EdgeAdmin/internal/web/actions/default/servers/certs/uploadPopup.go

package certs

import (
	"encoding/json"
	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
	"github.com/iwind/TeaGo/actions"
	timeutil "github.com/iwind/TeaGo/utils/time"
)

type UploadPopupAction struct {
	actionutils.ParentAction
}

func (this *UploadPopupAction) Init() {
	this.Nav("", "", "")
}

func (this *UploadPopupAction) RunGet(params struct{}) {
	this.Show()
}

func (this *UploadPopupAction) RunPost(params struct {
	TextMode    bool
	Name        string
	IsCA        bool
	Description string
	IsOn        bool

	CertFile *actions.File
	KeyFile  *actions.File

	CertText string
	KeyText  string

	Must *actions.Must
}) {
	params.Must.
		Field("name", params.Name).
		Require("请输入证书说明")

	certData := []byte{}
	keyData := []byte{}

	if params.TextMode {
		if len(params.CertText) == 0 {
			this.FailField("certText", "请输入证书内容")
		}

		if !params.IsCA {
			if len(params.KeyText) == 0 {
				this.FailField("keyText", "请输入私钥内容")
			}
		}

		certData = []byte(params.CertText)
		keyData = []byte(params.KeyText)
	} else {
		if params.CertFile == nil {
			this.FailField("certFile", "请选择要上传的证书文件")
		}
		var err error
		certData, err = params.CertFile.Read()
		if err != nil {
			this.FailField("certFile", "读取证书文件内容错误，请重新上传")
		}

		if !params.IsCA {
			if params.KeyFile == nil {
				this.FailField("keyFile", "请选择要上传的私钥文件")
			} else {
				keyData, err = params.KeyFile.Read()
				if err != nil {
					this.FailField("keyFile", "读取密钥文件内容错误，请重新上传")
				}
			}
		}
	}

	// 校验
	sslConfig := &sslconfigs.SSLCertConfig{
		IsCA:     params.IsCA,
		CertData: certData,
		KeyData:  keyData,
	}
	err := sslConfig.Init()
	if err != nil {
		if params.IsCA {
			this.Fail("证书校验错误：" + err.Error())
		} else {
			this.Fail("证书或密钥校验错误：" + err.Error())
		}
	}
	if len(timeutil.Format("Y", sslConfig.TimeEnd())) != 4 {
		this.Fail("证书格式错误：无法读取到证书有效期")
	}

	// 保存
	createResp, err := this.RPC().SSLCertRPC().CreateSSLCert(this.AdminContext(), &pb.CreateSSLCertRequest{
		IsOn:        params.IsOn,
		Name:        params.Name,
		Description: params.Description,
		ServerName:  "",
		IsCA:        params.IsCA,
		CertData:    certData,
		KeyData:     keyData,
		TimeBeginAt: sslConfig.TimeBeginAt,
		TimeEndAt:   sslConfig.TimeEndAt,
		DnsNames:    sslConfig.DNSNames,
		CommonNames: sslConfig.CommonNames,
	})
	if err != nil {
		this.ErrorPage(err)
		return
	}

	// 查询已创建的证书并返回，方便调用者进行后续处理
	certId := createResp.SslCertId
	configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})
	if err != nil {
		this.ErrorPage(err)
		return
	}
	certConfig := &sslconfigs.SSLCertConfig{}
	err = json.Unmarshal(configResp.SslCertJSON, certConfig)
	if err != nil {
		this.ErrorPage(err)
		return
	}
	certConfig.CertData = nil // 去掉不必要的数据
	certConfig.KeyData = nil  // 去掉不必要的数据
	this.Data["cert"] = certConfig
	this.Data["certRef"] = &sslconfigs.SSLCertRef{
		IsOn:   true,
		CertId: certId,
	}

	// 创建日志
	defer this.CreateLog(oplogs.LevelInfo, "上传SSL证书 %d", certId)

	this.Success()
}
实现对ACME用户的增删改 2020-11-24 17:36:42 +08:00			`package certs`
实现证书管理 2020-09-30 17:46:38 +08:00
			`import (`
实现HTTPS配置 2020-10-01 16:01:04 +08:00			`"encoding/json"`
增加一部分操作日志 2020-11-10 21:37:48 +08:00			`"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"`
实现证书管理 2020-09-30 17:46:38 +08:00			`"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"`
			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"`
			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"`
			`"github.com/iwind/TeaGo/actions"`
证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`timeutil "github.com/iwind/TeaGo/utils/time"`
实现证书管理 2020-09-30 17:46:38 +08:00			`)`

			`type UploadPopupAction struct {`
			`actionutils.ParentAction`
			`}`

			`func (this *UploadPopupAction) Init() {`
			`this.Nav("", "", "")`
			`}`

			`func (this *UploadPopupAction) RunGet(params struct{}) {`
			`this.Show()`
			`}`

			`func (this *UploadPopupAction) RunPost(params struct {`
证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`TextMode bool`
实现证书管理 2020-09-30 17:46:38 +08:00			`Name string`
			`IsCA bool`
			`Description string`
			`IsOn bool`

			`CertFile *actions.File`
			`KeyFile *actions.File`

证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`CertText string`
			`KeyText string`

实现证书管理 2020-09-30 17:46:38 +08:00			`Must *actions.Must`
			`}) {`
			`params.Must.`
			`Field("name", params.Name).`
			`Require("请输入证书说明")`

			`certData := []byte{}`
			`keyData := []byte{}`

证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`if params.TextMode {`
			`if len(params.CertText) == 0 {`
			`this.FailField("certText", "请输入证书内容")`
			`}`
实现证书管理 2020-09-30 17:46:38 +08:00
证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`if !params.IsCA {`
			`if len(params.KeyText) == 0 {`
			`this.FailField("keyText", "请输入私钥内容")`
			`}`
			`}`

			`certData = []byte(params.CertText)`
			`keyData = []byte(params.KeyText)`
			`} else {`
			`if params.CertFile == nil {`
			`this.FailField("certFile", "请选择要上传的证书文件")`
			`}`
			`var err error`
			`certData, err = params.CertFile.Read()`
			`if err != nil {`
			`this.FailField("certFile", "读取证书文件内容错误，请重新上传")`
			`}`

			`if !params.IsCA {`
			`if params.KeyFile == nil {`
			`this.FailField("keyFile", "请选择要上传的私钥文件")`
			`} else {`
			`keyData, err = params.KeyFile.Read()`
			`if err != nil {`
			`this.FailField("keyFile", "读取密钥文件内容错误，请重新上传")`
			`}`
实现证书管理 2020-09-30 17:46:38 +08:00			`}`
			`}`
			`}`

			`// 校验`
			`sslConfig := &sslconfigs.SSLCertConfig{`
			`IsCA: params.IsCA,`
			`CertData: certData,`
			`KeyData: keyData,`
			`}`
证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`err := sslConfig.Init()`
实现证书管理 2020-09-30 17:46:38 +08:00			`if err != nil {`
			`if params.IsCA {`
			`this.Fail("证书校验错误：" + err.Error())`
			`} else {`
			`this.Fail("证书或密钥校验错误：" + err.Error())`
			`}`
			`}`
证书上传时可以选择输入文本内容 2021-10-09 17:30:05 +08:00			`if len(timeutil.Format("Y", sslConfig.TimeEnd())) != 4 {`
			`this.Fail("证书格式错误：无法读取到证书有效期")`
			`}`
实现证书管理 2020-09-30 17:46:38 +08:00
			`// 保存`
实现HTTPS配置 2020-10-01 16:01:04 +08:00			`createResp, err := this.RPC().SSLCertRPC().CreateSSLCert(this.AdminContext(), &pb.CreateSSLCertRequest{`
实现证书管理 2020-09-30 17:46:38 +08:00			`IsOn: params.IsOn,`
			`Name: params.Name,`
			`Description: params.Description,`
			`ServerName: "",`
			`IsCA: params.IsCA,`
			`CertData: certData,`
			`KeyData: keyData,`
			`TimeBeginAt: sslConfig.TimeBeginAt,`
			`TimeEndAt: sslConfig.TimeEndAt,`
			`DnsNames: sslConfig.DNSNames,`
			`CommonNames: sslConfig.CommonNames,`
			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

实现HTTPS配置 2020-10-01 16:01:04 +08:00			`// 查询已创建的证书并返回，方便调用者进行后续处理`
优化代码/创建服务的时候可以保存SSL证书信息 2020-12-18 21:18:35 +08:00			`certId := createResp.SslCertId`
			`configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})`
实现HTTPS配置 2020-10-01 16:01:04 +08:00			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`certConfig := &sslconfigs.SSLCertConfig{}`
优化代码/创建服务的时候可以保存SSL证书信息 2020-12-18 21:18:35 +08:00			`err = json.Unmarshal(configResp.SslCertJSON, certConfig)`
实现HTTPS配置 2020-10-01 16:01:04 +08:00			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`certConfig.CertData = nil // 去掉不必要的数据`
			`certConfig.KeyData = nil // 去掉不必要的数据`
			`this.Data["cert"] = certConfig`
			`this.Data["certRef"] = &sslconfigs.SSLCertRef{`
			`IsOn: true,`
			`CertId: certId,`
			`}`

增加一部分操作日志 2020-11-10 21:37:48 +08:00			`// 创建日志`
改进操作日志 2020-11-20 15:32:42 +08:00			`defer this.CreateLog(oplogs.LevelInfo, "上传SSL证书 %d", certId)`
增加一部分操作日志 2020-11-10 21:37:48 +08:00
实现证书管理 2020-09-30 17:46:38 +08:00			`this.Success()`
			`}`