adjust signing certs

1 year ago · 7e537e4232
parent a892975010
commit 7e537e4232
9 changed files with 58 additions and 11 deletions
--- a/app/controllers/esign_settings_controller.rb
+++ b/app/controllers/esign_settings_controller.rb
@ -21,9 +21,9 @@ class EsignSettingsController < ApplicationController
    default_pkcs = GenerateCertificate.load_pkcs(cert_data) if cert_data['cert'].present?

    custom_pkcs_list = (cert_data['custom'] || []).map do |e|
-      { 'pkcs' => OpenSSL::PKCS12.new(Base64.urlsafe_decode64(e['data']), e['password'].to_s),
-        'name' => e['name'],
-        'status' => e['status'] }
+      pkcs = e['data'].present? ? OpenSSL::PKCS12.new(Base64.urlsafe_decode64(e['data']), e['password'].to_s) : nil
+
+      { 'pkcs' => pkcs, 'name' => e['name'], 'status' => e['status'] }
    end

    @pkcs_list = [
@ -69,7 +69,12 @@ class EsignSettingsController < ApplicationController
    @encrypted_config.value['custom'].each { |e| e['status'] = 'validate' }

    custom_cert_data = @encrypted_config.value['custom'].find { |e| e['name'] == params[:name] }
-    custom_cert_data['status'] = 'default' if custom_cert_data
+
+    if custom_cert_data
+      custom_cert_data['status'] = 'default'
+    elsif params[:name] == Docuseal::AATL_CERT_NAME
+      @encrypted_config.value['custom'] << { 'name' => params[:name], 'status' => 'default' }
+    end

    @encrypted_config.save!

--- a/app/views/esign_settings/_default_signature_row.html.erb
+++ b/app/views/esign_settings/_default_signature_row.html.erb
@ -0,0 +1,25 @@
+<tr scope="row" class="group">
+  <td class="flex items-center space-x-1">
+    <%= svg_icon('discount_check_filled', class: 'w-6 h-6 text-green-500') %>
+    <span class="flex items-center">
+      DocuSeal Trusted Signature
+      <div class="tooltip ml-1" data-tip="Sign documents with trusted certificate provided by DocuSeal. Your documents and data are never shared with DocuSeal. PDF checksum is provided to generate a trusted signature.">
+        <%= svg_icon('circle_question', class: 'w-4 h-4 stroke-1') %>
+      </div>
+    </span>
+  </td>
+  <td>
+    <a href="<%= "#{Docuseal::CLOUD_URL}/sign_up?#{{ redir: "#{Docuseal::CONSOLE_URL}/on_premise" }.to_query}" %>" class="btn btn-neutral btn-sm text-white">
+      Upgrade to Pro
+    </a>
+  </td>
+  <td>
+    <div class="tooltip" data-tip="Upgrade to Pro">
+      <%= button_to settings_esign_path, method: :put, params: { name: Docuseal::AATL_CERT_NAME }, class: 'btn btn-outline btn-neutral btn-xs whitespace-nowrap', title: t('make_default'), disabled: true do %>
+        <%= t('make_default') %>
+      <% end %>
+    </div>
+  </td>
+  <td>
+  </td>
+</tr>
--- a/app/views/esign_settings/show.html.erb
+++ b/app/views/esign_settings/show.html.erb
@ -71,6 +71,7 @@
        </thead>
        <tbody>
          <% @pkcs_list.each do |item| %>
+            <% next if item['pkcs'].blank? %>
            <tr scope="row" class="group">
              <td>
                <%= item['name'] %>
@ -98,6 +99,9 @@
              </td>
            </tr>
          <% end %>
+          <% unless Docuseal.multitenant? %>
+            <%= render 'default_signature_row' %>
+          <% end %>
        </tbody>
      </table>
    </div>
--- a/app/views/icons/_discount_check_filled.html.erb
+++ b/app/views/icons/_discount_check_filled.html.erb
@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" class="<%= local_assigns[:class] %>" width="44" height="44" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round">
+  <path stroke="none" d="M0 0h24v24H0z" fill="none" />
+  <path d="M12.01 2.011a3.2 3.2 0 0 1 2.113 .797l.154 .145l.698 .698a1.2 1.2 0 0 0 .71 .341l.135 .008h1a3.2 3.2 0 0 1 3.195 3.018l.005 .182v1c0 .27 .092 .533 .258 .743l.09 .1l.697 .698a3.2 3.2 0 0 1 .147 4.382l-.145 .154l-.698 .698a1.2 1.2 0 0 0 -.341 .71l-.008 .135v1a3.2 3.2 0 0 1 -3.018 3.195l-.182 .005h-1a1.2 1.2 0 0 0 -.743 .258l-.1 .09l-.698 .697a3.2 3.2 0 0 1 -4.382 .147l-.154 -.145l-.698 -.698a1.2 1.2 0 0 0 -.71 -.341l-.135 -.008h-1a3.2 3.2 0 0 1 -3.195 -3.018l-.005 -.182v-1a1.2 1.2 0 0 0 -.258 -.743l-.09 -.1l-.697 -.698a3.2 3.2 0 0 1 -.147 -4.382l.145 -.154l.698 -.698a1.2 1.2 0 0 0 .341 -.71l.008 -.135v-1l.005 -.182a3.2 3.2 0 0 1 3.013 -3.013l.182 -.005h1a1.2 1.2 0 0 0 .743 -.258l.1 -.09l.698 -.697a3.2 3.2 0 0 1 2.269 -.944zm3.697 7.282a1 1 0 0 0 -1.414 0l-3.293 3.292l-1.293 -1.292l-.094 -.083a1 1 0 0 0 -1.32 1.497l2 2l.094 .083a1 1 0 0 0 1.32 -.083l4 -4l.083 -.094a1 1 0 0 0 -.083 -1.32z" stroke-width="0" fill="currentColor" />
+</svg>
--- a/lib/accounts.rb
+++ b/lib/accounts.rb
@ -118,7 +118,11 @@ module Accounts
      end

    if (default_cert = cert_data['custom']&.find { |e| e['status'] == 'default' })
+      if default_cert['name'] == Docuseal::AATL_CERT_NAME
+        Docuseal.default_pkcs
+      else
        OpenSSL::PKCS12.new(Base64.urlsafe_decode64(default_cert['data']), default_cert['password'].to_s)
+      end
    else
      GenerateCertificate.load_pkcs(cert_data)
    end
@ -153,7 +157,9 @@ module Accounts

    default_pkcs = GenerateCertificate.load_pkcs(cert_data)

-    custom_certs = cert_data.fetch('custom', []).map do |e|
+    custom_certs = cert_data.fetch('custom', []).filter_map do |e|
+      next if e['data'].blank?
+
      OpenSSL::PKCS12.new(Base64.urlsafe_decode64(e['data']), e['password'].to_s)
    end

--- a/lib/docuseal.rb
+++ b/lib/docuseal.rb
@ -14,6 +14,7 @@ module Docuseal
  CHATGPT_URL = 'https://chatgpt.com/g/g-9hg8AAw0r-docuseal'
  SUPPORT_EMAIL = 'support@docuseal.co'
  HOST = ENV.fetch('HOST', 'localhost')
+  AATL_CERT_NAME = 'docuseal_aatl'
  CONSOLE_URL = if Rails.env.development?
                  'http://console.localhost.io:3001'
                elsif ENV['MULTITENANT'] == 'true'
--- a/lib/submissions/generate_audit_trail.rb
+++ b/lib/submissions/generate_audit_trail.rb
@ -43,9 +43,11 @@ module Submissions

      document.trailer.info[:Creator] = "#{Docuseal.product_name} (#{Docuseal::PRODUCT_URL})"

+      last_submitter = submission.submitters.select(&:completed_at).max_by(&:completed_at)
+
      sign_params = {
        reason: sign_reason,
-        **Submissions::GenerateResultAttachments.build_signing_params(pkcs, tsa_url)
+        **Submissions::GenerateResultAttachments.build_signing_params(last_submitter, pkcs, tsa_url)
      }

      document.sign(io, **sign_params)
@ -170,7 +172,7 @@ module Submissions

      composer.draw_box(divider)

-      last_submitter = submission.submitters.where.not(completed_at: nil).order(:completed_at).last
+      last_submitter = submission.submitters.select(&:completed_at).max_by(&:completed_at)

      documents_data = Submitters.select_attachments_for_download(last_submitter).map do |document|
        original_documents = submission.template.documents.select do |e|
--- a/lib/submissions/generate_combined_attachment.rb
+++ b/lib/submissions/generate_combined_attachment.rb
@ -19,7 +19,7 @@ module Submissions

      sign_params = {
        reason: sign_reason,
-        **Submissions::GenerateResultAttachments.build_signing_params(pkcs, tsa_url)
+        **Submissions::GenerateResultAttachments.build_signing_params(submitter, pkcs, tsa_url)
      }

      pdf.sign(io, **sign_params)
--- a/lib/submissions/generate_result_attachments.rb
+++ b/lib/submissions/generate_result_attachments.rb
@ -454,7 +454,7 @@ module Submissions
      if sign_reason
        sign_params = {
          reason: sign_reason,
-          **build_signing_params(pkcs, tsa_url)
+          **build_signing_params(submitter, pkcs, tsa_url)
        }

        begin
@ -491,7 +491,7 @@ module Submissions
      io
    end

-    def build_signing_params(pkcs, tsa_url)
+    def build_signing_params(_submitter, pkcs, tsa_url)
      params = {
        certificate: pkcs.certificate,
        key: pkcs.key,