From 146a871bbbd466f7b3a333d1b062ecbf94a07497 Mon Sep 17 00:00:00 2001
From: Durand Fabrice <oeufdure@gmail.com>
Date: Wed, 15 Dec 2021 13:03:05 -0500
Subject: [PATCH] Set scep to true in the db when the certificate has been
 issued by scep

---
 db/pf-schema-X.Y.sql            | 1 +
 db/upgrade-X.X-X.Y.sql          | 3 +++
 go/caddy/pfpki/models/models.go | 3 ++-
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/db/pf-schema-X.Y.sql b/db/pf-schema-X.Y.sql
index 9b71f7e61a6a..c9b74cbcbd19 100644
--- a/db/pf-schema-X.Y.sql
+++ b/db/pf-schema-X.Y.sql
@@ -1455,6 +1455,7 @@ CREATE TABLE `pki_certs` (
   `serial_number` varchar(255) DEFAULT NULL,
   `dns_names` varchar(255) DEFAULT NULL,
   `ip_addresses` varchar(255) DEFAULT NULL,
+  `scep` BOOLEAN DEFAULT FALSE,
   UNIQUE KEY `cn` (`cn`),
   KEY `profile_name` (`profile_name`),
   KEY `valid_until` (`valid_until`),
diff --git a/db/upgrade-X.X-X.Y.sql b/db/upgrade-X.X-X.Y.sql
index 23c6f8066e32..0abc5ed46787 100644
--- a/db/upgrade-X.X-X.Y.sql
+++ b/db/upgrade-X.X-X.Y.sql
@@ -47,6 +47,9 @@ DELIMITER ;
 call ValidateVersion;
 DROP PROCEDURE IF EXISTS ValidateVersion;
 
+\! echo "altering pki_certs"
+ALTER TABLE pki_certs
+    ADD COLUMN IF NOT EXISTS `scep` BOOLEAN DEFAULT FALSE AFTER ip_addresses;
 
 \! echo "Incrementing PacketFence schema version...";
 INSERT IGNORE INTO pf_version (id, version, created_at) VALUES (@VERSION_INT, CONCAT_WS('.', @MAJOR_VERSION, @MINOR_VERSION), NOW());
diff --git a/go/caddy/pfpki/models/models.go b/go/caddy/pfpki/models/models.go
index 9ac787833137..9fd51e2efff1 100644
--- a/go/caddy/pfpki/models/models.go
+++ b/go/caddy/pfpki/models/models.go
@@ -139,6 +139,7 @@ type (
 		SerialNumber       string          `json:"serial_number,omitempty"`
 		DNSNames           string          `json:"dns_names,omitempty"`
 		IPAddresses        string          `json:"ip_addresses,omitempty"`
+		Scep               bool            `json:"scep,omitempty" gorm:"default:false"`
 	}
 
 	// RevokedCert struct
@@ -518,7 +519,7 @@ func (c CA) Put(cn string, crt *x509.Certificate, options ...string) error {
 		c.DB.First(&ca)
 	}
 
-	if err := c.DB.Create(&Cert{Cn: cn, Ca: ca, CaName: ca.Cn, ProfileName: profiledb[0].Name, SerialNumber: crt.SerialNumber.String(), Mail: attributeMap["emailAddress"], StreetAddress: attributeMap["streetAddress"], Organisation: attributeMap["O"], OrganisationalUnit: attributeMap["OU"], Country: attributeMap["C"], State: attributeMap["ST"], Locality: attributeMap["L"], PostalCode: attributeMap["emailAddress"], Profile: profiledb[0], Key: "", Cert: publicKey.String(), ValidUntil: crt.NotAfter}).Error; err != nil {
+	if err := c.DB.Create(&Cert{Cn: cn, Ca: ca, CaName: ca.Cn, ProfileName: profiledb[0].Name, SerialNumber: crt.SerialNumber.String(), Mail: attributeMap["emailAddress"], StreetAddress: attributeMap["streetAddress"], Organisation: attributeMap["O"], OrganisationalUnit: attributeMap["OU"], Country: attributeMap["C"], State: attributeMap["ST"], Locality: attributeMap["L"], PostalCode: attributeMap["emailAddress"], Profile: profiledb[0], Key: "", Cert: publicKey.String(), ValidUntil: crt.NotAfter, Scep: true}).Error; err != nil {
 		return errors.New("A database error occured. See log for details.")
 	}