Merge branch 'exclude-le-domains' into 'stable-3.1'

Exclude le domains See merge request ispconfig/ispconfig3!682

Merge branch 'exclude-le-domains' into 'stable-3.1'
d8f1b942 · Marius Burkard · 652c0b9f · 059dadfa · d8f1b942 · d8f1b942
Commit d8f1b942 authored 7 years ago by Marius Burkard
--- a/install/sql/incremental/upd_dev_collection.sql
+++ b/install/sql/incremental/upd_dev_collection.sql
+ALTER TABLE `web_domain` ADD COLUMN `ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n' AFTER `ssl_letsencrypt`;
--- a/install/sql/ispconfig3.sql
+++ b/install/sql/ispconfig3.sql
@@ -1943,6 +1943,7 @@ CREATE TABLE `web_domain` (
  `rewrite_to_https` ENUM('y','n') NOT NULL DEFAULT 'n',
  `ssl` enum('n','y') NOT NULL default 'n',
  `ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n',
+  `ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n',
  `ssl_state` varchar(255) NULL,
  `ssl_locality` varchar(255) NULL,
  `ssl_organisation` varchar(255) NULL,

--- a/interface/web/sites/form/web_childdomain.tform.php
+++ b/interface/web/sites/form/web_childdomain.tform.php
@@ -133,6 +133,12 @@ $form["tabs"]['domain'] = array (
 			'width'  => '30',
 			'maxlength' => '255'
 		),
+		'ssl_letsencrypt_exclude' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'n',
+			'value'  => array(0 => 'n', 1 => 'y')
+		),
 		'active' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'CHECKBOX',

--- a/interface/web/sites/lib/lang/de_web_childdomain.lng
+++ b/interface/web/sites/lib/lang/de_web_childdomain.lng
@@ -115,4 +115,5 @@ $wb['available_php_directive_snippets_txt'] = 'Verfügbare PHP-Direktiven-Schnip
 $wb['available_apache_directive_snippets_txt'] = 'Verfügbare Apache-Direktiven-Schnipsel:';
 $wb['available_nginx_directive_snippets_txt'] = 'Verfügbare nginx-Direktiven-Schnipsel:';
 $wb['Domain'] = 'Aliasdomain';
+$wb['ssl_letsencrypt_exclude_txt'] = 'Nicht in Let\'s Encrypt Zertifikat aufnehmen';
 ?>
--- a/interface/web/sites/lib/lang/en_web_childdomain.lng
+++ b/interface/web/sites/lib/lang/en_web_childdomain.lng
@@ -115,4 +115,5 @@ $wb['available_php_directive_snippets_txt'] = 'Available PHP Directive Snippets:
 $wb['available_apache_directive_snippets_txt'] = 'Available Apache Directive Snippets:';
 $wb['available_nginx_directive_snippets_txt'] = 'Available nginx Directive Snippets:';
 $wb['Domain'] = 'Aliasdomain';
+$wb['ssl_letsencrypt_exclude_txt'] = 'Don\'t add to Let\'s Encrypt certificate';
 ?>
--- a/interface/web/sites/templates/web_childdomain_edit.htm
+++ b/interface/web/sites/templates/web_childdomain_edit.htm
@@ -67,6 +67,14 @@
                <div class="col-sm-9"><select name="seo_redirect" id="seo_redirect" class="form-control">
                    {tmpl_var name='seo_redirect'}
                </select></div>
+            </div>
+			</tmpl_if>
+			<tmpl_if name="limit_ssl_letsencrypt" op="==" value="y">
+				<div class="form-group">
+                <label class="col-sm-3 control-label">{tmpl_var name='ssl_letsencrypt_exclude_txt'}</label>
+                <div class="col-sm-9">
+                    {tmpl_var name='ssl_letsencrypt_exclude'}
+                </div>
            </div>
 			</tmpl_if>
            <div class="form-group">

--- a/interface/web/sites/web_childdomain_edit.php
+++ b/interface/web/sites/web_childdomain_edit.php
@@ -146,7 +146,14 @@ class page_action extends tform_actions {
 		}
 		if($this->_childdomain_type == 'subdomain') $app->tpl->setVar("domain", $this->dataRecord["domain"]);

-		if($_SESSION["s"]["user"]["typ"] == 'admin') {
+		$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+		if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+			$client = $app->db->queryOneRecord("SELECT client.limit_ssl_letsencrypt FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
+			$app->tpl->setVar('limit_ssl_letsencrypt', $client['limit_ssl_letsencrypt']);
+		} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+			$client = $app->db->queryOneRecord("SELECT client.limit_ssl_letsencrypt FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
+			$app->tpl->setVar('limit_ssl_letsencrypt', $client['limit_ssl_letsencrypt']);
+		} else {
 			// Directive Snippets
 			$proxy_directive_snippets = $app->db->queryAllRecords("SELECT * FROM directive_snippets WHERE type = 'proxy' AND active = 'y'");
 			$proxy_directive_snippets_txt = '';
@@ -157,6 +164,7 @@ class page_action extends tform_actions {
 			}
 			if($proxy_directive_snippets_txt == '') $proxy_directive_snippets_txt = '------';
 			$app->tpl->setVar("proxy_directive_snippets_txt", $proxy_directive_snippets_txt);
+			$app->tpl->setVar('limit_ssl_letsencrypt', 'y');
 		}

 		$app->tpl->setVar('childdomain_type', $this->_childdomain_type);
@@ -208,6 +216,15 @@ class page_action extends tform_actions {
 			$app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
 		}

+
+		if($_SESSION["s"]["user"]["typ"] != 'admin') {
+			// Get the limits of the client
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+			$client = $app->db->queryOneRecord("SELECT limit_ssl_letsencrypt FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
+			if($client['limit_ssl_letsencrypt'] != 'y') $this->dataRecord['ssl_letsencrypt_exclude'] = 'n';
+		}
+		
+		
 		// Set a few fixed values
 		$this->dataRecord["type"] = ($this->_childdomain_type == 'subdomain' ? 'subdomain' : 'alias');
 		$this->dataRecord["server_id"] = $parent_domain["server_id"];

--- a/server/lib/classes/letsencrypt.inc.php
+++ b/server/lib/classes/letsencrypt.inc.php
@@ -203,7 +203,7 @@ class letsencrypt {
 		}

 		//* then, add subdomain if we have
-		$subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
+		$subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain' AND ssl_letsencrypt_exclude != 'y'");
 		if(is_array($subdomains)) {
 			foreach($subdomains as $subdomain) {
 				$temp_domains[] = $subdomain['domain'];
@@ -211,7 +211,7 @@ class letsencrypt {
 		}
 		
 		//* then, add alias domain if we have
-		$aliasdomains = $app->db->queryAllRecords('SELECT domain,subdomain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'alias'");
+		$aliasdomains = $app->db->queryAllRecords('SELECT domain,subdomain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'alias' AND ssl_letsencrypt_exclude != 'y'");
 		if(is_array($aliasdomains)) {
 			foreach($aliasdomains as $aliasdomain) {
 				$temp_domains[] = $aliasdomain['domain'];