array('model'=>'ssl_ca','foreign_key'=>'parent_ssl_ca_id'), ); protected $_has_many = array( 'children'=>array('model'=>'ssl_ca','far_key'=>'id','foreign_key'=>'parent_ssl_ca_id'), 'service'=>array('through'=>'service__ssl'), ); protected $_display_filters = array( 'sign_cert'=>array( array('SSL::subject',array(':value')), ), ); protected $_form = array('id'=>'id','value'=>'subject()'); public function filters() { return array( 'parent_ssl_ca_id'=>array( array(array($this,'filter_getParent')), ) ); } public function rules() { return Arr::merge(parent::rules(),array( 'sign_cert'=>array( array('not_empty'), array(array($this,'isCert')), array(array($this,'isCA')), ), 'parent_ssl_ca_id'=>array( array(array($this,'rule_parentExist')), ), )); } private $_so = NULL; /** * Resolve any queries to certificate details */ public function __call($name,$args) { $m = 'get_'.$name; if (is_null($this->_so)) return NULL; if (method_exists($this->_so,$m)) return $this->_so->{$m}($args); else throw new Kohana_Exception('Unknown method :method for :class',array(':method'=>$m,':class'=>get_class($this->_so))); } // We want to inject the SSL object into this Model protected function _load_values(array $values) { parent::_load_values($values); if ($this->sign_cert) $this->_so = SSL::instance($this->sign_cert); return $this; } /** * List the child CA certs */ public function childca($children=FALSE) { $result = 0; if ($children) foreach ($this->list_childca() as $cao) $result += $cao->childca($children); return $result+$this->list_childca()->count(); } public function childcrt($children=FALSE) { $result = 0; if ($children) foreach ($this->list_childca() as $cao) $result += $cao->childcrt($children); return $result+$this->list_childcrt()->count(); } /** * Make sure we have our parent in the DB too */ public function validParent($format=FALSE) { $result = NULL; // If we are a root cert, we are valid if ((($this->parent_ssl_ca_id == $this->id) OR is_null($this->parent_ssl_ca_id)) AND $this->isRoot()) return StaticList_YesNo::get(TRUE,$format); //echo Debug::vars([__METHOD__,'psci'=>$this->parent_ssl_ca_id,'myid'=>$this->id,'root'=>$this->isRoot()]); return StaticList_YesNo::get(($this->aki_keyid() == $this->parent->ski() AND $this->parent_ssl_ca_id != $this->id),$format); } // If we change the SSL certificate, we need to reload our SSL object public function values(array $values, array $expected = NULL) { parent::values($values,$expected); if (array_key_exists('sign_cert',$values)) $this->_so = SSL::instance($this->sign_cert); return $this; } /** * Filter to find the parent SSL_CA * * @notes This filter only runs when the value passed is -1 */ public function filter_getParent() { // This cannot be an array if (count(func_get_args()) != 1) return NULL; $x = func_get_args(); $x = array_pop($x); // This filter only runs when our value is -1 if ($x != -1) return $x; foreach (ORM::factory($this->_object_name)->find_all() as $sco) { if ($sco->ski() == $this->aki_keyid()) return $sco->id; } // If we got here, we couldnt find it return $this->isRoot() ? NULL : $x; } public function list_childca() { return $this->children->where_active()->find_all(); } public function list_childcrt() { return $this->service->where_active()->find_all(); } public function rule_parentExist() { // Our parent_ssl_ca_id should have been populated by filter_GetParent(). return ($this->parent_ssl_ca_id > 0) OR $this->isRoot(); } } ?>