libresign/lib/SetupCheck/CertificateEngineSetupCheck.php at 2b319734d34e48b32e81568c533586cd8c578646 · LibreSign/libresign · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php

declare(strict_types=1);
/**
 * SPDX-FileCopyrightText: 2026 LibreCode coop and contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

namespace OCA\Libresign\SetupCheck;

use OCA\Libresign\Handler\CertificateEngine\CertificateEngineFactory;
use OCA\Libresign\Helper\ConfigureCheckHelper;
use OCP\IL10N;
use OCP\SetupCheck\ISetupCheck;
use OCP\SetupCheck\SetupResult;

class CertificateEngineSetupCheck implements ISetupCheck
{
  private IL10N $l10n;
  private CertificateEngineFactory $certificateEngineFactory;

  public function __construct(
    IL10N $l10n,
    CertificateEngineFactory $certificateEngineFactory
  ) {
    $this->l10n = $l10n;
    $this->certificateEngineFactory = $certificateEngineFactory;
  }

  public function getName(): string
  {
    return $this->l10n->t('Certificate engine');
  }

  public function getCategory(): string
  {
    return 'security';
  }

  public function run(): SetupResult
  {
    try {
      $engine = $this->certificateEngineFactory->getEngine();
      $checkResults = $engine->configureCheck();
    } catch (\Throwable $e) {
      $engineName = $this->certificateEngineFactory->getEngine()->getName() ?? 'unknown';
      return SetupResult::error(
        $this->l10n->t('Define the certificate engine to use'),
        $this->l10n->t('Run occ libresign:configure:%s --help', [$engineName])
      );
    }

    // Process results: if any error, return error; else if any warning, return warning; else success
    $hasError = false;
    $hasWarning = false;
    $messages = [];
    $tips = [];

    foreach ($checkResults as $result) {
      if ($result instanceof ConfigureCheckHelper) {
        $status = $result->getStatus();
        $msg = $result->getMessage();
        $tip = $result->getTip();

        if ($status === 'error') {
          $hasError = true;
          $messages[] = "[ERROR] $msg";
        } elseif ($status === 'warning') {
          $hasWarning = true;
          $messages[] = "[WARNING] $msg";
        } else {
          $messages[] = $msg;
        }

        if (!empty($tip)) {
          $tips[] = $tip;
        }
      }
    }

    $tip = '';
    if (!empty($tips)) {
      $tip = implode("\n", array_unique($tips));
    }

    if ($hasError) {
      return SetupResult::error(implode("\n", $messages), $tip);
    } elseif ($hasWarning) {
      return SetupResult::warning(implode("\n", $messages), $tip);
    } else {
      return SetupResult::success(implode("\n", $messages) ?: $this->l10n->t('Certificate engine is configured correctly'));
    }
  }
}