-- the openssl certificates controller
module (..., package.seeall)

require("getopts")

default_action = "status"

mvc={}
mvc.pre_exec = function(self)
	if self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" then
		local verify = self.model.verifyopenssl()
		if verify.value == false then
			redirect(self)
		end
	end
end

-- Show openssl status
status = function(self)
	return self.model.getstatus()
end

-- View all pending and approved requests and revoked certificates
readall = function(self)
	local cmdresult = self.sessiondata.cmdresult
	self.sessiondata.cmdresult = nil
	local pending = self.model.listrequests()
	local approved = self.model.listcerts()
	local revoked = self.model.listrevoked()
	local result = cfe({ type="list", value={cmdresult=cmdresult, pending=pending, approved=approved, revoked=revoked} })
	return result
end

-- Return all certificates (pending, approved, and revoked) for this user
read = function(self)
	local cmdresult = self.sessiondata.cmdresult
	self.sessiondata.cmdresult = nil
	local user = cfe({ value=self.sessiondata.userinfo.userid, label="User Name" })
	local pending = self.model.listrequests(self.sessiondata.userinfo.userid)
	local approved = self.model.listcerts(self.sessiondata.userinfo.userid)
	local revoked = self.model.listrevoked()
	local result = cfe({ type="list", value={cmdresult=cmdresult, user=user, pending=pending, approved=approved, revoked=revoked} })
	return result
end

-- Form to request a new cert
request = function(self)
	local request
	if self.clientdata.Submit then
		-- Try to submit the request
		request = self.model.submitrequest(self.clientdata, self.sessiondata.userinfo.userid)
		if not request.errtxt then
			cmdresult = cfe({ value="Request submitted", label="Request result" })
			self.sessiondata.cmdresult = cmdresult
			--request.descr = "Submitted request"
			redirect(self, "read")
		end
	else
		request = self.model.getnewrequest()
	end

	request.type = "form"
	request.label = "Request Certificate"
	request.option = "Submit"

	return request
end

-- Form to edit request defaults
editdefaults = function(self)
	local defaults
	if self.clientdata.Save then
		defaults = self.model.setreqdefaults(self.clientdata)
		if not defaults.errtxt then
			defaults.descr = "Defaults set"
		end
	else
		defaults = self.model.getreqdefaults()
	end

	defaults.type = "form"
	defaults.label = "Edit certificate defaults"
	defaults.option = "Save"

	return defaults
end

-- View request details
viewrequest = function(self)
	return self.model.viewrequest(self.clientdata.request)
end

-- Approve the specified request
approve = function(self)
	local cmdresult = self.model.approverequest(self.clientdata.request)
	self.sessiondata.cmdresult = cmdresult
	redirect_to_referrer(self)
end

-- Delete the specified request
deleterequest = function(self)
	local cmdresult = self.model.deleterequest(self.clientdata.request)
	self.sessiondata.cmdresult = cmdresult
	redirect_to_referrer(self)
end

-- Delete the specified request
deletemyrequest = function(self)
	local cmdresult = self.model.deleterequest(self.clientdata.request, self.sessiondata.userinfo.userid)
	self.sessiondata.cmdresult = cmdresult
	redirect_to_referrer(self)
end

-- View certificate details
viewcert = function(self)
	return self.model.viewcert(self.clientdata.cert)
end

-- Get the specified cert
getcert = function(self)
	self.conf.viewtype="stream"
	return self.model.getcert(self.clientdata.cert)
end

-- Revoke the specified cert
revoke = function(self)
	local cmdresult = self.model.revokecert(self.clientdata.cert)
	self.sessiondata.cmdresult = cmdresult
	redirect_to_referrer(self)
end

-- Delete the specified certificate
deletecert = function(self)
	local cmdresult = self.model.deletecert(self.clientdata.cert)
	self.sessiondata.cmdresult = cmdresult
	redirect_to_referrer(self)
end

-- Get the revoked list
getrevoked = function(self)
	self.conf.viewtype="stream"
	return self.model.getcrl(self.clientdata.crltype)
end

-- Put the CA cert
-- FIXME this won't work because haserl doesn't support file upload.  Untested
putcacert = function(self)
	local retval = self.model.putca(self.clientdata.ca, self.clientdata.password, self.clientdata.Upload)
	retval.type = "form"
	retval.option = "Upload"
	retval.label = "Upload CA Certificate"
	return retval
end

editconfigfile = function(self)
	local saved = false
	if self.clientdata.Save then
		saved = self.model.setconfigfile(self.clientdata.filecontent)
	end
	local configfile = self.model.getconfigfile()
	configfile.type = "form"
	configfile.option = "Save"
	configfile.label = "Edit config file"
	if saved then
		configfile.descr = "Saved config file"
	elseif self.clientdata.Save then
		configfile.errtxt = "Failed to save config file"
	end
	return configfile
end