thrown exception for non LE certificates

2021-08-24 06:01:08 +05:30 · 2021-08-24 06:01:08 +05:30 · be87c45f27
commit be87c45f27
parent 1b1807c79a
2 changed files with 32 additions and 16 deletions
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@ -337,29 +337,45 @@ const internalCertificate = {
 	},

 	/**
+	 * @param   {Access}  access
 	 * @param   {Object}  data
 	 * @param   {Number}  data.id
 	 * @returns {Promise}
 	 */
-	download: (data) => {
-		const downloadName = 'npm-' + data.id + '-' + `${Date.now()}.zip`;
-		const opName       = '/tmp/' + downloadName;
-		const zipDirectory = '/etc/letsencrypt/live/npm-' + data.id;
-	
+	download: (access, data) => {
+
 		return new Promise((resolve, reject) => {
-			internalCertificate.zipDirectory(zipDirectory, opName)
+			access.can('certificates:get', data)
 				.then(() => {
-					logger.debug('zip completed : ', opName);
-					const resp = {
-						fileName: opName
-					};
-					resolve(resp);
-				}).catch((err) => {
-					reject(err);
-				});
+					return internalCertificate.get(access, data);
+				})
+				.then((certificate) => {
+					if (certificate.provider === 'letsencrypt') {
+						const zipDirectory = '/etc/letsencrypt/live/npm-' + data.id;
+
+						if (!fs.existsSync(zipDirectory)) {
+							throw new error.ItemNotFoundError('Certificate ' + certificate.nice_name + ' does not exists');
+						}
+
+						const downloadName = 'npm-' + data.id + '-' + `${Date.now()}.zip`;
+						const opName       = '/tmp/' + downloadName;
+						internalCertificate.zipDirectory(zipDirectory, opName)
+							.then(() => {
+								logger.debug('zip completed : ', opName);
+								const resp = {
+									fileName: opName
+								};
+								resolve(resp);
+							}).catch((err) => {
+								reject(err);
+							});
+					} else {
+						throw new error.ValidationError('Only Let\'sEncrypt certificates can be renewed');
+					}
+				}).catch((err) => reject(err));
 		});
 	},
-	
+
 	/**
 		 * @param {String} source
 		 * @param {String} out
--- a/backend/routes/api/nginx/certificates.js
+++ b/backend/routes/api/nginx/certificates.js
@ -228,7 +228,7 @@ router
 	 * Renew certificate
 	 */
 	.get((req, res, next) => {
-		internalCertificate.download({
+		internalCertificate.download(res.locals.access, {
 			id: parseInt(req.params.certificate_id, 10)
 		})
 			.then((result) => {