// Store a passed CSR to be signed
func (c Project) SaveCSR(id int, csr *models.CertificateRequest) revel.Result {
var user *models.User
if c.RenderArgs["user"] == nil {
c.Flash.Error("You must log in first")
return c.Redirect(routes.App.Index())
}
user = c.RenderArgs["user"].(*models.User)
project := c.getProject(id)
if project == nil {
c.Flash.Error("Unable to access project")
return c.Redirect(routes.Admin.Index())
}
project_members := c.getProjectUsers(id)
isMember := false
for _, member := range project_members {
if member.Id == user.Id {
isMember = true
}
}
if !user.IsAdmin && !isMember {
c.Flash.Error("You do not have permissions for this page")
return c.Redirect(routes.Admin.Index())
}
csr.Project = project
csr.User = user
csr.CSR = []byte(c.Params.Values["csr.CSR"][0])
cas := c.getProjectCAs(project)
for _, ca := range cas {
if csr.RequestedCAId == ca.Id {
csr.RequestedCA = ca
break
}
}
if csr.RequestedCA == nil {
c.Flash.Error("Error finding requested CA")
return c.Redirect(routes.Project.LoadCSR(id))
}
block, _ := pem.Decode(csr.CSR)
if block == nil {
c.Flash.Error("Error PEM decoding CSR")
return c.Redirect(routes.Project.LoadCSR(id))
}
parsed_csr, err := ParseCertificationRequest(block.Bytes)
if err != nil {
c.Flash.Error("Error Decoding CSR")
return c.Redirect(routes.Project.LoadCSR(id))
}
var out pkix.Name
var subject pkix.RDNSequence
if _, err := asn1.Unmarshal(parsed_csr.CertificationRequestInfo.Subject.FullBytes, &subject); err != nil {
c.Flash.Error(err.Error())
return c.Redirect(routes.Project.LoadCSR(id))
}
out.FillFromRDNSequence(&subject)
//If we get to this point we were successfully able to parse the CSR
// Save CSR to database
err = c.Txn.Insert(csr)
if err != nil {
c.Flash.Error("Error saving CSR", err.Error())
return c.Redirect(routes.Project.LoadCSR(id))
}
c.Flash.Success("Submitted CSR for signing")
return c.Redirect(routes.Project.Index(id))
}
