robin/waf-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

1.4.5.2

Browse Source
This commit is contained in:
unknown
2026-02-04 20:27:13 +08:00
commit 3b042d1dad
9410 changed files with 1488147 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
EdgeAdmin/internal/web/actions/default/servers/certs/acme/accounts/createPopup.go Normal file
View File

@@ -0,0 +1,101 @@
// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package accounts
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
)
type CreatePopupAction struct {
actionutils.ParentAction
}
func (this *CreatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *CreatePopupAction) RunGet(params struct {
ProviderCode string
}) {
this.Data["providerCode"] = params.ProviderCode
// 服务商列表
providersResp, err := this.RPC().ACMEProviderRPC().FindAllACMEProviders(this.AdminContext(), &pb.FindAllACMEProvidersRequest{})
if err != nil {
this.ErrorPage(err)
return
}
var providerMaps = []maps.Map{}
for _, provider := range providersResp.AcmeProviders {
providerMaps = append(providerMaps, maps.Map{
"name": provider.Name,
"code": provider.Code,
"description": provider.Description,
"requireEAB": provider.RequireEAB,
"eabDescription": provider.EabDescription,
})
}
this.Data["providers"] = providerMaps
this.Show()
}
func (this *CreatePopupAction) RunPost(params struct {
Name string
ProviderCode string
EabKid string
EabKey string
Must *actions.Must
CSRF *actionutils.CSRF
}) {
var accountId int64
defer func() {
this.CreateLogInfo(codes.ACMEProviderAccount_LogCreateACMEProviderAccount, accountId)
}()
params.Must.
Field("name", params.Name).
Require("请输入账号名称").
Field("providerCode", params.ProviderCode).
Require("请选择服务商")
providerResp, err := this.RPC().ACMEProviderRPC().FindACMEProviderWithCode(this.AdminContext(), &pb.FindACMEProviderWithCodeRequest{AcmeProviderCode: params.ProviderCode})
if err != nil {
this.ErrorPage(err)
return
}
var provider = providerResp.AcmeProvider
if provider == nil {
this.Fail("请选择服务商")
}
if provider.RequireEAB {
params.Must.
Field("eabKid", params.EabKid).
Require("请输入EAB Kid").
Field("eabKey", params.EabKey).
Require("请输入EAB HMAC Key")
}
createResp, err := this.RPC().ACMEProviderAccountRPC().CreateACMEProviderAccount(this.AdminContext(), &pb.CreateACMEProviderAccountRequest{
Name: params.Name,
ProviderCode: params.ProviderCode,
EabKid: params.EabKid,
EabKey: params.EabKey,
})
if err != nil {
this.ErrorPage(err)
return
}
accountId = createResp.AcmeProviderAccountId
this.Success()
}

27
EdgeAdmin/internal/web/actions/default/servers/certs/acme/accounts/delete.go Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package accounts
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type DeleteAction struct {
actionutils.ParentAction
}
func (this *DeleteAction) RunPost(params struct {
AccountId int64
}) {
defer this.CreateLogInfo(codes.ACMEProviderAccount_LogDeleteACMEProviderAccount, params.AccountId)
_, err := this.RPC().ACMEProviderAccountRPC().DeleteACMEProviderAccount(this.AdminContext(), &pb.DeleteACMEProviderAccountRequest{AcmeProviderAccountId: params.AccountId})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

61
EdgeAdmin/internal/web/actions/default/servers/certs/acme/accounts/index.go Normal file
View File

@@ -0,0 +1,61 @@
// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package accounts
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
)
type IndexAction struct {
actionutils.ParentAction
}
func (this *IndexAction) Init() {
this.Nav("", "", "account")
}
func (this *IndexAction) RunGet(params struct{}) {
countResp, err := this.RPC().ACMEProviderAccountRPC().CountAllEnabledACMEProviderAccounts(this.AdminContext(), &pb.CountAllEnabledACMEProviderAccountsRequest{})
if err != nil {
this.ErrorPage(err)
return
}
var count = countResp.Count
var page = this.NewPage(count)
this.Data["page"] = page.AsHTML()
accountsResp, err := this.RPC().ACMEProviderAccountRPC().ListEnabledACMEProviderAccounts(this.AdminContext(), &pb.ListEnabledACMEProviderAccountsRequest{
Offset: page.Offset,
Size: page.Size,
})
if err != nil {
this.ErrorPage(err)
return
}
var accountMaps = []maps.Map{}
for _, account := range accountsResp.AcmeProviderAccounts {
var providerMap maps.Map
if account.AcmeProvider != nil {
providerMap = maps.Map{
"name": account.AcmeProvider.Name,
"code": account.AcmeProvider.Code,
"requireEAB": account.AcmeProvider.RequireEAB,
}
}
accountMaps = append(accountMaps, maps.Map{
"id": account.Id,
"isOn": account.IsOn,
"name": account.Name,
"eabKid": account.EabKid,
"eabKey": account.EabKey,
"provider": providerMap,
})
}
this.Data["accounts"] = accountMaps
this.Show()
}

109
EdgeAdmin/internal/web/actions/default/servers/certs/acme/accounts/updatePopup.go Normal file
View File

@@ -0,0 +1,109 @@
// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package accounts
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
)
type UpdatePopupAction struct {
actionutils.ParentAction
}
func (this *UpdatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *UpdatePopupAction) RunGet(params struct {
AccountId int64
}) {
// 账号信息
accountResp, err := this.RPC().ACMEProviderAccountRPC().FindEnabledACMEProviderAccount(this.AdminContext(), &pb.FindEnabledACMEProviderAccountRequest{AcmeProviderAccountId: params.AccountId})
if err != nil {
this.ErrorPage(err)
return
}
var account = accountResp.AcmeProviderAccount
if account == nil {
this.NotFound("ACMEProviderAccount", params.AccountId)
return
}
var providerMap maps.Map
if account.AcmeProvider != nil {
providerMap = maps.Map{
"name": account.AcmeProvider.Name,
"code": account.AcmeProvider.Code,
"description": account.AcmeProvider.Description,
"eabDescription": account.AcmeProvider.EabDescription,
"requireEAB": account.AcmeProvider.RequireEAB,
}
}
this.Data["account"] = maps.Map{
"id": account.Id,
"name": account.Name,
"isOn": account.IsOn,
"providerCode": account.ProviderCode,
"eabKid": account.EabKid,
"eabKey": account.EabKey,
"provider": providerMap,
}
this.Show()
}
func (this *UpdatePopupAction) RunPost(params struct {
AccountId int64
Name string
ProviderCode string
EabKid string
EabKey string
Must *actions.Must
CSRF *actionutils.CSRF
}) {
defer this.CreateLogInfo(codes.ACMEProviderAccount_LogUpdateACMEProviderAccount, params.AccountId)
params.Must.
Field("name", params.Name).
Require("请输入账号名称").
Field("providerCode", params.ProviderCode).
Require("请选择服务商")
providerResp, err := this.RPC().ACMEProviderRPC().FindACMEProviderWithCode(this.AdminContext(), &pb.FindACMEProviderWithCodeRequest{AcmeProviderCode: params.ProviderCode})
if err != nil {
this.ErrorPage(err)
return
}
var provider = providerResp.AcmeProvider
if provider == nil {
this.Fail("请选择服务商")
}
if provider.RequireEAB {
params.Must.
Field("eabKid", params.EabKid).
Require("请输入EAB Kid").
Field("eabKey", params.EabKey).
Require("请输入EAB HMAC Key")
}
_, err = this.RPC().ACMEProviderAccountRPC().UpdateACMEProviderAccount(this.AdminContext(), &pb.UpdateACMEProviderAccountRequest{
AcmeProviderAccountId: params.AccountId,
Name: params.Name,
EabKid: params.EabKid,
EabKey: params.EabKey,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

150
EdgeAdmin/internal/web/actions/default/servers/certs/acme/create.go Normal file
View File

@@ -0,0 +1,150 @@
package acme
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/dns/domains/domainutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"strings"
)
type CreateAction struct {
actionutils.ParentAction
}
func (this *CreateAction) Init() {
this.Nav("", "", "create")
}
func (this *CreateAction) RunGet(params struct{}) {
// 证书服务商
providersResp, err := this.RPC().ACMEProviderRPC().FindAllACMEProviders(this.AdminContext(), &pb.FindAllACMEProvidersRequest{})
if err != nil {
this.ErrorPage(err)
return
}
var providerMaps = []maps.Map{}
for _, provider := range providersResp.AcmeProviders {
providerMaps = append(providerMaps, maps.Map{
"name": provider.Name,
"code": provider.Code,
})
}
this.Data["providers"] = providerMaps
// 域名解析服务商
dnsProvidersResp, err := this.RPC().DNSProviderRPC().FindAllEnabledDNSProviders(this.AdminContext(), &pb.FindAllEnabledDNSProvidersRequest{
AdminId: this.AdminId(),
UserId: 0,
})
if err != nil {
this.ErrorPage(err)
return
}
dnsProviderMaps := []maps.Map{}
for _, provider := range dnsProvidersResp.DnsProviders {
dnsProviderMaps = append(dnsProviderMaps, maps.Map{
"id": provider.Id,
"name": provider.Name,
"typeName": provider.TypeName,
})
}
this.Data["dnsProviders"] = dnsProviderMaps
this.Show()
}
func (this *CreateAction) RunPost(params struct {
PlatformUserId int64
TaskId int64
AuthType string
AcmeUserId int64
DnsProviderId int64
DnsDomain string
Domains []string
AutoRenew bool
AuthURL string
Must *actions.Must
}) {
if params.AuthType != "dns" && params.AuthType != "http" {
this.Fail("无法识别的认证方式'" + params.AuthType + "'")
}
if params.AcmeUserId <= 0 {
this.Fail("请选择一个申请证书的用户")
}
// 校验DNS相关信息
dnsDomain := strings.ToLower(params.DnsDomain)
if params.AuthType == "dns" {
if params.DnsProviderId <= 0 {
this.Fail("请选择DNS服务商")
}
if len(params.DnsDomain) == 0 {
this.Fail("请输入顶级域名")
}
if !domainutils.ValidateDomainFormat(dnsDomain) {
this.Fail("请输入正确的顶级域名")
}
}
if len(params.Domains) == 0 {
this.Fail("请输入证书域名列表")
}
var realDomains = []string{}
for _, domain := range params.Domains {
domain = strings.ToLower(domain)
if params.AuthType == "dns" { // DNS认证
if !strings.HasSuffix(domain, "."+dnsDomain) && domain != dnsDomain {
this.Fail("证书域名中的" + domain + "和顶级域名不一致")
}
} else if params.AuthType == "http" { // HTTP认证
if strings.Contains(domain, "*") {
this.Fail("在HTTP认证时域名" + domain + "不能包含通配符")
}
}
realDomains = append(realDomains, domain)
}
if params.TaskId == 0 {
createResp, err := this.RPC().ACMETaskRPC().CreateACMETask(this.AdminContext(), &pb.CreateACMETaskRequest{
UserId: params.PlatformUserId,
AuthType: params.AuthType,
AcmeUserId: params.AcmeUserId,
DnsProviderId: params.DnsProviderId,
DnsDomain: dnsDomain,
Domains: realDomains,
AutoRenew: params.AutoRenew,
AuthURL: params.AuthURL,
})
if err != nil {
this.ErrorPage(err)
return
}
params.TaskId = createResp.AcmeTaskId
defer this.CreateLogInfo(codes.ACMETask_LogCreateACMETask, createResp.AcmeTaskId)
} else {
_, err := this.RPC().ACMETaskRPC().UpdateACMETask(this.AdminContext(), &pb.UpdateACMETaskRequest{
AcmeTaskId: params.TaskId,
AcmeUserId: params.AcmeUserId,
DnsProviderId: params.DnsProviderId,
DnsDomain: dnsDomain,
Domains: realDomains,
AutoRenew: params.AutoRenew,
AuthURL: params.AuthURL,
})
if err != nil {
this.ErrorPage(err)
return
}
defer this.CreateLogInfo(codes.ACMETask_LogUpdateACMETask, params.TaskId)
}
this.Data["taskId"] = params.TaskId
this.Success()
}

25
EdgeAdmin/internal/web/actions/default/servers/certs/acme/deleteTask.go Normal file
View File

@@ -0,0 +1,25 @@
package acme
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type DeleteTaskAction struct {
actionutils.ParentAction
}
func (this *DeleteTaskAction) RunPost(params struct {
TaskId int64
}) {
defer this.CreateLogInfo(codes.ACMETask_LogDeleteACMETask, params.TaskId)
_, err := this.RPC().ACMETaskRPC().DeleteACMETask(this.AdminContext(), &pb.DeleteACMETaskRequest{AcmeTaskId: params.TaskId})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

298
EdgeAdmin/internal/web/actions/default/servers/certs/acme/index.go Normal file
View File

@@ -0,0 +1,298 @@
package acme
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
)
type IndexAction struct {
actionutils.ParentAction
}
func (this *IndexAction) Init() {
this.Nav("", "", "task")
this.SecondMenu("list")
}
func (this *IndexAction) RunGet(params struct {
UserId int64
Type string
Keyword string
UserType string
}) {
this.Data["type"] = params.Type
this.Data["keyword"] = params.Keyword
this.Data["userType"] = params.UserType
var userOnly = params.UserId > 0 || params.UserType == "user"
// 当前用户
this.Data["searchingUserId"] = params.UserId
var userMap = maps.Map{
"id": 0,
"username": "",
"fullname": "",
}
if params.UserId > 0 {
userResp, err := this.RPC().UserRPC().FindEnabledUser(this.AdminContext(), &pb.FindEnabledUserRequest{UserId: params.UserId})
if err != nil {
this.ErrorPage(err)
return
}
var user = userResp.User
if user != nil {
userMap = maps.Map{
"id": user.Id,
"username": user.Username,
"fullname": user.Fullname,
}
}
}
this.Data["user"] = userMap
var countAll int64
var countAvailable int64
var countExpired int64
var count7Days int64
var count30Days int64
// 计算数量
{
// all
resp, err := this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
UserId: params.UserId,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countAll = resp.Count
// available
resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
UserId: params.UserId,
IsAvailable: true,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countAvailable = resp.Count
// expired
resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
UserId: params.UserId,
IsExpired: true,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countExpired = resp.Count
// expire in 7 days
resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
UserId: params.UserId,
ExpiringDays: 7,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
count7Days = resp.Count
// expire in 30 days
resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
UserId: params.UserId,
ExpiringDays: 30,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
count30Days = resp.Count
}
this.Data["countAll"] = countAll
this.Data["countAvailable"] = countAvailable
this.Data["countExpired"] = countExpired
this.Data["count7Days"] = count7Days
this.Data["count30Days"] = count30Days
// 分页
var page *actionutils.Page
var tasksResp *pb.ListEnabledACMETasksResponse
var err error
switch params.Type {
case "":
page = this.NewPage(countAll)
tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
UserId: params.UserId,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "available":
page = this.NewPage(countAvailable)
tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
UserId: params.UserId,
IsAvailable: true,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "expired":
page = this.NewPage(countExpired)
tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
UserId: params.UserId,
IsExpired: true,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "7days":
page = this.NewPage(count7Days)
tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
UserId: params.UserId,
ExpiringDays: 7,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "30days":
page = this.NewPage(count30Days)
tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
UserId: params.UserId,
ExpiringDays: 30,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
default:
page = this.NewPage(countAll)
tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
UserId: params.UserId,
Keyword: params.Keyword,
UserOnly: userOnly,
Offset: page.Offset,
Size: page.Size,
})
}
if err != nil {
this.ErrorPage(err)
return
}
this.Data["page"] = page.AsHTML()
var taskMaps = []maps.Map{}
for _, task := range tasksResp.AcmeTasks {
if task.AcmeUser == nil {
continue
}
// 服务商
var providerMap maps.Map
if task.AcmeUser.AcmeProvider != nil {
providerMap = maps.Map{
"name": task.AcmeUser.AcmeProvider.Name,
"code": task.AcmeUser.AcmeProvider.Code,
}
}
// 账号
var accountMap maps.Map
if task.AcmeUser.AcmeProviderAccount != nil {
accountMap = maps.Map{
"id": task.AcmeUser.AcmeProviderAccount.Id,
"name": task.AcmeUser.AcmeProviderAccount.Name,
}
}
// DNS服务商
dnsProviderMap := maps.Map{}
if task.AuthType == "dns" && task.DnsProvider != nil {
dnsProviderMap = maps.Map{
"id": task.DnsProvider.Id,
"name": task.DnsProvider.Name,
}
}
// 证书
var certMap maps.Map = nil
if task.SslCert != nil {
certMap = maps.Map{
"id": task.SslCert.Id,
"name": task.SslCert.Name,
"beginTime": timeutil.FormatTime("Y-m-d", task.SslCert.TimeBeginAt),
"endTime": timeutil.FormatTime("Y-m-d", task.SslCert.TimeEndAt),
}
}
// 日志
var logMap maps.Map = nil
if task.LatestACMETaskLog != nil {
logMap = maps.Map{
"id": task.LatestACMETaskLog.Id,
"isOk": task.LatestACMETaskLog.IsOk,
"error": task.LatestACMETaskLog.Error,
"createdTime": timeutil.FormatTime("m-d", task.CreatedAt),
}
}
// user
userResp, err := this.RPC().ACMETaskRPC().FindACMETaskUser(this.AdminContext(), &pb.FindACMETaskUserRequest{AcmeTaskId: task.Id})
if err != nil {
this.ErrorPage(err)
return
}
var taskUserMap = maps.Map{
"id": 0,
}
if userResp.User != nil {
taskUserMap = maps.Map{
"id": userResp.User.Id,
"username": userResp.User.Username,
"fullname": userResp.User.Fullname,
}
}
taskMaps = append(taskMaps, maps.Map{
"id": task.Id,
"authType": task.AuthType,
"acmeUser": maps.Map{
"id": task.AcmeUser.Id,
"email": task.AcmeUser.Email,
"provider": providerMap,
"account": accountMap,
},
"dnsProvider": dnsProviderMap,
"dnsDomain": task.DnsDomain,
"domains": task.Domains,
"autoRenew": task.AutoRenew,
"cert": certMap,
"log": logMap,
"user": taskUserMap,
})
}
this.Data["tasks"] = taskMaps
this.Show()
}

30
EdgeAdmin/internal/web/actions/default/servers/certs/acme/run.go Normal file
View File

@@ -0,0 +1,30 @@
package acme
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type RunAction struct {
actionutils.ParentAction
}
func (this *RunAction) RunPost(params struct {
TaskId int64
}) {
defer this.CreateLogInfo(codes.ACMETask_LogRunACMETask, params.TaskId)
runResp, err := this.RPC().ACMETaskRPC().RunACMETask(this.AdminContext(), &pb.RunACMETaskRequest{AcmeTaskId: params.TaskId})
if err != nil {
this.ErrorPage(err)
return
}
if runResp.IsOk {
this.Data["certId"] = runResp.SslCertId
this.Success()
} else {
this.Fail(runResp.Error)
}
}

170
EdgeAdmin/internal/web/actions/default/servers/certs/acme/updateTaskPopup.go Normal file
View File

@@ -0,0 +1,170 @@
package acme
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/dns/domains/domainutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"strings"
)
type UpdateTaskPopupAction struct {
actionutils.ParentAction
}
func (this *UpdateTaskPopupAction) Init() {
this.Nav("", "", "")
}
func (this *UpdateTaskPopupAction) RunGet(params struct {
TaskId int64
}) {
taskResp, err := this.RPC().ACMETaskRPC().FindEnabledACMETask(this.AdminContext(), &pb.FindEnabledACMETaskRequest{AcmeTaskId: params.TaskId})
if err != nil {
this.ErrorPage(err)
return
}
var task = taskResp.AcmeTask
if task == nil {
this.NotFound("acmeTask", params.TaskId)
return
}
var dnsProviderMap maps.Map
if task.DnsProvider != nil {
dnsProviderMap = maps.Map{
"id": task.DnsProvider.Id,
}
} else {
dnsProviderMap = maps.Map{
"id": 0,
}
}
var acmeUserMap maps.Map
if task.AcmeUser != nil {
acmeUserMap = maps.Map{
"id": task.AcmeUser.Id,
}
} else {
acmeUserMap = maps.Map{
"id": 0,
}
}
this.Data["task"] = maps.Map{
"id": task.Id,
"authType": task.AuthType,
"acmeUser": acmeUserMap,
"dnsDomain": task.DnsDomain,
"domains": task.Domains,
"autoRenew": task.AutoRenew,
"isOn": task.IsOn,
"authURL": task.AuthURL,
"dnsProvider": dnsProviderMap,
}
// 域名解析服务商
providersResp, err := this.RPC().DNSProviderRPC().FindAllEnabledDNSProviders(this.AdminContext(), &pb.FindAllEnabledDNSProvidersRequest{
AdminId: this.AdminId(),
UserId: 0,
})
if err != nil {
this.ErrorPage(err)
return
}
var providerMaps = []maps.Map{}
for _, provider := range providersResp.DnsProviders {
providerMaps = append(providerMaps, maps.Map{
"id": provider.Id,
"name": provider.Name,
"typeName": provider.TypeName,
})
}
this.Data["providers"] = providerMaps
this.Show()
}
func (this *UpdateTaskPopupAction) RunPost(params struct {
TaskId int64
AuthType string
AcmeUserId int64
DnsProviderId int64
DnsDomain string
DomainsJSON []byte
AutoRenew bool
AuthURL string
Must *actions.Must
CSRF *actionutils.CSRF
}) {
defer this.CreateLogInfo(codes.ACMETask_LogUpdateACMETask, params.TaskId)
if params.AuthType != "dns" && params.AuthType != "http" {
this.Fail("无法识别的认证方式'" + params.AuthType + "'")
}
if params.AcmeUserId <= 0 {
this.Fail("请选择一个申请证书的用户")
}
dnsDomain := strings.ToLower(params.DnsDomain)
if params.AuthType == "dns" {
if params.DnsProviderId <= 0 {
this.Fail("请选择DNS服务商")
}
if len(params.DnsDomain) == 0 {
this.Fail("请输入顶级域名")
}
if !domainutils.ValidateDomainFormat(dnsDomain) {
this.Fail("请输入正确的顶级域名")
}
}
var domains = []string{}
if len(params.DomainsJSON) > 0 {
err := json.Unmarshal(params.DomainsJSON, &domains)
if err != nil {
this.Fail("解析域名数据失败:" + err.Error())
return
}
}
if len(domains) == 0 {
this.Fail("请输入证书域名列表")
}
var realDomains = []string{}
for _, domain := range domains {
domain = strings.ToLower(domain)
if params.AuthType == "dns" {
if !strings.HasSuffix(domain, "."+dnsDomain) && domain != dnsDomain {
this.Fail("证书域名中的" + domain + "和顶级域名不一致")
}
} else if params.AuthType == "http" { // HTTP认证
if strings.Contains(domain, "*") {
this.Fail("在HTTP认证时域名" + domain + "不能包含通配符")
}
}
realDomains = append(realDomains, domain)
}
_, err := this.RPC().ACMETaskRPC().UpdateACMETask(this.AdminContext(), &pb.UpdateACMETaskRequest{
AcmeTaskId: params.TaskId,
AcmeUserId: params.AcmeUserId,
DnsProviderId: params.DnsProviderId,
DnsDomain: dnsDomain,
Domains: realDomains,
AutoRenew: params.AutoRenew,
AuthURL: params.AuthURL,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

44
EdgeAdmin/internal/web/actions/default/servers/certs/acme/userOptions.go Normal file
View File

@@ -0,0 +1,44 @@
// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
package acme
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
)
type UserOptionsAction struct {
actionutils.ParentAction
}
func (this *UserOptionsAction) RunPost(params struct {
PlatformUserId int64
}) {
// 获取所有可用的用户
usersResp, err := this.RPC().ACMEUserRPC().FindAllACMEUsers(this.AdminContext(), &pb.FindAllACMEUsersRequest{
AdminId: 0,
UserId: params.PlatformUserId,
})
if err != nil {
this.ErrorPage(err)
return
}
var userMaps = []maps.Map{}
for _, user := range usersResp.AcmeUsers {
description := user.Description
if len(description) > 0 {
description = "" + description + ""
}
userMaps = append(userMaps, maps.Map{
"id": user.Id,
"description": description,
"email": user.Email,
"providerCode": user.AcmeProviderCode,
})
}
this.Data["users"] = userMaps
this.Success()
}

33
EdgeAdmin/internal/web/actions/default/servers/certs/acme/users/accountsWithCode.go Normal file
View File

@@ -0,0 +1,33 @@
// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package users
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
)
type AccountsWithCodeAction struct {
actionutils.ParentAction
}
func (this *AccountsWithCodeAction) RunPost(params struct {
Code string
}) {
accountsResp, err := this.RPC().ACMEProviderAccountRPC().FindAllACMEProviderAccountsWithProviderCode(this.AdminContext(), &pb.FindAllACMEProviderAccountsWithProviderCodeRequest{AcmeProviderCode: params.Code})
if err != nil {
this.ErrorPage(err)
return
}
var accountMaps = []maps.Map{}
for _, account := range accountsResp.AcmeProviderAccounts {
accountMaps = append(accountMaps, maps.Map{
"id": account.Id,
"name": account.Name,
})
}
this.Data["accounts"] = accountMaps
this.Success()
}

133
EdgeAdmin/internal/web/actions/default/servers/certs/acme/users/createPopup.go Normal file
View File

@@ -0,0 +1,133 @@
package users
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
)
type CreatePopupAction struct {
actionutils.ParentAction
}
func (this *CreatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *CreatePopupAction) RunGet(params struct {
PlatformUserId int64
ProviderCode string
}) {
this.Data["platformUserId"] = params.PlatformUserId
this.Data["providerCode"] = params.ProviderCode
// 平台用户信息
this.Data["platformUser"] = nil
if params.PlatformUserId > 0 {
platformUserResp, err := this.RPC().UserRPC().FindEnabledUser(this.AdminContext(), &pb.FindEnabledUserRequest{UserId: params.PlatformUserId})
if err != nil {
this.ErrorPage(err)
return
}
var platformUser = platformUserResp.User
if platformUser != nil {
this.Data["platformUser"] = maps.Map{
"id": platformUser.Id,
"username": platformUser.Username,
"fullname": platformUser.Fullname,
}
}
}
// 服务商
providersResp, err := this.RPC().ACMEProviderRPC().FindAllACMEProviders(this.AdminContext(), &pb.FindAllACMEProvidersRequest{})
if err != nil {
this.ErrorPage(err)
return
}
var providerMaps = []maps.Map{}
for _, provider := range providersResp.AcmeProviders {
providerMaps = append(providerMaps, maps.Map{
"code": provider.Code,
"name": provider.Name,
"requireEAB": provider.RequireEAB,
})
}
this.Data["providers"] = providerMaps
this.Show()
}
func (this *CreatePopupAction) RunPost(params struct {
PlatformUserId int64
Email string
ProviderCode string
AccountId int64
Description string
Must *actions.Must
CSRF *actionutils.CSRF
}) {
params.Must.
Field("email", params.Email).
Require("请输入邮箱").
Email("请输入正确的邮箱格式").
Field("providerCode", params.ProviderCode).
Require("请选择所属服务商")
providerResp, err := this.RPC().ACMEProviderRPC().FindACMEProviderWithCode(this.AdminContext(), &pb.FindACMEProviderWithCodeRequest{
AcmeProviderCode: params.ProviderCode,
})
if err != nil {
this.ErrorPage(err)
return
}
if providerResp.AcmeProvider == nil {
this.Fail("找不到要选择的证书")
}
if providerResp.AcmeProvider.RequireEAB {
if params.AccountId <= 0 {
this.Fail("此服务商要求必须选择或创建服务商账号")
}
// 同一个账号只能有一个用户
countResp, err := this.RPC().ACMEUserRPC().
CountACMEUsers(this.AdminContext(), &pb.CountAcmeUsersRequest{
AcmeProviderAccountId: params.AccountId,
})
if err != nil {
this.ErrorPage(err)
return
}
if countResp.Count > 0 {
this.Fail("此服务商账号已被别的用户使用,请换成别的账号")
}
}
createResp, err := this.RPC().ACMEUserRPC().CreateACMEUser(this.AdminContext(), &pb.CreateACMEUserRequest{
UserId: params.PlatformUserId,
Email: params.Email,
Description: params.Description,
AcmeProviderCode: params.ProviderCode,
AcmeProviderAccountId: params.AccountId,
})
if err != nil {
this.ErrorPage(err)
return
}
// 返回数据
this.Data["acmeUser"] = maps.Map{
"id": createResp.AcmeUserId,
"description": params.Description,
"email": params.Email,
"providerCode": params.ProviderCode,
}
// 日志
defer this.CreateLogInfo(codes.ACMEUser_LogCreateACMEUser, createResp.AcmeUserId)
this.Success()
}

34
EdgeAdmin/internal/web/actions/default/servers/certs/acme/users/delete.go Normal file
View File

@@ -0,0 +1,34 @@
package users
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type DeleteAction struct {
actionutils.ParentAction
}
func (this *DeleteAction) RunPost(params struct {
UserId int64
}) {
defer this.CreateLogInfo(codes.ACMEUser_LogDeleteACMEUser, params.UserId)
countResp, err := this.RPC().ACMETaskRPC().CountAllEnabledACMETasksWithACMEUserId(this.AdminContext(), &pb.CountAllEnabledACMETasksWithACMEUserIdRequest{AcmeUserId: params.UserId})
if err != nil {
this.ErrorPage(err)
return
}
if countResp.Count > 0 {
this.Fail("有任务正在和这个用户关联,所以不能删除")
}
_, err = this.RPC().ACMEUserRPC().DeleteACMEUser(this.AdminContext(), &pb.DeleteACMEUserRequest{AcmeUserId: params.UserId})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

73
EdgeAdmin/internal/web/actions/default/servers/certs/acme/users/index.go Normal file
View File

@@ -0,0 +1,73 @@
package users
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
)
type IndexAction struct {
actionutils.ParentAction
}
func (this *IndexAction) Init() {
this.Nav("", "", "user")
}
func (this *IndexAction) RunGet(params struct{}) {
countResp, err := this.RPC().ACMEUserRPC().CountACMEUsers(this.AdminContext(), &pb.CountAcmeUsersRequest{
AdminId: this.AdminId(),
UserId: 0,
})
if err != nil {
this.ErrorPage(err)
return
}
count := countResp.Count
page := this.NewPage(count)
this.Data["page"] = page.AsHTML()
usersResp, err := this.RPC().ACMEUserRPC().ListACMEUsers(this.AdminContext(), &pb.ListACMEUsersRequest{
AdminId: this.AdminId(),
UserId: 0,
Offset: page.Offset,
Size: page.Size,
})
if err != nil {
this.ErrorPage(err)
return
}
userMaps := []maps.Map{}
for _, user := range usersResp.AcmeUsers {
// 服务商
var providerMap maps.Map
if user.AcmeProvider != nil {
providerMap = maps.Map{
"name": user.AcmeProvider.Name,
"code": user.AcmeProvider.Code,
}
}
// 账号
var accountMap maps.Map
if user.AcmeProviderAccount != nil {
accountMap = maps.Map{
"id": user.AcmeProviderAccount.Id,
"name": user.AcmeProviderAccount.Name,
}
}
userMaps = append(userMaps, maps.Map{
"id": user.Id,
"email": user.Email,
"description": user.Description,
"createdTime": timeutil.FormatTime("Y-m-d H:i:s", user.CreatedAt),
"provider": providerMap,
"account": accountMap,
})
}
this.Data["users"] = userMaps
this.Show()
}

15
EdgeAdmin/internal/web/actions/default/servers/certs/acme/users/selectPopup.go Normal file
View File

@@ -0,0 +1,15 @@
package users
import "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
type SelectPopupAction struct {
actionutils.ParentAction
}
func (this *SelectPopupAction) Init() {
this.Nav("", "", "")
}
func (this *SelectPopupAction) RunGet(params struct{}) {
this.Show()
}

81
EdgeAdmin/internal/web/actions/default/servers/certs/acme/users/updatePopup.go Normal file
View File

@@ -0,0 +1,81 @@
package users
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
)
type UpdatePopupAction struct {
actionutils.ParentAction
}
func (this *UpdatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *UpdatePopupAction) RunGet(params struct {
UserId int64
}) {
userResp, err := this.RPC().ACMEUserRPC().FindEnabledACMEUser(this.AdminContext(), &pb.FindEnabledACMEUserRequest{AcmeUserId: params.UserId})
if err != nil {
this.ErrorPage(err)
return
}
user := userResp.AcmeUser
if user == nil {
this.NotFound("acmeUser", params.UserId)
return
}
// 服务商
var providerMap maps.Map
if user.AcmeProvider != nil {
providerMap = maps.Map{
"name": user.AcmeProvider.Name,
"code": user.AcmeProvider.Code,
}
}
// 账号
var accountMap maps.Map
if user.AcmeProviderAccount != nil {
accountMap = maps.Map{
"id": user.AcmeProviderAccount.Id,
"name": user.AcmeProviderAccount.Name,
}
}
this.Data["user"] = maps.Map{
"id": user.Id,
"email": user.Email,
"description": user.Description,
"provider": providerMap,
"account": accountMap,
}
this.Show()
}
func (this *UpdatePopupAction) RunPost(params struct {
UserId int64
Description string
Must *actions.Must
CSRF *actionutils.CSRF
}) {
defer this.CreateLogInfo(codes.ACMEUser_LogUpdateACMEUser, params.UserId)
_, err := this.RPC().ACMEUserRPC().UpdateACMEUser(this.AdminContext(), &pb.UpdateACMEUserRequest{
AcmeUserId: params.UserId,
Description: params.Description,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

77
EdgeAdmin/internal/web/actions/default/servers/certs/certPopup.go Normal file
View File

@@ -0,0 +1,77 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
"time"
)
type CertPopupAction struct {
actionutils.ParentAction
}
func (this *CertPopupAction) Init() {
}
func (this *CertPopupAction) RunGet(params struct {
CertId int64
}) {
certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
var certConfig = &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
var reverseCommonNames = []string{}
for i := len(certConfig.CommonNames) - 1; i >= 0; i-- {
reverseCommonNames = append(reverseCommonNames, certConfig.CommonNames[i])
}
this.Data["info"] = maps.Map{
"id": certConfig.Id,
"name": certConfig.Name,
"description": certConfig.Description,
"isOn": certConfig.IsOn,
"isAvailable": certConfig.TimeEndAt >= time.Now().Unix(),
"commonNames": reverseCommonNames,
"dnsNames": certConfig.DNSNames,
// TODO 检查是否为7天或30天内过期
"beginTime": timeutil.FormatTime("Y-m-d H:i:s", certConfig.TimeBeginAt),
"endTime": timeutil.FormatTime("Y-m-d H:i:s", certConfig.TimeEndAt),
"isCA": certConfig.IsCA,
"certString": string(certConfig.CertData),
"keyString": string(certConfig.KeyData),
}
// 引入的服务
serversResp, err := this.RPC().ServerRPC().FindAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.FindAllEnabledServersWithSSLCertIdRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
var serverMaps = []maps.Map{}
for _, server := range serversResp.Servers {
serverMaps = append(serverMaps, maps.Map{
"id": server.Id,
"isOn": server.IsOn,
"name": server.Name,
"type": server.Type,
})
}
this.Data["servers"] = serverMaps
this.Show()
}

60
EdgeAdmin/internal/web/actions/default/servers/certs/datajs.go Normal file
View File

@@ -0,0 +1,60 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
)
// 所有相关数据
type DatajsAction struct {
actionutils.ParentAction
}
func (this *DatajsAction) Init() {
}
func (this *DatajsAction) RunGet(params struct{}) {
this.AddHeader("Content-Type", "text/javascript; charset=utf-8")
{
cipherSuitesJSON, err := json.Marshal(sslconfigs.AllTLSCipherSuites)
if err != nil {
this.ErrorPage(err)
return
}
this.WriteString("window.SSL_ALL_CIPHER_SUITES = " + string(cipherSuitesJSON) + ";\n")
}
{
modernCipherSuitesJSON, err := json.Marshal(sslconfigs.TLSModernCipherSuites)
if err != nil {
this.ErrorPage(err)
return
}
this.WriteString("window.SSL_MODERN_CIPHER_SUITES = " + string(modernCipherSuitesJSON) + ";\n")
}
{
intermediateCipherSuitesJSON, err := json.Marshal(sslconfigs.TLSIntermediateCipherSuites)
if err != nil {
this.ErrorPage(err)
return
}
this.WriteString("window.SSL_INTERMEDIATE_CIPHER_SUITES = " + string(intermediateCipherSuitesJSON) + ";\n")
}
{
sslVersionsJSON, err := json.Marshal(sslconfigs.AllTlsVersions)
if err != nil {
this.ErrorPage(err)
return
}
this.WriteString("window.SSL_ALL_VERSIONS = " + string(sslVersionsJSON) + ";\n")
}
{
clientAuthTypesJSON, err := json.Marshal(sslconfigs.AllSSLClientAuthTypes())
if err != nil {
this.ErrorPage(err)
return
}
this.WriteString("window.SSL_ALL_CLIENT_AUTH_TYPES = " + string(clientAuthTypesJSON) + ";\n")
}
}

52
EdgeAdmin/internal/web/actions/default/servers/certs/delete.go Normal file
View File

@@ -0,0 +1,52 @@
package certs
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type DeleteAction struct {
actionutils.ParentAction
}
func (this *DeleteAction) RunPost(params struct {
CertId int64
}) {
// 创建日志
defer this.CreateLogInfo(codes.SSLCert_LogDeleteSSLCert, params.CertId)
// 是否正在被服务使用
countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
if countResp.Count > 0 {
this.Fail("此证书正在被某些服务引用,请先修改服务后再删除。")
}
// 是否正在被API节点使用
countResp, err = this.RPC().APINodeRPC().CountAllEnabledAPINodesWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledAPINodesWithSSLCertIdRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
if countResp.Count > 0 {
this.Fail("此证书正在被某些API节点引用请先修改API节点后再删除")
}
err = this.filterDelete(params.CertId)
if err != nil {
this.ErrorPage(err)
return
}
_, err = this.RPC().SSLCertRPC().DeleteSSLCert(this.AdminContext(), &pb.DeleteSSLCertRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

8
EdgeAdmin/internal/web/actions/default/servers/certs/delete_ext.go Normal file
View File

@@ -0,0 +1,8 @@
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build !plus
package certs
func (this *DeleteAction) filterDelete(certId int64) error {
return nil
}

35
EdgeAdmin/internal/web/actions/default/servers/certs/delete_ext_plus.go Normal file
View File

@@ -0,0 +1,35 @@
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build plus
package certs
import (
teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
func (this *DeleteAction) filterDelete(certId int64) error {
// 是否正在被用户节点使用
if teaconst.IsPlus {
countResp, err := this.RPC().UserNodeRPC().CountAllEnabledUserNodesWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledUserNodesWithSSLCertIdRequest{SslCertId: certId})
if err != nil {
return err
}
if countResp.Count > 0 {
this.Fail("此证书正在被某些用户节点引用,请先修改相关用户节点后再删除")
}
}
// 是否正在被NS集群使用
if teaconst.IsPlus {
countResp, err := this.RPC().NSClusterRPC().CountAllNSClustersWithSSLCertId(this.AdminContext(), &pb.CountAllNSClustersWithSSLCertIdRequest{SslCertId: certId})
if err != nil {
return err
}
if countResp.Count > 0 {
this.Fail("此证书正在被某些DNS集群节点引用请先修改相关DNS集群设置后再删除")
}
}
return nil
}

40
EdgeAdmin/internal/web/actions/default/servers/certs/downloadCert.go Normal file
View File

@@ -0,0 +1,40 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"strconv"
)
type DownloadCertAction struct {
actionutils.ParentAction
}
func (this *DownloadCertAction) Init() {
this.Nav("", "", "")
}
func (this *DownloadCertAction) RunGet(params struct {
CertId int64
}) {
defer this.CreateLogInfo(codes.SSLCert_LogDownloadSSLCert, params.CertId)
certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
certConfig := &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
this.AddHeader("Content-Disposition", "attachment; filename=\"cert-"+strconv.FormatInt(params.CertId, 10)+".pem\";")
_, _ = this.Write(certConfig.CertData)
}

40
EdgeAdmin/internal/web/actions/default/servers/certs/downloadKey.go Normal file
View File

@@ -0,0 +1,40 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"strconv"
)
type DownloadKeyAction struct {
actionutils.ParentAction
}
func (this *DownloadKeyAction) Init() {
this.Nav("", "", "")
}
func (this *DownloadKeyAction) RunGet(params struct {
CertId int64
}) {
defer this.CreateLogInfo(codes.SSLCert_LogDownloadSSLCertKey, params.CertId)
certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
certConfig := &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
this.AddHeader("Content-Disposition", "attachment; filename=\"key-"+strconv.FormatInt(params.CertId, 10)+".pem\";")
_, _ = this.Write(certConfig.KeyData)
}

83
EdgeAdmin/internal/web/actions/default/servers/certs/downloadZip.go Normal file
View File

@@ -0,0 +1,83 @@
package certs
import (
"archive/zip"
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"strconv"
)
type DownloadZipAction struct {
actionutils.ParentAction
}
func (this *DownloadZipAction) Init() {
this.Nav("", "", "")
}
func (this *DownloadZipAction) RunGet(params struct {
CertId int64
}) {
defer this.CreateLogInfo(codes.SSLCert_LogDownloadSSLCertZip, params.CertId)
certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
certConfig := &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
z := zip.NewWriter(this.ResponseWriter)
defer func() {
_ = z.Close()
}()
this.AddHeader("Content-Disposition", "attachment; filename=\"cert-"+strconv.FormatInt(params.CertId, 10)+".zip\";")
// cert
{
w, err := z.Create("cert.pem")
if err != nil {
this.ErrorPage(err)
return
}
_, err = w.Write(certConfig.CertData)
if err != nil {
this.ErrorPage(err)
return
}
err = z.Flush()
if err != nil {
this.ErrorPage(err)
return
}
}
// key
if !certConfig.IsCA {
w, err := z.Create("key.pem")
if err != nil {
this.ErrorPage(err)
return
}
_, err = w.Write(certConfig.KeyData)
if err != nil {
this.ErrorPage(err)
return
}
err = z.Flush()
if err != nil {
this.ErrorPage(err)
return
}
}
}

62
EdgeAdmin/internal/web/actions/default/servers/certs/helper.go Normal file
View File

@@ -0,0 +1,62 @@
package certs
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"github.com/iwind/TeaGo/types"
"net/http"
)
type Helper struct {
helpers.LangHelper
}
func NewHelper() *Helper {
return &Helper{}
}
func (this *Helper) BeforeAction(actionPtr actions.ActionWrapper) {
var action = actionPtr.Object()
if action.Request.Method != http.MethodGet {
return
}
action.Data["teaMenu"] = "servers"
var countOCSP int64 = 0
parentAction, ok := actionPtr.(actionutils.ActionInterface)
if ok {
countOCSPResp, err := parentAction.RPC().SSLCertRPC().CountAllSSLCertsWithOCSPError(parentAction.AdminContext(), &pb.CountAllSSLCertsWithOCSPErrorRequest{})
if err == nil {
countOCSP = countOCSPResp.Count
}
}
var ocspMenuName = this.Lang(actionPtr, codes.SSLCert_MenuOCSP)
if countOCSP > 0 {
ocspMenuName += "(" + types.String(countOCSP) + ")"
}
var menu = []maps.Map{
{
"name": this.Lang(actionPtr, codes.SSLCert_MenuCerts),
"url": "/servers/certs",
"isActive": action.Data.GetString("leftMenuItem") == "cert",
},
{
"name": this.Lang(actionPtr, codes.SSLCert_MenuApply),
"url": "/servers/certs/acme",
"isActive": action.Data.GetString("leftMenuItem") == "acme",
},
{
"name": ocspMenuName,
"url": "/servers/certs/ocsp",
"isActive": action.Data.GetString("leftMenuItem") == "ocsp",
},
}
action.Data["leftMenuItems"] = menu
}

285
EdgeAdmin/internal/web/actions/default/servers/certs/index.go Normal file
View File

@@ -0,0 +1,285 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
"time"
)
type IndexAction struct {
actionutils.ParentAction
}
func (this *IndexAction) Init() {
this.FirstMenu("index")
}
func (this *IndexAction) RunGet(params struct {
UserId int64
Type string // [empty] | ca | 7days | ...
Keyword string
UserType string
}) {
this.Data["type"] = params.Type
this.Data["keyword"] = params.Keyword
if params.UserId > 0 {
params.UserType = "user"
}
this.Data["userType"] = params.UserType
// 当前用户
this.Data["searchingUserId"] = params.UserId
var userMap = maps.Map{
"id": 0,
"username": "",
"fullname": "",
}
if params.UserId > 0 {
userResp, err := this.RPC().UserRPC().FindEnabledUser(this.AdminContext(), &pb.FindEnabledUserRequest{UserId: params.UserId})
if err != nil {
this.ErrorPage(err)
return
}
var user = userResp.User
if user != nil {
userMap = maps.Map{
"id": user.Id,
"username": user.Username,
"fullname": user.Fullname,
}
}
}
this.Data["user"] = userMap
var countAll int64
var countCA int64
var countAvailable int64
var countExpired int64
var count7Days int64
var count30Days int64
var userOnly = params.UserType == "user" || params.UserId > 0
// 计算数量
{
// all
resp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countAll = resp.Count
// CA
resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
IsCA: true,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countCA = resp.Count
// available
resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
IsAvailable: true,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countAvailable = resp.Count
// expired
resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
IsExpired: true,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
countExpired = resp.Count
// expire in 7 days
resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
ExpiringDays: 7,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
count7Days = resp.Count
// expire in 30 days
resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
ExpiringDays: 30,
Keyword: params.Keyword,
UserOnly: userOnly,
})
if err != nil {
this.ErrorPage(err)
return
}
count30Days = resp.Count
}
this.Data["countAll"] = countAll
this.Data["countCA"] = countCA
this.Data["countAvailable"] = countAvailable
this.Data["countExpired"] = countExpired
this.Data["count7Days"] = count7Days
this.Data["count30Days"] = count30Days
// 分页
var page *actionutils.Page
var listResp *pb.ListSSLCertsResponse
var err error
switch params.Type {
case "":
page = this.NewPage(countAll)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "ca":
page = this.NewPage(countCA)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
IsCA: true,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "available":
page = this.NewPage(countAvailable)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
IsAvailable: true,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "expired":
page = this.NewPage(countExpired)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
IsExpired: true,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
case "7days":
page = this.NewPage(count7Days)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
ExpiringDays: 7,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
})
case "30days":
page = this.NewPage(count30Days)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
ExpiringDays: 30,
Offset: page.Offset,
Size: page.Size,
Keyword: params.Keyword,
UserOnly: userOnly,
})
default:
page = this.NewPage(countAll)
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
Keyword: params.Keyword,
UserOnly: userOnly,
Offset: page.Offset,
Size: page.Size,
})
}
if err != nil {
this.ErrorPage(err)
return
}
var certConfigs = []*sslconfigs.SSLCertConfig{}
err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
if err != nil {
this.ErrorPage(err)
return
}
this.Data["certs"] = certConfigs
var certMaps = []maps.Map{}
var nowTime = time.Now().Unix()
for _, certConfig := range certConfigs {
// count servers
countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{
SslCertId: certConfig.Id,
})
if err != nil {
this.ErrorPage(err)
return
}
// user
userResp, err := this.RPC().SSLCertRPC().FindSSLCertUser(this.AdminContext(), &pb.FindSSLCertUserRequest{SslCertId: certConfig.Id})
if err != nil {
this.ErrorPage(err)
return
}
var certUserMap = maps.Map{
"id": 0,
}
if userResp.User != nil {
certUserMap = maps.Map{
"id": userResp.User.Id,
"username": userResp.User.Username,
"fullname": userResp.User.Fullname,
}
}
certMaps = append(certMaps, maps.Map{
"isOn": certConfig.IsOn,
"beginDay": timeutil.FormatTime("Y-m-d", certConfig.TimeBeginAt),
"endDay": timeutil.FormatTime("Y-m-d", certConfig.TimeEndAt),
"isExpired": nowTime > certConfig.TimeEndAt,
"isAvailable": nowTime <= certConfig.TimeEndAt,
"countServers": countServersResp.Count,
"user": certUserMap,
})
}
this.Data["certInfos"] = certMaps
this.Data["page"] = page.AsHTML()
this.Show()
}

73
EdgeAdmin/internal/web/actions/default/servers/certs/init.go Normal file
View File

@@ -0,0 +1,73 @@
package certs
import (
"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/certs/acme"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/certs/acme/accounts"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/certs/acme/users"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/certs/ocsp"
"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
"github.com/iwind/TeaGo"
)
func init() {
TeaGo.BeforeStart(func(server *TeaGo.Server) {
server.
Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeServer)).
Helper(NewHelper()).
Data("teaMenu", "servers").
Data("teaSubMenu", "cert").
Prefix("/servers/certs").
Data("leftMenuItem", "cert").
Get("", new(IndexAction)).
GetPost("/uploadPopup", new(UploadPopupAction)).
GetPost("/uploadBatchPopup", new(UploadBatchPopupAction)).
Post("/delete", new(DeleteAction)).
GetPost("/updatePopup", new(UpdatePopupAction)).
Get("/certPopup", new(CertPopupAction)).
Get("/viewKey", new(ViewKeyAction)).
Get("/viewCert", new(ViewCertAction)).
Get("/downloadKey", new(DownloadKeyAction)).
Get("/downloadCert", new(DownloadCertAction)).
Get("/downloadZip", new(DownloadZipAction)).
Get("/selectPopup", new(SelectPopupAction)).
Get("/datajs", new(DatajsAction)).
// ACME任务
Prefix("/servers/certs/acme").
Data("leftMenuItem", "acme").
Get("", new(acme.IndexAction)).
GetPost("/create", new(acme.CreateAction)).
Post("/run", new(acme.RunAction)).
GetPost("/updateTaskPopup", new(acme.UpdateTaskPopupAction)).
Post("/deleteTask", new(acme.DeleteTaskAction)).
Post("/userOptions", new(acme.UserOptionsAction)).
// ACME用户
Prefix("/servers/certs/acme/users").
Get("", new(users.IndexAction)).
GetPost("/createPopup", new(users.CreatePopupAction)).
GetPost("/updatePopup", new(users.UpdatePopupAction)).
Post("/delete", new(users.DeleteAction)).
GetPost("/selectPopup", new(users.SelectPopupAction)).
Post("/accountsWithCode", new(users.AccountsWithCodeAction)).
// ACME账号
Prefix("/servers/certs/acme/accounts").
Get("", new(accounts.IndexAction)).
GetPost("/createPopup", new(accounts.CreatePopupAction)).
GetPost("/updatePopup", new(accounts.UpdatePopupAction)).
Post("/delete", new(accounts.DeleteAction)).
// OCSP
Prefix("/servers/certs/ocsp").
Data("leftMenuItem", "ocsp").
Get("", new(ocsp.IndexAction)).
Post("/reset", new(ocsp.ResetAction)).
Post("/resetAll", new(ocsp.ResetAllAction)).
Post("/ignore", new(ocsp.IgnoreAction)).
//
EndAll()
})
}

27
EdgeAdmin/internal/web/actions/default/servers/certs/ocsp/ignore.go Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package ocsp
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type IgnoreAction struct {
actionutils.ParentAction
}
func (this *IgnoreAction) RunPost(params struct {
CertIds []int64
}) {
defer this.CreateLogInfo(codes.SSLCert_LogOCSPIgnoreOCSPStatus)
_, err := this.RPC().SSLCertRPC().IgnoreSSLCertsWithOCSPError(this.AdminContext(), &pb.IgnoreSSLCertsWithOCSPErrorRequest{SslCertIds: params.CertIds})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

65
EdgeAdmin/internal/web/actions/default/servers/certs/ocsp/index.go Normal file
View File

@@ -0,0 +1,65 @@
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package ocsp
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
"time"
)
type IndexAction struct {
actionutils.ParentAction
}
func (this *IndexAction) Init() {
this.SecondMenu("ocsp")
}
func (this *IndexAction) RunGet(params struct {
Keyword string
}) {
this.Data["keyword"] = params.Keyword
countResp, err := this.RPC().SSLCertRPC().CountAllSSLCertsWithOCSPError(this.AdminContext(), &pb.CountAllSSLCertsWithOCSPErrorRequest{Keyword: params.Keyword})
if err != nil {
this.ErrorPage(err)
return
}
var count = countResp.Count
var page = this.NewPage(count)
this.Data["page"] = page.AsHTML()
certsResp, err := this.RPC().SSLCertRPC().ListSSLCertsWithOCSPError(this.AdminContext(), &pb.ListSSLCertsWithOCSPErrorRequest{
Keyword: params.Keyword,
Offset: page.Offset,
Size: page.Size,
})
if err != nil {
this.ErrorPage(err)
return
}
var certMaps = []maps.Map{}
for _, cert := range certsResp.SslCerts {
certMaps = append(certMaps, maps.Map{
"id": cert.Id,
"isOn": cert.IsOn,
"dnsNames": cert.DnsNames,
"commonNames": cert.CommonNames,
"hasOCSP": len(cert.Ocsp) > 0,
"ocspIsUpdated": cert.OcspIsUpdated,
"ocspError": cert.OcspError,
"isCA": cert.IsCA,
"isACME": cert.IsACME,
"name": cert.Name,
"isExpired": cert.TimeEndAt < time.Now().Unix(),
"beginDay": timeutil.FormatTime("Y-m-d", cert.TimeBeginAt),
"endDay": timeutil.FormatTime("Y-m-d", cert.TimeEndAt),
})
}
this.Data["certs"] = certMaps
this.Show()
}

27
EdgeAdmin/internal/web/actions/default/servers/certs/ocsp/reset.go Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package ocsp
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type ResetAction struct {
actionutils.ParentAction
}
func (this *ResetAction) RunPost(params struct {
CertIds []int64
}) {
defer this.CreateLogInfo(codes.SSLCert_LogOCSPResetOCSPStatus)
_, err := this.RPC().SSLCertRPC().ResetSSLCertsWithOCSPError(this.AdminContext(), &pb.ResetSSLCertsWithOCSPErrorRequest{SslCertIds: params.CertIds})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

25
EdgeAdmin/internal/web/actions/default/servers/certs/ocsp/resetAll.go Normal file
View File

@@ -0,0 +1,25 @@
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package ocsp
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type ResetAllAction struct {
actionutils.ParentAction
}
func (this *ResetAllAction) RunPost(params struct{}) {
defer this.CreateLogInfo(codes.SSLCert_LogOCSPResetAllOCSPStatus)
_, err := this.RPC().SSLCertRPC().ResetAllSSLCertsWithOCSPError(this.AdminContext(), &pb.ResetAllSSLCertsWithOCSPErrorRequest{})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

214
EdgeAdmin/internal/web/actions/default/servers/certs/selectPopup.go Normal file
View File

@@ -0,0 +1,214 @@
package certs
import (
"encoding/json"
"errors"
"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"github.com/iwind/TeaGo/lists"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
"strings"
"time"
)
// SelectPopupAction 选择证书
type SelectPopupAction struct {
actionutils.ParentAction
}
func (this *SelectPopupAction) Init() {
this.Nav("", "", "")
}
func (this *SelectPopupAction) RunGet(params struct {
ServerId int64 // 搜索的服务
UserId int64 // 搜索的用户名
SearchingDomains string // 搜索的域名
SearchingType string // 搜索类型match|all
ViewSize string
SelectedCertIds string
Keyword string
}) {
this.Data["searchingServerId"] = params.ServerId
// 服务相关
if params.ServerId > 0 {
serverResp, err := this.RPC().ServerRPC().FindEnabledUserServerBasic(this.AdminContext(), &pb.FindEnabledUserServerBasicRequest{ServerId: params.ServerId})
if err != nil {
this.ErrorPage(err)
return
}
var server = serverResp.Server
if server != nil {
if server.UserId > 0 {
params.UserId = server.UserId
}
// 读取所有ServerNames
serverNamesResp, err := this.RPC().ServerRPC().FindServerNames(this.AdminContext(), &pb.FindServerNamesRequest{ServerId: params.ServerId})
if err != nil {
this.ErrorPage(err)
return
}
if len(serverNamesResp.ServerNamesJSON) > 0 {
var serverNames = []*serverconfigs.ServerNameConfig{}
err = json.Unmarshal(serverNamesResp.ServerNamesJSON, &serverNames)
if err != nil {
this.ErrorPage(err)
return
}
params.SearchingDomains = strings.Join(serverconfigs.PlainServerNames(serverNames), ",")
}
}
}
// 用户相关
this.Data["userId"] = params.UserId // 可变
this.Data["searchingUserId"] = params.UserId
// 域名搜索相关
var url = this.Request.URL.Path
var query = this.Request.URL.Query()
query.Del("searchingType")
this.Data["baseURL"] = url + "?" + query.Encode()
var searchingDomains = []string{}
if len(params.SearchingDomains) > 0 {
searchingDomains = strings.Split(params.SearchingDomains, ",")
}
const maxDomains = 2_000 // 限制搜索的域名数量
if len(searchingDomains) > maxDomains {
searchingDomains = searchingDomains[:maxDomains]
}
this.Data["allSearchingDomains"] = params.SearchingDomains
this.Data["searchingDomains"] = searchingDomains
this.Data["keyword"] = params.Keyword
this.Data["selectedCertIds"] = params.SelectedCertIds
var searchingType = params.SearchingType
if len(searchingType) == 0 {
if len(params.SearchingDomains) == 0 {
searchingType = "all"
} else {
searchingType = "match"
}
}
if searchingType != "all" && searchingType != "match" {
this.ErrorPage(errors.New("invalid searching type '" + searchingType + "'"))
return
}
this.Data["searchingType"] = searchingType
// 已经选择的证书
var selectedCertIds = []string{}
if len(params.SelectedCertIds) > 0 {
selectedCertIds = strings.Split(params.SelectedCertIds, ",")
}
if len(params.ViewSize) == 0 {
params.ViewSize = "normal"
}
this.Data["viewSize"] = params.ViewSize
// 全部证书数量
countAllResp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
Keyword: params.Keyword,
})
if err != nil {
this.ErrorPage(err)
return
}
var totalAll = countAllResp.Count
this.Data["totalAll"] = totalAll
// 已匹配证书数量
var totalMatch int64 = 0
if len(searchingDomains) > 0 {
countMatchResp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
UserId: params.UserId,
Keyword: params.Keyword,
Domains: searchingDomains,
})
if err != nil {
this.ErrorPage(err)
return
}
totalMatch = countMatchResp.Count
}
this.Data["totalMatch"] = totalMatch
var totalCerts int64
if searchingType == "all" {
totalCerts = totalAll
} else if searchingType == "match" {
totalCerts = totalMatch
}
var page = this.NewPage(totalCerts)
this.Data["page"] = page.AsHTML()
var listResp *pb.ListSSLCertsResponse
if searchingType == "all" {
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
Keyword: params.Keyword,
Offset: page.Offset,
Size: page.Size,
})
} else if searchingType == "match" {
listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
UserId: params.UserId,
Keyword: params.Keyword,
Domains: searchingDomains,
Offset: page.Offset,
Size: page.Size,
})
}
if err != nil {
this.ErrorPage(err)
return
}
if listResp == nil {
this.ErrorPage(errors.New("'listResp' should not be nil"))
return
}
var certConfigs = []*sslconfigs.SSLCertConfig{}
err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
if err != nil {
this.ErrorPage(err)
return
}
this.Data["certs"] = certConfigs
var certMaps = []maps.Map{}
var nowTime = time.Now().Unix()
for _, certConfig := range certConfigs {
countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
if err != nil {
this.ErrorPage(err)
return
}
certMaps = append(certMaps, maps.Map{
"beginDay": timeutil.FormatTime("Y-m-d", certConfig.TimeBeginAt),
"endDay": timeutil.FormatTime("Y-m-d", certConfig.TimeEndAt),
"isExpired": nowTime > certConfig.TimeEndAt,
"isAvailable": nowTime <= certConfig.TimeEndAt,
"countServers": countServersResp.Count,
"isSelected": lists.ContainsString(selectedCertIds, numberutils.FormatInt64(certConfig.Id)),
})
}
this.Data["certInfos"] = certMaps
this.Show()
}

165
EdgeAdmin/internal/web/actions/default/servers/certs/updatePopup.go Normal file
View File

@@ -0,0 +1,165 @@
package certs
import (
"context"
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"github.com/iwind/TeaGo/actions"
timeutil "github.com/iwind/TeaGo/utils/time"
)
type UpdatePopupAction struct {
actionutils.ParentAction
}
func (this *UpdatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *UpdatePopupAction) RunGet(params struct {
CertId int64
}) {
certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
var certConfigJSON = certConfigResp.SslCertJSON
if len(certConfigJSON) == 0 {
this.NotFound("cert", params.CertId)
return
}
var certConfig = &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certConfigJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
certConfig.CertData = nil // cert & key 不需要在界面上显示
certConfig.KeyData = nil
this.Data["certConfig"] = certConfig
this.Show()
}
func (this *UpdatePopupAction) RunPost(params struct {
CertId int64
TextMode bool
Name string
IsCA bool
Description string
IsOn bool
CertFile *actions.File
KeyFile *actions.File
CertText string
KeyText string
Must *actions.Must
}) {
// 创建日志
defer this.CreateLogInfo(codes.SSLCert_LogUpdateSSLCert, params.CertId)
// 查询Cert
certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
var certConfigJSON = certConfigResp.SslCertJSON
if len(certConfigJSON) == 0 {
this.NotFound("cert", params.CertId)
return
}
var certConfig = &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certConfigJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
// 校验参数
params.Must.
Field("name", params.Name).
Require("请输入证书说明")
if params.TextMode {
if len(params.CertText) > 0 {
certConfig.CertData = []byte(params.CertText)
}
if !params.IsCA {
if len(params.KeyText) > 0 {
certConfig.KeyData = []byte(params.KeyText)
}
}
} else {
if params.CertFile != nil {
certConfig.CertData, err = params.CertFile.Read()
if err != nil {
this.FailField("certFile", "读取证书文件内容错误,请重新上传")
}
}
if !params.IsCA {
if params.KeyFile != nil {
certConfig.KeyData, err = params.KeyFile.Read()
if err != nil {
this.FailField("keyFile", "读取私钥文件内容错误,请重新上传")
}
}
}
}
// 校验
certConfig.IsCA = params.IsCA
err = certConfig.Init(context.TODO())
if err != nil {
if params.IsCA {
this.Fail("证书校验错误:" + err.Error())
} else {
this.Fail("证书或密钥校验错误:" + err.Error())
}
}
if len(timeutil.Format("Y", certConfig.TimeEnd())) != 4 {
this.Fail("证书格式错误:无法读取到证书有效期")
}
if certConfig.TimeBeginAt < 0 {
this.Fail("证书校验错误有效期开始时间过小不能小于1970年1月1日")
}
if certConfig.TimeEndAt < 0 {
this.Fail("证书校验错误有效期结束时间过小不能小于1970年1月1日")
}
// 保存
_, err = this.RPC().SSLCertRPC().UpdateSSLCert(this.AdminContext(), &pb.UpdateSSLCertRequest{
SslCertId: params.CertId,
IsOn: params.IsOn,
Name: params.Name,
Description: params.Description,
ServerName: "",
IsCA: params.IsCA,
CertData: certConfig.CertData,
KeyData: certConfig.KeyData,
TimeBeginAt: certConfig.TimeBeginAt,
TimeEndAt: certConfig.TimeEndAt,
DnsNames: certConfig.DNSNames,
CommonNames: certConfig.CommonNames,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

227
EdgeAdmin/internal/web/actions/default/servers/certs/uploadBatchPopup.go Normal file
View File

@@ -0,0 +1,227 @@
// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
package certs
import (
"bytes"
"context"
"crypto/tls"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/types"
"io"
"mime/multipart"
"strings"
)
// UploadBatchPopupAction 批量上传证书
type UploadBatchPopupAction struct {
actionutils.ParentAction
}
func (this *UploadBatchPopupAction) Init() {
this.Nav("", "", "")
}
func (this *UploadBatchPopupAction) RunGet(params struct {
ServerId int64
UserId int64
}) {
// 读取服务用户
if params.ServerId > 0 {
serverResp, err := this.RPC().ServerRPC().FindEnabledUserServerBasic(this.AdminContext(), &pb.FindEnabledUserServerBasicRequest{ServerId: params.ServerId})
if err != nil {
this.ErrorPage(err)
return
}
var server = serverResp.Server
if server != nil {
params.UserId = server.UserId
}
}
this.Data["userId"] = params.UserId
this.Data["maxFiles"] = this.maxFiles()
this.Show()
}
func (this *UploadBatchPopupAction) RunPost(params struct {
UserId int64
Must *actions.Must
CSRF *actionutils.CSRF
}) {
defer this.CreateLogInfo(codes.SSLCert_LogUploadSSLCertBatch)
var files = this.Request.MultipartForm.File["certFiles"]
if len(files) == 0 {
this.Fail("请选择要上传的证书和私钥文件")
return
}
// 限制每次上传的文件数量
var maxFiles = this.maxFiles()
if len(files) > maxFiles {
this.Fail("每次上传最多不能超过" + types.String(maxFiles) + "个文件")
return
}
type certInfo struct {
filename string
data []byte
}
var certDataList = []*certInfo{}
var keyDataList = [][]byte{}
var failMessages = []string{}
for _, file := range files {
func(file *multipart.FileHeader) {
fp, err := file.Open()
if err != nil {
failMessages = append(failMessages, "文件"+file.Filename+"读取失败:"+err.Error())
return
}
defer func() {
_ = fp.Close()
}()
data, err := io.ReadAll(fp)
if err != nil {
failMessages = append(failMessages, "文件"+file.Filename+"读取失败:"+err.Error())
return
}
if bytes.Contains(data, []byte("CERTIFICATE-")) {
certDataList = append(certDataList, &certInfo{
filename: file.Filename,
data: data,
})
} else if bytes.Contains(data, []byte("PRIVATE KEY-")) {
keyDataList = append(keyDataList, data)
} else {
failMessages = append(failMessages, "文件"+file.Filename+"读取失败:文件格式错误,无法识别是证书还是私钥")
return
}
}(file)
}
if len(failMessages) > 0 {
this.Fail("发生了错误:" + strings.Join(failMessages, ""))
return
}
// 对比证书和私钥数量是否一致
if len(certDataList) != len(keyDataList) {
this.Fail("证书文件数量(" + types.String(len(certDataList)) + ")和私钥文件数量(" + types.String(len(keyDataList)) + ")不一致")
return
}
// 自动匹配
var pairs = [][2][]byte{} // [] { cert, key }
var keyIndexMap = map[int]bool{} // 方便下面跳过已匹配的Key
for _, cert := range certDataList {
var found = false
for keyIndex, keyData := range keyDataList {
if keyIndexMap[keyIndex] {
continue
}
_, err := tls.X509KeyPair(cert.data, keyData)
if err == nil {
found = true
pairs = append(pairs, [2][]byte{cert.data, keyData})
keyIndexMap[keyIndex] = true
break
}
}
if !found {
this.Fail("找不到" + cert.filename + "对应的私钥")
return
}
}
// 组织 CertConfig
var pbCerts = []*pb.CreateSSLCertsRequestCert{}
var certConfigs = []*sslconfigs.SSLCertConfig{}
for _, pair := range pairs {
certData, keyData := pair[0], pair[1]
var certConfig = &sslconfigs.SSLCertConfig{
IsCA: false,
CertData: certData,
KeyData: keyData,
}
err := certConfig.Init(context.TODO())
if err != nil {
this.Fail("证书验证失败:" + err.Error())
return
}
certConfigs = append(certConfigs, certConfig)
var certName = ""
if len(certConfig.DNSNames) > 0 {
certName = certConfig.DNSNames[0]
if len(certConfig.DNSNames) > 1 {
certName += "等" + types.String(len(certConfig.DNSNames)) + "个域名"
}
}
certConfig.Name = certName
pbCerts = append(pbCerts, &pb.CreateSSLCertsRequestCert{
IsOn: true,
Name: certName,
Description: "",
ServerName: "",
IsCA: false,
CertData: certData,
KeyData: keyData,
TimeBeginAt: certConfig.TimeBeginAt,
TimeEndAt: certConfig.TimeEndAt,
DnsNames: certConfig.DNSNames,
CommonNames: certConfig.CommonNames,
})
}
createResp, err := this.RPC().SSLCertRPC().CreateSSLCerts(this.AdminContext(), &pb.CreateSSLCertsRequest{
UserId: params.UserId,
SSLCerts: pbCerts,
})
if err != nil {
this.ErrorPage(err)
return
}
var certIds = createResp.SslCertIds
if len(certIds) != len(certConfigs) {
this.Fail("上传成功但API返回的证书ID数量错误请反馈给开发者")
return
}
// 返回数据
this.Data["count"] = len(pbCerts)
var certRefs = []*sslconfigs.SSLCertRef{}
for index, cert := range certConfigs {
// ID
cert.Id = certIds[index]
// 减少不必要的数据
cert.CertData = nil
cert.KeyData = nil
certRefs = append(certRefs, &sslconfigs.SSLCertRef{
IsOn: true,
CertId: cert.Id,
})
}
this.Data["certs"] = certConfigs
this.Data["certRefs"] = certRefs
this.Success()
}

8
EdgeAdmin/internal/web/actions/default/servers/certs/uploadBatchPopup_ext.go Normal file
View File

@@ -0,0 +1,8 @@
// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build !plus
package certs
func (this *UploadBatchPopupAction) maxFiles() int {
return 20
}

13
EdgeAdmin/internal/web/actions/default/servers/certs/uploadBatchPopup_ext_plus.go Normal file
View File

@@ -0,0 +1,13 @@
// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build plus
package certs
import teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
func (this *UploadBatchPopupAction) maxFiles() int {
if !teaconst.IsPlus {
return 20
}
return 10_000
}

172
EdgeAdmin/internal/web/actions/default/servers/certs/uploadPopup.go Normal file
View File

@@ -0,0 +1,172 @@
package certs
import (
"context"
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
"github.com/iwind/TeaGo/actions"
timeutil "github.com/iwind/TeaGo/utils/time"
)
type UploadPopupAction struct {
actionutils.ParentAction
}
func (this *UploadPopupAction) Init() {
this.Nav("", "", "")
}
func (this *UploadPopupAction) RunGet(params struct {
ServerId int64
UserId int64
}) {
// 读取服务用户
if params.ServerId > 0 {
serverResp, err := this.RPC().ServerRPC().FindEnabledUserServerBasic(this.AdminContext(), &pb.FindEnabledUserServerBasicRequest{ServerId: params.ServerId})
if err != nil {
this.ErrorPage(err)
return
}
var server = serverResp.Server
if server != nil {
params.UserId = server.UserId
}
}
this.Data["userId"] = params.UserId
this.Show()
}
func (this *UploadPopupAction) RunPost(params struct {
UserId int64
TextMode bool
Name string
IsCA bool
Description string
IsOn bool
CertFile *actions.File
KeyFile *actions.File
CertText string
KeyText string
Must *actions.Must
}) {
params.Must.
Field("name", params.Name).
Require("请输入证书说明")
var certData []byte
var keyData []byte
if params.TextMode {
if len(params.CertText) == 0 {
this.FailField("certText", "请输入证书内容")
}
if !params.IsCA {
if len(params.KeyText) == 0 {
this.FailField("keyText", "请输入私钥内容")
}
}
certData = []byte(params.CertText)
keyData = []byte(params.KeyText)
} else {
if params.CertFile == nil {
this.FailField("certFile", "请选择要上传的证书文件")
}
var err error
certData, err = params.CertFile.Read()
if err != nil {
this.FailField("certFile", "读取证书文件内容错误,请重新上传")
}
if !params.IsCA {
if params.KeyFile == nil {
this.FailField("keyFile", "请选择要上传的私钥文件")
} else {
keyData, err = params.KeyFile.Read()
if err != nil {
this.FailField("keyFile", "读取密钥文件内容错误,请重新上传")
}
}
}
}
// 校验
var certConfig = &sslconfigs.SSLCertConfig{
IsCA: params.IsCA,
CertData: certData,
KeyData: keyData,
}
err := certConfig.Init(context.TODO())
if err != nil {
if params.IsCA {
this.Fail("证书校验错误:" + err.Error())
} else {
this.Fail("证书或密钥校验错误:" + err.Error())
}
}
if len(timeutil.Format("Y", certConfig.TimeEnd())) != 4 {
this.Fail("证书格式错误:无法读取到证书有效期")
}
if certConfig.TimeBeginAt < 0 {
this.Fail("证书校验错误有效期开始时间过小不能小于1970年1月1日")
}
if certConfig.TimeEndAt < 0 {
this.Fail("证书校验错误有效期结束时间过小不能小于1970年1月1日")
}
// 保存
createResp, err := this.RPC().SSLCertRPC().CreateSSLCert(this.AdminContext(), &pb.CreateSSLCertRequest{
IsOn: params.IsOn,
UserId: params.UserId,
Name: params.Name,
Description: params.Description,
ServerName: "",
IsCA: params.IsCA,
CertData: certData,
KeyData: keyData,
TimeBeginAt: certConfig.TimeBeginAt,
TimeEndAt: certConfig.TimeEndAt,
DnsNames: certConfig.DNSNames,
CommonNames: certConfig.CommonNames,
})
if err != nil {
this.ErrorPage(err)
return
}
// 查询已创建的证书并返回,方便调用者进行后续处理
var certId = createResp.SslCertId
configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})
if err != nil {
this.ErrorPage(err)
return
}
certConfig = &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(configResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
certConfig.CertData = nil // 去掉不必要的数据
certConfig.KeyData = nil // 去掉不必要的数据
this.Data["cert"] = certConfig
this.Data["certRef"] = &sslconfigs.SSLCertRef{
IsOn: true,
CertId: certId,
}
// 创建日志
defer this.CreateLogInfo(codes.SSLCert_LogUploadSSLCert, certId)
this.Success()
}

39
EdgeAdmin/internal/web/actions/default/servers/certs/viewCert.go Normal file
View File

@@ -0,0 +1,39 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
)
type ViewCertAction struct {
actionutils.ParentAction
}
func (this *ViewCertAction) Init() {
this.Nav("", "", "")
}
func (this *ViewCertAction) RunGet(params struct {
CertId int64
}) {
certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
if len(certResp.SslCertJSON) == 0 {
this.NotFound("sslCert", params.CertId)
return
}
certConfig := &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
_, _ = this.Write(certConfig.CertData)
}

34
EdgeAdmin/internal/web/actions/default/servers/certs/viewKey.go Normal file
View File

@@ -0,0 +1,34 @@
package certs
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
)
type ViewKeyAction struct {
actionutils.ParentAction
}
func (this *ViewKeyAction) Init() {
this.Nav("", "", "")
}
func (this *ViewKeyAction) RunGet(params struct {
CertId int64
}) {
certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
if err != nil {
this.ErrorPage(err)
return
}
certConfig := &sslconfigs.SSLCertConfig{}
err = json.Unmarshal(certResp.SslCertJSON, certConfig)
if err != nil {
this.ErrorPage(err)
return
}
_, _ = this.Write(certConfig.KeyData)
}