-- the openssl certificates controller
module (..., package.seeall)

require("controllerfunctions")

default_action = "status"

local sslstatus

mvc={}
mvc.pre_exec = function(self)
	self.model.set_umask()
	sslstatus = self.model.getstatus()
	if (sslstatus.value.version.errtxt and self.conf.action ~= "status")
		or (sslstatus.value.conffile.errtxt and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "checkenvironment")
		or (sslstatus.value.environment.errtxt and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "checkenvironment")
		or ((sslstatus.value.cacert.errtxt or sslstatus.value.cakey.errtxt) and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "putcacert" and self.conf.action ~= "generatecacert" and self.conf.action ~= "checkenvironment" and self.conf.action ~= "editdefaults")
	then
		redirect(self)
	end
end

-- Show openssl status
status = function(self)
	return sslstatus
end

-- View all pending and approved requests and revoked certificates
readall = function(self)
	local pending = self.model.listrequests()
	local approved = self.model.listcerts()
	local revoked = self.model.listrevoked()
	local result = cfe({ type="list", value={pending=pending, approved=approved, revoked=revoked} })
	return result
end

-- Return all certificates (pending, approved, and revoked) for this user
read = function(self)
	local user = cfe({ value=self.sessiondata.userinfo.userid, label="User Name" })
	local pending = self.model.listrequests(self.sessiondata.userinfo.userid)
	local approved = self.model.listcerts(self.sessiondata.userinfo.userid)
	local revoked = self.model.listrevoked()
	local result = cfe({ type="list", value={user=user, pending=pending, approved=approved, revoked=revoked} })
	return result
end

-- Form to request a new cert
request = function(self)
	return controllerfunctions.handle_form(self, self.model.getnewrequest, function(value) return self.model.submitrequest(value, self.sessiondata.userinfo.userid) end, self.clientdata, "Submit", "Request Certificate", "Request Submitted")
end

-- Form to edit request defaults
editdefaults = function(self)
	return controllerfunctions.handle_form(self, self.model.getreqdefaults, self.model.setreqdefaults, self.clientdata, "Save", "Edit Certificate Defaults", "Defaults Set")
end

-- View request details
viewrequest = function(self)
	return self.model.viewrequest(self.clientdata.request)
end

-- Approve the specified request
approve = function(self)
	return self:redirect_to_referrer(self.model.approverequest(self.clientdata.request))
end

-- Delete the specified request
deleterequest = function(self)
	return self:redirect_to_referrer(self.model.deleterequest(self.clientdata.request))
end

-- Delete the specified request
deletemyrequest = function(self)
	return self:redirect_to_referrer(self.model.deleterequest(self.clientdata.request, self.sessiondata.userinfo.userid))
end

-- View certificate details
viewcert = function(self)
	return self.model.viewcert(self.clientdata.cert)
end

-- Get the specified cert
getcert = function(self)
	self.conf.viewtype="stream"
	return self.model.getcert(self.clientdata.cert)
end

-- Revoke the specified cert
revoke = function(self)
	return self:redirect_to_referrer(self.model.revokecert(self.clientdata.cert))
end

-- Delete the specified certificate
deletecert = function(self)
	return self:redirect_to_referrer(self.model.deletecert(self.clientdata.cert))
end

-- Submit request to renew the specified certificate
requestrenewcert = function(self)
	return self:redirect_to_referrer(self.model.renewcert(self.clientdata.cert))
end

-- Renew the specified certificate
renewcert = function(self)
	return self:redirect_to_referrer(self.model.renewcert(self.clientdata.cert, true))
end

-- Get the revoked list
getrevoked = function(self)
	self.conf.viewtype="stream"
	return self.model.getcrl(self.clientdata.crltype)
end

-- Put the CA cert
putcacert = function(self)
	return controllerfunctions.handle_form(self, self.model.getnewputca, self.model.putca, self.clientdata, "Upload", "Upload CA Certificate", "Certificate Uploaded")
end

downloadpem = function(self)
        self.conf.viewtype="stream"
        return self.model.getpem(self.clientdata.dlpath)
end
		
-- Generate a self-signed CA
generatecacert = function(self)
	return controllerfunctions.handle_form(self, self.model.getnewcarequest, self.model.generateca, self.clientdata, "Generate", "Generate CA Certificate", "Certificate Generated")
end

editconfigfile = function(self)
	return controllerfunctions.handle_form(self, self.model.getconfigfile, self.model.setconfigfile, self.clientdata, "Save", "Edit Config File", "Config File Saved")
end

checkenvironment = function(self)
	local form = cfe({ type="form", value={}, label="Check Environment", option="Configure" })
	if self.clientdata.Configure then
		form.value.status = self:redirect_to_referrer(self.model.checkenvironment(self.clientdata.Configure))
	else
		form.value.status = self:redirect_to_referrer() or self.model.checkenvironment(self.clientdata.Configure)
	end
	return form
end