filter shown certs to only permission domains

1 year ago · 2cea4955a4
parent b9877bb93e
commit 2cea4955a4
2 changed files with 17 additions and 3 deletions
--- a/controllers/certs.js
+++ b/controllers/certs.js
@ -25,7 +25,14 @@ exports.certsPage = async (app, req, res) => {
 	dbCerts.forEach(c => c.date = c.date.toISOString());
 	const clusterCerts = await res.locals.dataPlane
 		.getAllStorageSSLCertificates()
-		.then(res => res.data);
+		.then(certs => {
+			return certs.data.filter(c => {
+				const approxSubject = c.storage_name
+					.replace('_', '.')
+					.substr(0, c.storage_name.length-4);
+				return res.locals.user.domains.includes(approxSubject);
+			});
+		});
 	return app.render(req, res, '/certs', {
 		csrf: req.csrfToken(),
 		dbCerts,
@ -54,7 +61,14 @@ exports.certsJson = async (req, res) => {
 	dbCerts.forEach(c => c.date = c.date.toISOString());
 	const clusterCerts = await res.locals.dataPlane
 		.getAllStorageSSLCertificates()
-		.then(res => res.data);
+		.then(certs => {
+			return certs.data.filter(c => {
+				const approxSubject = c.storage_name
+					.replace('_', '.')
+					.substr(0, c.storage_name.length-4);
+				return res.locals.user.domains.includes(approxSubject);
+			});
+		});
 	return res.json({
 		csrf: req.csrfToken(),
 		user: res.locals.user,
--- a/pages/certs.js
+++ b/pages/certs.js
@ -54,7 +54,7 @@ export default function Certs(props) {

 	const clusterOnlyCerts = clusterCerts
 		.filter(c => !dbCerts.some(dc => dc.storageName === c.storage_name))
-		.filter(c => c.storage_name !== 'selfsigned.pem'); //no point showing this
+		.filter(c => c.storage_name !== 'server-cert.pem'); //no point showing this
 	const clusterOnlyCertList = clusterOnlyCerts.map((c, i) => {
 		const approxSubject = c.storage_name
 			.replace('_', '.')