diff options
author | jim-p <jimp@pfsense.org> | 2017-05-22 15:29:10 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2017-05-22 15:29:10 -0400 |
commit | fc1913fef29fbc7f90e8e2fe9374b761411f09ae (patch) | |
tree | efb42e1a226594f15c1c869598b92fbae0eed3ac | |
parent | ec0736af255a8c2b3f158156ef00845ca3c6c4d9 (diff) | |
download | pfsense-fc1913fef29fbc7f90e8e2fe9374b761411f09ae.zip pfsense-fc1913fef29fbc7f90e8e2fe9374b761411f09ae.tar.gz |
Provide a useful error message to the user when there is no private CA with which to create a new user certificate. Fixes #7585
-rw-r--r-- | src/usr/local/www/system_usermanager.php | 41 |
1 files changed, 26 insertions, 15 deletions
diff --git a/src/usr/local/www/system_usermanager.php b/src/usr/local/www/system_usermanager.php index 6966190..1482663 100644 --- a/src/usr/local/www/system_usermanager.php +++ b/src/usr/local/www/system_usermanager.php @@ -106,6 +106,18 @@ if ($_POST['act'] == "deluser") { */ $pconfig['utype'] = "user"; $pconfig['lifetime'] = 3650; + + $nonPrvCas = array(); + if (is_array($config['ca']) && count($config['ca']) > 0) { + foreach ($config['ca'] as $ca) { + if (!$ca['prv']) { + continue; + } + + $nonPrvCas[ $ca['refid'] ] = $ca['descr']; + } + } + } if (isset($_POST['dellall'])) { @@ -848,12 +860,20 @@ if ($act == "new" || $act == "edit" || $input_errors): // ==== Button for adding user certificate ================================ if ($act == 'new') { - $section->addInput(new Form_Checkbox( - 'showcert', - 'Certificate', - 'Click to create a user certificate', - false - )); + if (count($nonPrvCas) > 0) { + $section->addInput(new Form_Checkbox( + 'showcert', + 'Certificate', + 'Click to create a user certificate', + false + )); + } else { + $section->addInput(new Form_StaticText( + 'Certificate', + gettext('No private CAs found. A private CA is required to create a new user certificate. ' . + 'Save the user first to import an external certificate.') + )); + } } $form->add($section); @@ -888,15 +908,6 @@ if ($act == "new" || $act == "edit" || $input_errors): $section = new Form_Section('Create Certificate for User'); $section->addClass('cert-options'); - $nonPrvCas = array(); - foreach ($config['ca'] as $ca) { - if (!$ca['prv']) { - continue; - } - - $nonPrvCas[ $ca['refid'] ] = $ca['descr']; - } - if (!empty($nonPrvCas)) { $section->addInput(new Form_Input( 'name', |