mirror of
https://github.com/tips-of-mine/gestion-certificats2.git
synced 2025-06-28 06:58:43 +02:00
Merge pull request #16 from tips-of-mine/fix/certificate-download-links
Here's what I've been working on:
This commit is contained in:
tips-of-mine
@ -394,7 +394,19 @@ class CertificateController
|
||||
header('Location: /dashboard');
|
||||
exit();
|
||||
}
|
||||
$filePath = INTERMEDIATE_CA_PATH_BASE . '/' . $perimeterName . '/certs/' . $fileName;
|
||||
// Vérifier si c'est une demande de clé privée
|
||||
if (str_ends_with($fileName, '.key.pem')) {
|
||||
if ($this->authService->getUserRole() === 'admin') {
|
||||
$filePath = INTERMEDIATE_CA_PATH_BASE . '/' . $perimeterName . '/private/' . $fileName;
|
||||
} else {
|
||||
$_SESSION['error'] = 'Unauthorized to download intermediate key.';
|
||||
$this->logService->log('error', "Unauthorized attempt to download intermediate key by user ID: {$userId} for perimeter {$perimeterName}, file {$fileName}", $userId, $ipAddress);
|
||||
header('Location: /dashboard');
|
||||
exit();
|
||||
}
|
||||
} else { // C'est une demande de certificat
|
||||
$filePath = INTERMEDIATE_CA_PATH_BASE . '/' . $perimeterName . '/certs/' . $fileName;
|
||||
}
|
||||
break;
|
||||
case 'simple':
|
||||
if (empty($perimeterName)) {
|
||||
@ -403,7 +415,20 @@ class CertificateController
|
||||
header('Location: /dashboard');
|
||||
exit();
|
||||
}
|
||||
$filePath = INTERMEDIATE_CA_PATH_BASE . '/' . $perimeterName . '/certs/' . $fileName;
|
||||
// Vérifier si c'est une demande de clé privée
|
||||
if (str_ends_with($fileName, '.key.pem')) {
|
||||
if ($this->authService->getUserRole() === 'admin') {
|
||||
// Pour les certificats simples, la clé est stockée dans le répertoire private du CA intermédiaire qui l'a émis.
|
||||
$filePath = INTERMEDIATE_CA_PATH_BASE . '/' . $perimeterName . '/private/' . $fileName;
|
||||
} else {
|
||||
$_SESSION['error'] = 'Unauthorized to download simple certificate key.';
|
||||
$this->logService->log('error', "Unauthorized attempt to download simple certificate key by user ID: {$userId} for perimeter {$perimeterName}, file {$fileName}", $userId, $ipAddress);
|
||||
header('Location: /dashboard');
|
||||
exit();
|
||||
}
|
||||
} else { // C'est une demande de certificat
|
||||
$filePath = INTERMEDIATE_CA_PATH_BASE . '/' . $perimeterName . '/certs/' . $fileName;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
$_SESSION['error'] = 'Invalid certificate type for download.';
|
||||
|
||||
@ -56,9 +56,18 @@ require_once APP_ROOT_DIR . '/src/Views/shared/header.php';
|
||||
<div class="intermediate-certificate">
|
||||
<h4><?= htmlspecialchars($intermediate['name']) ?> (<?= htmlspecialchars($translations['perimeter'] ?? 'Perimeter:') ?> <?= htmlspecialchars($intermediate['perimeter_name']) ?>)</h4>
|
||||
<p>
|
||||
<a href="/certificates/download?type=intermediate&perimeter=<?= urlencode($intermediate['perimeter_name']) ?>&file=intermediate.cert.pem" class="button">
|
||||
<a href="/certificates/download?type=intermediate&perimeter=<?= urlencode($intermediate['perimeter_name']) ?>&file=<?= urlencode($intermediate['name']) ?>" class="button">
|
||||
<?= htmlspecialchars($translations['download_certificate_pem'] ?? 'Download Certificate (.pem)') ?>
|
||||
</a>
|
||||
<?php if (isset($userRole) && $userRole === 'admin'): ?>
|
||||
<?php
|
||||
// Suppose que le nom du fichier clé est le nom du cert avec .key.pem au lieu de .cert.pem
|
||||
$intermediateKeyName = str_replace('.cert.pem', '.key.pem', $intermediate['name']);
|
||||
?>
|
||||
<a href="/certificates/download?type=intermediate&perimeter=<?= urlencode($intermediate['perimeter_name']) ?>&file=<?= urlencode($intermediateKeyName) ?>" class="button" style="margin-left: 10px;">
|
||||
<?= htmlspecialchars($translations['download_private_key'] ?? 'Télécharger Clé Privée (.key)') ?>
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
|
||||
<h5><?= htmlspecialchars($translations['associated_final_certificates_title'] ?? 'Associated Final Certificates') ?></h5>
|
||||
@ -74,6 +83,15 @@ require_once APP_ROOT_DIR . '/src/Views/shared/header.php';
|
||||
<a href="/certificates/download?type=simple&perimeter=<?= urlencode($intermediate['perimeter_name']) ?>&file=<?= urlencode($finalCert['name']) ?>" class="button download-button-small">
|
||||
<?= htmlspecialchars($translations['download_certificate_pem'] ?? 'Download Certificate (.pem)') ?>
|
||||
</a>
|
||||
<?php if (isset($userRole) && $userRole === 'admin'): ?>
|
||||
<?php
|
||||
// Suppose que le nom du fichier clé est le nom du cert avec .key.pem au lieu de .cert.pem
|
||||
$finalKeyName = str_replace('.cert.pem', '.key.pem', $finalCert['name']);
|
||||
?>
|
||||
<a href="/certificates/download?type=simple&perimeter=<?= urlencode($intermediate['perimeter_name']) ?>&file=<?= urlencode($finalKeyName) ?>" class="button download-button-small" style="margin-left: 5px;">
|
||||
<?= htmlspecialchars($translations['download_private_key'] ?? 'Télécharger Clé Privée (.key)') ?>
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
</li>
|
||||
<?php endforeach; ?>
|
||||
|
||||
Reference in New Issue
Block a user