Improvements to SSL classes

modules/ssl/classes/model/service/plugin/ssl.php

@@ -35,68 +35,51 @@ class Model_Service_Plugin_SSL extends Model_Service_Plugin {
 	public function username_value() {} // Not used
 	public function password_value() {} // Not used
 
-	public function service_view() {
-		return View::factory('service/user/plugin/ssl/view')
-			->set('so',$this);
+	private $_so = NULL;
+
+	/**
+	 * Resolve any queries to certificate details
+	 */
+	public function __call($name,$args) {
+		$m = 'get_'.$name;
+
+		if (method_exists($this->_so,$m))
+			return $this->_so->{$m}($args);
+		else
+			throw new Kohana_Exception('Unknown method :method',array(':method'=>$name));
+	}
+
+	// We want to inject the SSL object into this Model
+	protected function _load_values(array $values) {
+		parent::_load_values($values);
+
+		if ($this->cert)
+			$this->_so = SSL::instance($this->cert);
+
+		return $this;
+	}
+
+	// If we change the SSL certificate, we need to reload our SSL object
+	public function values(array $values, array $expected = NULL) {
+		parent::values($values,$expected);
+
+		if (array_key_exists('cert',$values))
+			$this->_so = SSL::instance($this->cert);
+
+		return $this;
 	}
 
 	public function expire() {
-		return $this->valid_to();
+		return $this->_so->get_valid_to();
 	}
 
 	public function name() {
-		if ($this->cert) {
-			return sprintf('%s:%s',$this->ssl_ca->subject(),$this->display('cert'));
-		} else
-			return $this->display('csr');
+		return ($this->cert) ? sprintf('%s:%s',$this->ssl_ca->subject(),$this->display('cert')) : $this->display('csr');
 	}
 
-	public function algorithm() {
-		return SSL::algorithm($this->cert);
-	}
-
-	public function dn() {
-		return SSL::dn($this->cert);
-	}
-
-	public function dnissuer() {
-		return SSL::dnissuer($this->cert);
-	}
-
-	public function issuer() {
-		return SSL::issuer($this->cert);
-	}
-
-	// @todo This needs to be validated for this model
-	public function product() {
-		if ($this->provided_adsl_plan_id)
-			return $this->adsl_plan;
-		else
-			return $this->service->product->plugin();
-	}
-
-	public function details() {
-		return SSL::details($this->cert);
-	}
-
-	public function valid_from($format=FALSE) {
-		return SSL::from($this->cert,$format);
-	}
-
-	public function valid_to($format=FALSE) {
-		return SSL::expire($this->cert,$format);
-	}
-
-	public function serial_num() {
-		return SSL::serial($this->cert);
-	}
-
-	public function hash() {
-		return SSL::hash($this->cert);
-	}
-
-	public function version() {
-		return SSL::version($this->cert);
+	public function service_view() {
+		return View::factory('service/user/plugin/ssl/view')
+			->set('so',$this);
 	}
 
 	/**

modules/ssl/classes/model/ssl/ca.php

@@ -14,9 +14,6 @@ class Model_SSL_CA extends ORM_OSB {
 	protected $_updated_column = FALSE;
 
 	// Relationships
-	protected $_belongs_to = array(
-	);
-
 	protected $_has_many = array(
 		'service'=>array('through'=>'service__ssl'),
 	);
@@ -27,44 +24,70 @@ class Model_SSL_CA extends ORM_OSB {
 		),
 	);
 
-	public function expires($format=FALSE) {
-		return SSL::expire($this->sign_cert,$format);
+	public function rules() {
+		return array(
+			'sign_cert'=>array(
+				array(array($this,'isCert')),
+				array(array($this,'isCA')),
+			),
+			'parent_ssl_ca_id'=>array(
+				array(array($this,'Rule_ParentExists')),
+			),
+		);
 	}
 
-	public function issuer() {
-		return SSL::issuer($this->sign_cert);
+	public function filters() {
+		return array(
+			'parent_ssl_ca_id'=>array(
+				array(array($this,'Filter_GetParent')),
+			)
+		);
 	}
 
-	public function subject() {
-		return SSL::subject($this->sign_cert);
+	private $_so = NULL;
+
+	/**
+	 * Resolve any queries to certificate details
+	 */
+	public function __call($name,$args) {
+		$m = 'get_'.$name;
+
+		if (method_exists($this->_so,$m))
+			return $this->_so->{$m}($args);
+		else
+			throw new Kohana_Exception('Unknown method :method',array(':method'=>$name));
 	}
 
-	public function save(Validation $validation = NULL) {
-		// If our parent_ssl_ca_id is null, we'll need to work it out
-		if (is_null($this->parent_ssl_ca_id)) {
-			$i = SSL::issuer($this->sign_cert);
+	// We want to inject the SSL object into this Model
+	protected function _load_values(array $values) {
+		parent::_load_values($values);
 
-			$po = NULL;
-			foreach (ORM::factory('ssl_ca')->find_all() as $sco)
-				if ($sco->subject() == $i) {
-					$po = $sco;
-					break;
-				}
+		if ($this->sign_cert)
+			$this->_so = SSL::instance($this->sign_cert);
 
-			if (is_null($po)) {
-				SystemMessage::add(array(
-					'title'=>'Certificate NOT Recorded',
-					'type'=>'warning',
-					'body'=>sprintf('Parent Certificate is not available (%s)',$this->issuer()),
-				));
+		return $this;
+	}
 
-				return FALSE;
-			} else
-				$this->parent_ssl_ca_id = $po->id;
-		}
+	// If we change the SSL certificate, we need to reload our SSL object
+	public function values(array $values, array $expected = NULL) {
+		parent::values($values,$expected);
 
-		// Save the record
-		return parent::save($validation);
+		if (array_key_exists('sign_cert',$values))
+			$this->_so = SSL::instance($this->sign_cert);
+
+		return $this;
+	}
+
+	// @todo This could require some optimisation, by storing the keyid in the database and then getting the DB just to return that parent
+	public function Filter_GetParent() {
+		foreach (ORM::factory($this->_object_name)->find_all() as $sco)
+			if ($sco->aki_keyid() == $this->aki_keyid())
+				return $sco->id;
+	}
+
+	public function Rule_ParentExists() {
+		// Our parent_ssl_ca_id should have been populated by Filter_GetParent().
+		return $this->parent_ssl_ca_id OR $this->isRoot();
 	}
 
 	public function list_issued() {