openssl-controller.lua


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

-- the openssl certificates controller
module (..., package.seeall)

default_action = "status"

local sslstatus

mvc={}
mvc.pre_exec = function(self)
	self.model.set_umask()
	sslstatus = self.model.getstatus()
	if (sslstatus.value.version.errtxt and self.conf.action ~= "status")
		or (sslstatus.value.conffile.errtxt and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "checkenvironment")
		or (sslstatus.value.environment.errtxt and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "checkenvironment")
		or ((sslstatus.value.cacert.errtxt or sslstatus.value.cakey.errtxt) and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "putcacert" and self.conf.action ~= "generatecacert" and self.conf.action ~= "checkenvironment" and self.conf.action ~= "editdefaults")
	then
		redirect(self)
	end
end

-- Show openssl status
status = function(self)
	return sslstatus
end

-- View all pending and approved requests and revoked certificates
readall = function(self)
	local pending = self.model.listrequests()
	local approved = self.model.listcerts()
	local revoked = self.model.listrevoked()
	local result = cfe({ type="list", value={pending=pending, approved=approved, revoked=revoked} })
	return result
end

-- Return all certificates (pending, approved, and revoked) for this user
read = function(self)
	local user = cfe({ value=self.sessiondata.userinfo.userid, label="User Name" })
	local pending = self.model.listrequests(self.sessiondata.userinfo.userid)
	local approved = self.model.listcerts(self.sessiondata.userinfo.userid)
	local revoked = self.model.listrevoked()
	local result = cfe({ type="list", value={user=user, pending=pending, approved=approved, revoked=revoked} })
	return result
end

-- Form to request a new cert
request = function(self)
	return self.handle_form(self, self.model.getnewrequest, function(value) return self.model.submitrequest(value, self.sessiondata.userinfo.userid) end, self.clientdata, "Submit", "Request Certificate", "Request Submitted")
end

-- Form to edit request defaults
editdefaults = function(self)
	return self.handle_form(self, self.model.getreqdefaults, self.model.setreqdefaults, self.clientdata, "Save", "Edit Certificate Defaults", "Defaults Set")
end

-- View request details
viewrequest = function(self)
	return self.model.viewrequest(self.clientdata.request)
end

-- Approve the specified request
approve = function(self)
	return self:redirect_to_referrer(self.model.approverequest(self.clientdata.request))
end

-- Delete the specified request
deleterequest = function(self)
	return self:redirect_to_referrer(self.model.deleterequest(self.clientdata.request))
end

-- Delete the specified request
deletemyrequest = function(self)
	return self:redirect_to_referrer(self.model.deleterequest(self.clientdata.request, self.sessiondata.userinfo.userid))
end

-- View certificate details
viewcert = function(self)
	return self.model.viewcert(self.clientdata.cert)
end

-- Get the specified cert
getcert = function(self)
	self.conf.viewtype="stream"
	return self.model.getcert(self.clientdata.cert)
end

-- Revoke the specified cert
revoke = function(self)
	return self:redirect_to_referrer(self.model.revokecert(self.clientdata.cert))
end

-- Delete the specified certificate
deletecert = function(self)
	return self:redirect_to_referrer(self.model.deletecert(self.clientdata.cert))
end

-- Submit request to renew the specified certificate
requestrenewcert = function(self)
	return self:redirect_to_referrer(self.model.renewcert(self.clientdata.cert))
end

-- Renew the specified certificate
renewcert = function(self)
	return self:redirect_to_referrer(self.model.renewcert(self.clientdata.cert, true))
end

-- Get the revoked list
getrevoked = function(self)
	self.conf.viewtype="stream"
	return self.model.getcrl(self.clientdata.crltype)
end

-- Put the CA cert
putcacert = function(self)
	return self.handle_form(self, self.model.getnewputca, self.model.putca, self.clientdata, "Upload", "Upload CA Certificate", "Certificate Uploaded")
end

downloadcacert = function(self)
        self.conf.viewtype="stream"
        return self.model.getca(self.clientdata.certtype)
end
		
-- Generate a self-signed CA
generatecacert = function(self)
	return self.handle_form(self, self.model.getnewcarequest, self.model.generateca, self.clientdata, "Generate", "Generate CA Certificate", "Certificate Generated")
end

editconfigfile = function(self)
	return self.handle_form(self, self.model.getconfigfile, self.model.setconfigfile, self.clientdata, "Save", "Edit Config File", "Config File Saved")
end

checkenvironment = function(self)
	local form = cfe({ type="form", value={}, label="Check Environment", option="Configure" })
	if self.clientdata.Configure then
		form.value.status = self:redirect_to_referrer(self.model.checkenvironment(self.clientdata.Configure))
	else
		form.value.status = self:redirect_to_referrer() or self.model.checkenvironment(self.clientdata.Configure)
	end
	return form
end