Modify several functions to move logic into the model and use cfes more properly for non-forms

5 files changed, 109 insertions, 95 deletions

diff --git a/openssl-controller.lua b/openssl-controller.lua
index e7af93e..994c00b 100644
--- a/openssl-controller.lua
+++ b/openssl-controller.lua
@@ -7,8 +7,7 @@ local sslstatus
 
 mymodule.mvc={}
 mymodule.mvc.pre_exec = function(self)
-	self.model.set_umask()
-	sslstatus = self.model.getstatus()
+	sslstatus = self.model.getstatus(self, self.clientdata)
 	if not self.redirect then
 		return
 	end
@@ -28,21 +27,12 @@ end
 
 -- View all pending and approved requests and revoked certificates
 mymodule.readall = function(self)
-	local pending = self.model.listrequests()
-	local approved = self.model.listcerts()
-	local revoked = self.model.listrevoked()
-	local result = cfe({ type="list", value={pending=pending, approved=approved, revoked=revoked} })
-	return result
+	return self.model.readall(self, self.clientdata)
 end
 
 -- Return all certificates (pending, approved, and revoked) for this user
 mymodule.read = function(self)
-	local user = cfe({ value=self.sessiondata.userinfo.userid, label="User Name" })
-	local pending = self.model.listrequests(self.sessiondata.userinfo.userid)
-	local approved = self.model.listcerts(self.sessiondata.userinfo.userid)
-	local revoked = self.model.listrevoked()
-	local result = cfe({ type="list", value={user=user, pending=pending, approved=approved, revoked=revoked} })
-	return result
+	return self.model.readuser(self, self.clientdata, self.sessiondata.userinfo.userid)
 end
 
 -- Form to request a new cert
@@ -57,7 +47,7 @@ end
 
 -- View request details
 mymodule.viewrequest = function(self)
-	return self.model.viewrequest(self.clientdata.request)
+	return self.model.viewrequest(self, self.clientdata)
 end
 
 -- Approve the specified request
@@ -77,7 +67,7 @@ end
 
 -- View certificate details
 mymodule.viewcert = function(self)
-	return self.model.viewcert(self.clientdata.cert)
+	return self.model.viewcert(self, self.clientdata)
 end
 
 -- Get the specified cert
diff --git a/openssl-model.lua b/openssl-model.lua
index d15c358..5dd159f 100644
--- a/openssl-model.lua
+++ b/openssl-model.lua
@@ -4,6 +4,7 @@ posix = require("posix")
 modelfunctions = require("modelfunctions")
 fs = require("acf.fs")
 format = require("acf.format")
+processinfo = require("acf.processinfo")
 validator = require("acf.validator")
 
 -- There are two options of how to allow users to specify the type of certificate they want - the request extensions
@@ -250,9 +251,74 @@ local unhashname = function(hashstring)
 	return string.char(unpack(hash))
 end
 
-mymodule.getstatus = function()
-	processinfo = require("acf.processinfo")
-	-- set the working directory once for model
+local listrequests = function(user)
+	user = user or "*"
+	local list={}
+	local files = posix.glob(openssldir..requestdir..user..".*\\.csr") or {}
+	for i,x in ipairs(files) do
+		local name = string.gsub(posix.basename(x), ".csr$", "")
+		local a,b,c = string.match(name, "([^%.]*)%.([^%.]*)%.([^%.]*)")
+		list[#list + 1] = {request=name, user=a, certtype=b, commonName=unhashname(c)}
+	end
+	return cfe({ type="list", value=list, label="List of pending requests" })
+end
+
+local listcerts = function(user)
+	user = user or "*"
+	local list={}
+	local files = posix.glob(openssldir..certdir..user..".*\\.pfx") or {}
+	-- Do this in two steps - saves forking openssl for each cert, which
+	-- speeds things up noticably for > 100 certs
+	local crtlist = {}
+	for i,x in ipairs(files) do
+		local name = string.gsub(posix.basename(x), ".pfx$", "")
+		local a,b,c,d = string.match(name, 
+			"([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
+		list[#list + 1] = {cert=name, user=a, certtype=b, 
+			commonName=unhashname(c), serial=d, enddate=enddate, 
+			daysremaining=time}
+		crtlist[#crtlist+1] = "x509 -in "..openssldir..certdir..name..".crt -noout -enddate"
+	end
+
+	local out = modelfunctions.run_executable({"openssl"}, false, table.concat(crtlist, "\n").."\nexit\n")
+	local outtab = format.string_to_table(out, "\n")
+
+	for i,x in ipairs(files) do
+		local enddate = string.match(outtab[i] or "", "notAfter=(.*)") or "Jan 1 00:00:01 1970 GMT"
+		local month, day, year = 
+			string.match(enddate, "(%a+)%s+(%d+)%s+%S+%s+(%d+)")
+		
+		local reversemonth = {Jan=1,Feb=2,Mar=3,Apr=4,May=5,Jun=6,
+					Jul=7,Aug=8,Sep=9,Oct=10,Nov=11,Dec=12}
+		local time = os.time({year=year, month=reversemonth[month], day=day})
+		if os.time() > time then
+			time = 0
+		else
+			time = (time-os.time())/86400
+		end
+		list[i].enddate = enddate
+		list[i].daysremaining = time
+	end
+
+	return cfe({ type="list", value=list, label="List of approved certificates" })
+end
+
+local listrevoked = function()
+	config = config or format.parse_ini_file(fs.read_file(openssldir..configfile) or "")
+	local databasepath = getconfigentry(config.ca.default_ca, "database")
+	local revoked = {}
+	local database = fs.read_file_as_array(databasepath) or {}
+	for x,line in ipairs(database) do
+		if string.sub(line,1,1) == "R" then
+			revoked[#revoked + 1] = string.match(line, "^%S+%s+%S+%s+%S+%s+(%S+)")
+		end
+	end
+	return cfe({ type="list", value=revoked, label="Revoked serial numbers" })
+end
+
+mymodule.getstatus = function(self, clientdata)
+	-- set the working directory and umask once for model
+	posix.umask("rw-------")
 	posix.chdir(openssldir)
 	local value,errtxt=processinfo.package_version(packagename)
 	local version = cfe({ value=value, errtxt=errtxt, label="Program version", name=packagename })
@@ -301,11 +367,6 @@ mymodule.getstatus = function()
 	return cfe({ type="group", value={version=version, conffile=conffile, environment=environment, cacert=cacert, cacertcontents=cacertcontents, cakey=cakey}, label="OpenSSL status" })
 end
 
-mymodule.set_umask = function()
-	return posix.umask("rw-------")
-end
-
-
 mymodule.getreqdefaults = function()
 	local defaults = getdefaults()
 
@@ -446,24 +507,34 @@ mymodule.submitrequest = function(defaults, user)
 	return defaults
 end
 
-mymodule.listrequests = function(user)
-	user = user or "*"
-	local list={}
-	local files = posix.glob(openssldir..requestdir..user..".*\\.csr") or {}
-	for i,x in ipairs(files) do
-		local name = string.gsub(posix.basename(x), ".csr$", "")
-		local a,b,c = string.match(name, "([^%.]*)%.([^%.]*)%.([^%.]*)")
-		list[#list + 1] = {name=name, user=a, certtype=b, commonName=unhashname(c)}
-	end
-	return cfe({ type="list", value=list, label="List of pending requests" })
+mymodule.readall = function(self, clientdata)
+	local result = cfe({ type="group", value={}, label="All Certificates" })
+	result.value.pending = listrequests()
+	result.value.approved = listcerts()
+	result.value.revoked = listrevoked()
+	return result
+end
+
+mymodule.readuser = function(self, clientdata, user)
+	local result = cfe({ type="group", value={}, label="Certificates for "..user })
+	result.value.user = cfe({ value=user, label="User Name" })
+	result.value.pending = listrequests(user)
+	result.value.approved = listcerts(user)
+	result.value.revoked = listrevoked()
+	return result
 end
 
-mymodule.viewrequest = function(request)
+mymodule.viewrequest = function(self, clientdata)
+	local retval = cfe({ type="group", value={}, label="Request" })
+	retval.value.request = cfe({ label="Request", key=true })
+        self.handle_clientdata(retval, clientdata)
+
+	local request = retval.value.request.value
 	local reqpath = openssldir..requestdir .. request
 	local cmdresult = modelfunctions.run_executable({"openssl", "req", "-in", reqpath..".csr", "-text", "-noout"})
 	local a,b,c = string.match(request, "([^%.]*)%.([^%.]*)%.([^%.]*)")
-	local request = cfe({ type="table", value={name=name, user=a, certtype=b, commonName=c, value=cmdresult}, label="Request Details" })
-	return request
+	retval.value.details = cfe({ type="table", value={request=request, user=a, certtype=b, commonName=unhashname(c), value=cmdresult}, label="Request Details" })
+	return retval
 end
 
 mymodule.getapproverequest = function(self, clientdata)
@@ -542,50 +613,16 @@ mymodule.deleterequest = function(self, delrequest, user)
 	return delrequest
 end
 
-mymodule.listcerts = function(user)
-	user = user or "*"
-	local list={}
-	local files = posix.glob(openssldir..certdir..user..".*\\.pfx") or {}
-	-- Do this in two steps - saves forking openssl for each cert, which
-	-- speeds things up noticably for > 100 certs
-	local crtlist = {}
-	for i,x in ipairs(files) do
-		local name = string.gsub(posix.basename(x), ".pfx$", "")
-		local a,b,c,d = string.match(name, 
-			"([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
-		list[#list + 1] = {name=name, user=a, certtype=b, 
-			commonName=unhashname(c), serial=d, enddate=enddate, 
-			daysremaining=time}
-		crtlist[#crtlist+1] = "x509 -in "..openssldir..certdir..name..".crt -noout -enddate"
-	end
-
-	local out = modelfunctions.run_executable({"openssl"}, false, table.concat(crtlist, "\n").."\nexit\n")
-	local outtab = format.string_to_table(out, "\n")
+mymodule.viewcert = function(self, clientdata)
+	local retval = cfe({ type="group", value={}, label="Certificate" })
+	retval.value.cert = cfe({ label="Certificate", key=true })
+        self.handle_clientdata(retval, clientdata)
 
-	for i,x in ipairs(files) do
-		local enddate = string.match(outtab[i] or "", "notAfter=(.*)") or "Jan 1 00:00:01 1970 GMT"
-		local month, day, year = 
-			string.match(enddate, "(%a+)%s+(%d+)%s+%S+%s+(%d+)")
-		
-		local reversemonth = {Jan=1,Feb=2,Mar=3,Apr=4,May=5,Jun=6,
-					Jul=7,Aug=8,Sep=9,Oct=10,Nov=11,Dec=12}
-		local time = os.time({year=year, month=reversemonth[month], day=day})
-		if os.time() > time then
-			time = 0
-		else
-			time = (time-os.time())/86400
-		end
-		list[i].enddate = enddate
-		list[i].daysremaining = time
-	end
-
-	return cfe({ type="list", value=list, label="List of approved certificates" })
-end
-
-mymodule.viewcert = function(cert)
+	local cert = retval.value.cert.value
 	local cmdresult = modelfunctions.run_executable({"openssl", "x509", "-in", openssldir..certdir..cert..".crt", "-noout", "-text"})
 	local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
-	return cfe({ type="table", value={name=name, user=a, certtype=b, commonName=c, serial=d, value=cmdresult}, label="Certificate Details" })
+	retval.value.details = cfe({ type="table", value={cert=cert, user=a, certtype=b, commonName=unhashname(c), serial=d, value=cmdresult}, label="Certificate Details" })
+	return retval
 end
 
 mymodule.getcert = function(cert)
@@ -680,19 +717,6 @@ mymodule.renewcert = function(self, recert, submit, approve)
 	return recert
 end
 
-mymodule.listrevoked = function()
-	config = config or format.parse_ini_file(fs.read_file(openssldir..configfile) or "")
-	local databasepath = getconfigentry(config.ca.default_ca, "database")
-	local revoked = {}
-	local database = fs.read_file_as_array(databasepath) or {}
-	for x,line in ipairs(database) do
-		if string.sub(line,1,1) == "R" then
-			revoked[#revoked + 1] = string.match(line, "^%S+%s+%S+%s+%S+%s+(%S+)")
-		end
-	end
-	return cfe({ type="list", value=revoked, label="Revoked serial numbers" })
-end
-
 mymodule.getcrl = function(crltype)
 	local crlfile = cfe({ type="raw", option="application/pkix-crl" })
 	modelfunctions.run_executable({"openssl", "ca", "-config", openssldir..configfile, "-gencrl", "-out", openssldir.."ca-crl.crl"})
diff --git a/openssl-read-html.lsp b/openssl-read-html.lsp
index 3f4693a..f8b96e9 100644
--- a/openssl-read-html.lsp
+++ b/openssl-read-html.lsp
@@ -49,7 +49,7 @@ local header_level = htmlviewfunctions.displaysectionstart(cfe({label="Pending c
 		<tr>
 		<td>
 		<%
-		req.value = request.name
+		req.value = request.request
 		if viewlibrary.check_permission("viewrequest") then
 			htmlviewfunctions.displayitem(cfe({type="link", value={request=req}, label="", option="View", action="viewrequest"}), page_info, -1)
 		end
@@ -114,7 +114,7 @@ end %>
 		<tr <% if cert.daysremaining < 14 then %>class='error'<% end %>>
 		<td>
 		<%
-		crt.value = cert.name
+		crt.value = cert.cert
 		if viewlibrary.check_permission("viewcert") then
 			htmlviewfunctions.displayitem(cfe({type="link", value={cert=crt}, label="", option="View", action="viewcert"}), page_info, -1)
 		end
@@ -166,7 +166,7 @@ end %>
 		<tr>
 		<td>
 		<%
-		crt.value = cert.name
+		crt.value = cert.cert
 		if viewlibrary.check_permission("viewcert") then
 			htmlviewfunctions.displayitem(cfe({type="link", value={cert=crt}, label="", option="View", action="viewcert"}), page_info, -1)
 		end
diff --git a/openssl-viewcert-html.lsp b/openssl-viewcert-html.lsp
index 0774c4e..c43dc80 100644
--- a/openssl-viewcert-html.lsp
+++ b/openssl-viewcert-html.lsp
@@ -3,5 +3,5 @@
 <% html = require("acf.html") %>
 
 <% local header_level = htmlviewfunctions.displaysectionstart(view, page_info) %>
-<pre><%= html.html_escape(view.value.value) %></pre>
+<pre><%= html.html_escape(view.value.details.value.value) %></pre>
 <% htmlviewfunctions.displaysectionend(header_level) %>
diff --git a/openssl-viewrequest-html.lsp b/openssl-viewrequest-html.lsp
index 0774c4e..c43dc80 100644
--- a/openssl-viewrequest-html.lsp
+++ b/openssl-viewrequest-html.lsp
@@ -3,5 +3,5 @@
 <% html = require("acf.html") %>
 
 <% local header_level = htmlviewfunctions.displaysectionstart(view, page_info) %>
-<pre><%= html.html_escape(view.value.value) %></pre>
+<pre><%= html.html_escape(view.value.details.value.value) %></pre>
 <% htmlviewfunctions.displaysectionend(header_level) %>