<?php

if (!defined('ONYX')) exit;

function remove_directory($dir)
{
    if (is_dir($dir))
    {
        $objects = scandir($dir);
        foreach ($objects as $object)
        {
            if ($object != "." && $object != "..")
            {
                if (filetype($dir."/".$object) == "dir")
                    remove_directory($dir."/".$object);
                else
                    unlink($dir."/".$object);
            }
        }
        reset($objects);
        rmdir($dir);
    }
}

function new_client($name, $misc_dir)
{
  //TODO handle if already exist
  putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
  putenv("TOP_DIR=$misc_dir/pki");
  return shell_exec("$misc_dir/CA.sh -newclient $name");
}

function revoke_client($name, $misc_dir)
{
  putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
  putenv("TOP_DIR=$misc_dir/pki");
  return shell_exec("$misc_dir/CA.sh -revoke $name");
}

if (!empty($p[2]))
{
  if (empty($VAR['misc_dir']))
  {
    erreur("Merci d'ajouter la variable misc_dir dans root.xml");
    return "admin/home";
  }

  $misc_dir = $VAR['misc_dir'];

  if ($p[2] == "newca")
  {
    putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
    putenv("TOP_DIR=$misc_dir/pki");
    $template->assign("output",
                      shell_exec("$misc_dir/CA.sh -newca"));
    return "admin/shell";
  }

  elseif ($p[2] == "deleteca")
  {
    $dir = "$misc_dir/pki";
    remove_directory($dir);
  }

  elseif ($p[2] == "newsrv")
  {
    putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
    putenv("TOP_DIR=$misc_dir/pki");
    $template->assign("output",
                      shell_exec("$misc_dir/CA.sh -newserver"));
    return "admin/shell";
  }

  elseif ($p[2] == "revokesrv")
  {
    putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
    putenv("TOP_DIR=$misc_dir/pki");
    $template->assign("output",
                      shell_exec("$misc_dir/CA.sh -revokeserver"));
    return "admin/shell";
  }

  elseif ($p[2] == "revoke")
  {
    $name = $_GET['name'];
    if (isset($name))
    {
      $template->assign("output",
                        revoke_client($name, $misc_dir));
      //TODO Check revocation failed
      Team::set_revoked(TRUE, $name);
    }
    return "admin/shell";
  }

  // Is new team
  elseif ($p[2] == "newclient")
  {
    $name = $_GET['name'];
    //TODO handle error
    //TODO check revoked attribute
    if (isset($name))
    {
        $template->assign("output",
                          new_client($name, $misc_dir));
        Team::set_revoked(FALSE, $name);
	return "admin/shell";
    }
  }

  elseif ($p[2] == "get")
  {
    $name = $_GET['name'];
    if (isset($name))
    {
        $path = "$misc_dir/pki/pkcs/$name.p12";
        if (file_exists($path) && is_readable($path))
        {
            header("Content-Type: application/force-download");
            header("Content-Length: ".filesize($path));
            header("Content-Disposition: attachment; filename=\"$name.p12\"");
            readfile($path);
            exit;
        }
    }
  }


  if ($p[2] == "deleteca" || $p[2] == "newca")
  {
    header("Location: /".SALT_ADMIN."/");
    exit;
  }
  elseif ($p[2] == "revoke" || $p[2] == "newclient")
  {
    header("Location: /".SALT_ADMIN."/teams");
    exit;
  }
}