From bba92e4d4104a0ca5e81ad0c0582e5eac98bd6df Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Sun, 20 Nov 2016 20:36:58 -0500
Subject: [PATCH] Small tweaks for the web interface

---
 data/actionsmap/yunohost.yml |  8 ++++----
 src/yunohost/certificate.py  | 22 +++++++++++++++-------
 2 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml
index 8f08a98b8..3729e3aa3 100644
--- a/data/actionsmap/yunohost.yml
+++ b/data/actionsmap/yunohost.yml
@@ -308,7 +308,7 @@ domain:
         ### certificate_status()
         cert-status:
             action_help: List status of current certificates (all by default).
-            api: GET /certs/status/<domains>
+            api: GET /domains/cert-status/<domain_list>
             configuration:
                 authenticate: all
                 authenticator: ldap-anonymous
@@ -323,7 +323,7 @@ domain:
         ### certificate_install()
         cert-install:
             action_help: Install Let's Encrypt certificates for given domains (all by default).
-            api: POST /certs/enable/<domains>
+            api: POST /domains/cert-install/<domain_list>
             configuration:
                 authenticate: all
                 authenticator: ldap-anonymous
@@ -344,7 +344,7 @@ domain:
         ### certificate_renew()
         cert-renew:
             action_help: Renew the Let's Encrypt certificates for given domains (all by default).
-            api: POST /certs/renew/<domains>
+            api: POST /domains/cert-renew/<domain_list>
             configuration:
                 authenticate: all
                 authenticator: ldap-anonymous
@@ -361,7 +361,7 @@ domain:
                 --no-checks:
                     help: Does not perform any check that your domain seems correcly configured (DNS, reachability) before attempting to renew. (Not recommended)
                     action: store_true
-             
+
          ### domain_info()
 #        info:
 #            action_help: Get domain informations
diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py
index 8feb9a771..8b3db0283 100644
--- a/src/yunohost/certificate.py
+++ b/src/yunohost/certificate.py
@@ -103,6 +103,7 @@ def certificate_status(auth, domain_list, full=False):
         if not full:
             del status["subject"]
             del status["CA_name"]
+            del status["ACME_eligible"]
             status["CA_type"] = status["CA_type"]["verbose"]
             status["summary"] = status["summary"]["verbose"]
 
@@ -157,10 +158,10 @@ def certificate_install_selfsigned(domain_list, force=False):
         key_file = os.path.join(new_cert_folder, "key.pem")
         crt_file = os.path.join(new_cert_folder, "crt.pem")
         ca_file = os.path.join(new_cert_folder, "ca.pem")
-        
+
         # Create output folder for new certificate stuff
         os.makedirs(new_cert_folder)
-        
+
         # Create our conf file, based on template, replacing the occurences of
         # "yunohost.org" with the given domain
         with open(conf_file, "w") as f :
@@ -168,10 +169,10 @@ def certificate_install_selfsigned(domain_list, force=False):
                 for line in template :
                     f.write(line.replace("yunohost.org", domain))
 
-        # Use OpenSSL command line to create a certificate signing request, 
+        # Use OpenSSL command line to create a certificate signing request,
         # and self-sign the cert
         commands = []
-        commands.append("openssl req -new -config %s -days 3650 -out %s -keyout %s -nodes -batch" 
+        commands.append("openssl req -new -config %s -days 3650 -out %s -keyout %s -nodes -batch"
                         % (conf_file, csr_file, key_file))
         commands.append("openssl ca -config %s -days 3650 -in %s -out %s -batch"
                         % (conf_file, csr_file, crt_file))
@@ -249,7 +250,7 @@ def certificate_install_letsencrypt(auth, domain_list, force=False, no_checks=Fa
 
         try:
             if not no_checks:
-                _check_domain_is_correctly_configured(domain)
+                _check_domain_is_ready_for_ACME(domain)
 
             _configure_for_acme_challenge(auth, domain)
             _fetch_and_enable_new_certificate(domain)
@@ -318,7 +319,7 @@ def certificate_renew(auth, domain_list, force=False, no_checks=False, email=Fal
 
         try:
             if not no_checks:
-                _check_domain_is_correctly_configured(domain)
+                _check_domain_is_ready_for_ACME(domain)
             _fetch_and_enable_new_certificate(domain)
 
             logger.success(m18n.n("certmanager_cert_renew_success", domain=domain))
@@ -608,6 +609,12 @@ def _get_status(domain):
             "verbose": "Unknown?",
         }
 
+    try :
+        _check_domain_is_ready_for_ACME(domain)
+        ACME_eligible = True
+    except :
+        ACME_eligible = False
+
     return {
         "domain": domain,
         "subject": cert_subject,
@@ -615,6 +622,7 @@ def _get_status(domain):
         "CA_type": CA_type,
         "validity": days_remaining,
         "summary": status_summary,
+        "ACME_eligible": ACME_eligible
     }
 
 ###############################################################################
@@ -681,7 +689,7 @@ def _backup_current_cert(domain):
     shutil.copytree(cert_folder_domain, backup_folder)
 
 
-def _check_domain_is_correctly_configured(domain):
+def _check_domain_is_ready_for_ACME(domain):
     public_ip = yunohost.domain.get_public_ip()
 
     # Check if IP from DNS matches public IP