exploitprotocol
diff --git a/‎src/backend/app.js
Lines changed: 2 additions & 0 deletions b/‎src/backend/app.js
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/backend/internal/host.js
Lines changed: 17 additions & 0 deletions b/‎src/backend/internal/host.js
Lines changed: 17 additions & 0 deletions
diff --git a/‎src/backend/internal/proxy-host.js
Lines changed: 35 additions & 0 deletions b/‎src/backend/internal/proxy-host.js
Lines changed: 35 additions & 0 deletions
diff --git a/‎src/backend/lib/access.js
Lines changed: 8 additions & 6 deletions b/‎src/backend/lib/access.js
Lines changed: 8 additions & 6 deletions
diff --git a/‎src/backend/routes/api/nginx/proxy_hosts.js
Lines changed: 34 additions & 0 deletions b/‎src/backend/routes/api/nginx/proxy_hosts.js
Lines changed: 34 additions & 0 deletions
@@ -3,13 +3,15 @@
 const path        = require('path');
 const express     = require('express');
 const bodyParser  = require('body-parser');
+const fileUpload  = require('express-fileupload');
 const compression = require('compression');
 const log         = require('./logger').express;
 
 /**
  * App
  */
 const app = express();
+app.use(fileUpload());
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({extended: true}));
 
 
@@ -8,6 +8,8 @@ const deadHostModel        = require('../models/dead_host');
 
 const internalHost = {
 
+    allowed_ssl_files: ['other_certificate', 'other_certificate_key'],
+
     /**
      * Internal use only, checks to see if the ___domain is already taken by any other record
      *
@@ -64,6 +66,21 @@ const internalHost = {
             });
     },
 
+    /**
+     * Cleans the ssl keys from the meta object and sets them to "true"
+     *
+     * @param   {Object}  meta
+     * @returns {*}
+     */
+    cleanMeta: function (meta) {
+        internalHost.allowed_ssl_files.map(key => {
+            if (typeof meta[key] !== 'undefined' && meta[key]) {
+                meta[key] = true;
+            }
+        });
+        return meta;
+    },
+
     /**
      * Private call only
      *
 
@@ -96,6 +96,7 @@ const internalProxyHost = {
                     .omit(omissions())
                     .patchAndFetchById(row.id, data)
                     .then(saved_row => {
+                        saved_row.meta = internalHost.cleanMeta(saved_row.meta);
                         return _.omit(saved_row, omissions());
                     });
             });
@@ -144,6 +145,7 @@ const internalProxyHost = {
             })
             .then(row => {
                 if (row) {
+                    row.meta = internalHost.cleanMeta(row.meta);
                     return _.omit(row, omissions());
                 } else {
                     throw new error.ItemNotFoundError(data.id);
@@ -180,6 +182,32 @@ const internalProxyHost = {
             });
     },
 
+    /**
+     * @param   {Access}  access
+     * @param   {Object}  data
+     * @param   {Integer} data.id
+     * @param   {Object}  data.files
+     * @returns {Promise}
+     */
+    setCerts: (access, data) => {
+        return internalProxyHost.get(access, {id: data.id})
+            .then(row => {
+                _.map(data.files, (file, name) => {
+                    if (internalHost.allowed_ssl_files.indexOf(name) !== -1) {
+                        row.meta[name] = file.data.toString();
+                    }
+                });
+
+                return internalProxyHost.update(access, {
+                    id:   data.id,
+                    meta: row.meta
+                });
+            })
+            .then(row => {
+                return _.pick(row.meta, internalHost.allowed_ssl_files);
+            });
+    },
+
     /**
      * All Hosts
      *
@@ -215,6 +243,13 @@ const internalProxyHost = {
                 }
 
                 return query;
+            })
+            .then(rows => {
+                rows.map(row => {
+                    row.meta = internalHost.cleanMeta(row.meta);
+                });
+
+                return rows;
             });
     },
 
 
@@ -234,6 +234,8 @@ module.exports = function (token_string) {
             });
         },
 
+        reloadObjects: this.loadObjects,
+
         /**
          *
          * @param {String}  permission
@@ -248,7 +250,6 @@ module.exports = function (token_string) {
                 return this.init()
                     .then(() => {
                         // Initialised, token decoded ok
-
                         return this.getObjectSchema(permission)
                             .then(objectSchema => {
                                 let data_schema = {
@@ -275,9 +276,9 @@ module.exports = function (token_string) {
 
                                 permissionSchema.properties[permission] = require('./access/' + permission.replace(/:/gim, '-') + '.json');
 
-                                //logger.debug('objectSchema:', JSON.stringify(objectSchema, null, 2));
-                                //logger.debug('permissionSchema:', JSON.stringify(permissionSchema, null, 2));
-                                //logger.debug('data_schema:', JSON.stringify(data_schema, null, 2));
+                                // logger.info('objectSchema', JSON.stringify(objectSchema, null, 2));
+                                // logger.info('permissionSchema', JSON.stringify(permissionSchema, null, 2));
+                                // logger.info('data_schema', JSON.stringify(data_schema, null, 2));
 
                                 let ajv = validator({
                                     verbose:      true,
@@ -301,8 +302,9 @@ module.exports = function (token_string) {
                             });
                     })
                     .catch(err => {
-                        logger.error(err.message);
-                        logger.error(err.errors);
+                        err.permission      = permission;
+                        err.permission_data = data;
+                        logger.error(permission, data, err.message);
 
                         throw new error.PermissionError('Permission Denied', err);
                     });
 
@@ -147,4 +147,38 @@ router
             .catch(next);
     });
 
+/**
+ * Specific proxy-host Certificates
+ *
+ * /api/nginx/proxy-hosts/123/certificates
+ */
+router
+    .route('/:host_id/certificates')
+    .options((req, res) => {
+        res.sendStatus(204);
+    })
+    .all(jwtdecode()) // preferred so it doesn't apply to nonexistent routes
+
+    /**
+     * POST /api/nginx/proxy-hosts/123/certificates
+     *
+     * Upload certifications
+     */
+    .post((req, res, next) => {
+        if (!req.files) {
+            res.status(400)
+                .send({error: 'No files were uploaded'});
+        } else {
+            internalProxyHost.setCerts(res.locals.access, {
+                id:    parseInt(req.params.host_id, 10),
+                files: req.files
+            })
+                .then(result => {
+                    res.status(200)
+                        .send(result);
+                })
+                .catch(next);
+        }
+    });
+
 module.exports = router;