseif key = "" then
	15	%><h3>Please fill in a path to a key.</h3><%
	16	elseif days <= 0 then
	17	%><h3>Please give a positive number of days for the certificate to live.</h3><%
	18	elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
	19	%><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><%
	20	else
	21	%>Are you sure you want to ask for permissions on an SSL certificate
	22	<li> with request <tt><% Web.html req %></tt>,</li>
	23	<li> with key <tt><% Web.html key %></tt>,</li>
	24	<li> for domain <tt><% domain %></tt>,</li>
	25	<li> lasting <% days %> days?</li>
	26	<a href="?cmd=request&req=<% Web.html req %>&key=<% Web.html key %>&days=<% days %>&domain=<% Web.html domain %>&msg=<% Web.urlEncode msg %>">Yes, I want to request that.</a><%
	27	end
	28	elseif $"cmd" = "request" then
	29	val req = $"req";
	30	val key = $"key";
	31	val days = Web.stoi ($"days");
	32	val domain = $"domain";
	33	val msg = $"msg";
	34
	35	if req = "" then
	36	%><h3>Please fill in a path to a certificate request.</h3><%
	37	elseif key = "" then
	38	%><h3>Please fill in a path to a key.</h3><%
	39	elseif days <= 0 then
	40	%><h3>Please give a positive number of days for the certificate to live.</h3><%
	41	elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
	42	%><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><%
	43	else
	44	val gen = req;
	45
	46	val text = "/afs/hcoop.net/common/etc/scripts/ca-sign "
	47	^ Int.toString days ^ " "
	48	^ req ^ " "
	49	^ key ^ " "
	50	^ gen ^ " "
	51	^ domain;
	52
	53	val id = Sign.add (Init.getUserId (), text, msg);
	54	if not (Sign.notifyNew id) then
	55	%><h3>Error sending e-mail notification</h3><%
	56	end
	57	%><h3>Request added</h3><%
	58	end
	59	elseif $"cmd" = "open" then
	60	%><h3>Open requests</h3>
	61	<a href="?cmd=list">List all requests</a><%
	62
	63	foreach (name, req) in Sign.listOpen () do %>
	64	<br><hr><br>
65	<table class="blanks">
66	<tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr>
67	<tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr>
68	<tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr>
69	<tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr>
70	</table>
71
72	<% if admin then %>
73	<br>
74	<a href="?mod=<% #id req %>">[Modify]</a>
75	<a href="?del=<% #id req %>">[Delete]</a><br>
76	<% end %>
77
78	<% end
79
80	elseif $"cmd" = "list" then
81	%><h3>All requests</h3><%
82
83	foreach (name, req) in Sign.list () do %>
84	<br><hr><br>
85	<table class="blanks">
86	<tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr>
87	<tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr>
88	<tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr>
89	<tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr>
90	</table>
91
92	<% if admin then %>
93	<br>
94	<a href="?mod=<% #id req %>">[Modify]</a>
95	<a href="?del=<% #id req %>">[Delete]</a>
96	<% end %>
97
98	<% end
99
100	elseif $"mod" <> "" then
101	Group.requireGroupName "server";
102	val id = Web.stoi ($"mod");
103	val req = Sign.lookup id;
104	val user = Init.lookupUser (#usr req) %>
105	<h3>Handle request</h3>
106
107	<form method="post">
108	<input type="hidden" name="save" value="<% id %>">
109	<table class="blanks">
110	<tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr>
111	<tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr>
112	<tr> <td>Status:</td> <td><select name="status">
113	<option value="0"<% if #status req = Sign.NEW then %> selected<% end %>>New</option>
114	<option value="1"<% if #status req = Sign.INSTALLED then %> selected<% end %>>Installed</option>
115	<option value="2"<% if #status req = Sign.REJECTED then %> selected<% end %>>Rejected</option>
116	</select></td> </tr>
117	<tr> <td>Request:</td> <td><input name="req" size="60" value="<% Web.html (#data req) %>"></td> </tr>
118	<tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr>
119	<tr> <td><input type="submit" value="Save"></td> </tr>
120	</table>
121	</form>
122
123	<% elseif $"save" <> "" then
124	Group.requireGroupName "server";
125	val id = Web.stoi ($"save");
126	val req = Sign.lookup id;
127	val oldStatus = #status req;
128	val newStatus = Sign.statusFromInt (Web.stoi ($"status"));
129	Sign.modify {req with data = $"req", msg = $"msg", status = newStatus};
8812fb4d AC	130	if not (Sign.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then
8812fb4d AC	131	%><h3>Error sending e-mail notification</h3><%
eafe3d52 AC	132	end
	133	%><h3>Request modified</h3>
	134	Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a>
	135
	136	<% elseif $"del" <> "" then
	137	Group.requireGroupName "server";
	138	val id = Web.stoi ($"del");
	139	val req = Sign.lookup id;
	140	val user = Init.lookupUser (#usr req)
	141	%><h3>Are you sure you want to delete request by <% #name user %> for <tt><% #data req %></tt>?</h3>
	142	<a href="?del2=<% id %>">Yes, I'm sure!</a>
	143
	144	<% elseif $"del2" <> "" then
	145	Group.requireGroupName "server";
	146	val id = Web.stoi ($"del2");
	147	Sign.delete id
	148	%><h3>Request deleted</b><h3>
	149	Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a>
	150
	151	<% else %>
	152
	153	<h3>Request SSL certificate signing</h3>
	154
	155	<p>Use this form to request that we sign an an SSL certificate with our certificate authority. Give the location of your certificate request (<tt>.csr</tt> file) and key (<tt>.key</tt> file) within <tt>/afs/hcoop.net</tt>.</p>
	156
	157	<p>The <a href="http://wiki.hcoop.net/MemberManual/ServingWebsites/SslCert">instructions on our wiki for creating SSL certificates</a> may be helpful.</p>
	158
	159	<form method="post">
	160	<input type="hidden" name="new" value="1">
	161	<table class="blanks">
	162	<tr> <td>Domain:</td> <td><% @chooseDomain[] %></td> </tr>
	163	<tr> <td>OpenSSL request file:</td> <td><input name="req" size="60"></td> </tr>
	164	<tr> <td>OpenSSL key file:</td> <td><input name="key" size="60"></td> </tr>
	165	<tr> <td>Certificate lifetime, in days:</td> <td><input name="days" size="5" value="3650"></td></tr>
	166	<tr> <td>Additional comments:</td> <td><textarea name="msg" rows="5" cols="80" wrap="soft"></textarea></td> </tr>
	167	<tr> <td><input type="submit" value="Request"></td> </tr>
	168	</table>
	169	</form>
	170
	171	<% end %>
	172
	173	<% @footer[] %>