diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2012-06-12 14:28:30 +0200 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2012-06-27 08:58:24 +0200 |
| commit | 3c36fa8c0da767b0f1309cb96bf85d3149e4dc10 (patch) | |
| tree | 02c7f0955d80a2dc7f896eee607301e465411b9b | |
| parent | 32ef4efaca96d7cfa05c00484fe926bd89c80d12 (diff) | |
| download | freeipa-3c36fa8c0da767b0f1309cb96bf85d3149e4dc10.tar.gz freeipa-3c36fa8c0da767b0f1309cb96bf85d3149e4dc10.tar.xz freeipa-3c36fa8c0da767b0f1309cb96bf85d3149e4dc10.zip | |
Action panel for certificates
This is a continuation of effor which transforms status widgets with buttons executing actions to separate status widget and action panels. This patch strips certificate status widget of its buttons and separates the actions to their own objects. Appropriate modifications are taken in host and service details facets.
New certificate loader, facet policy and evaluator are introduced to make actions and status widget independent. On facet load event new certificate facet policy loads a certificate from result. Unfortunately results don't contain revocation reason so it also executes additional cert-show command to get the revocation reason. Policy store the certifacete to facet. It raises the certifacet_loaded event to notify certificate evaluator and status widget. Status widget updates its state. Certificate evaluater updates state and actions get disabled or enabled.
https://fedorahosted.org/freeipa/ticket/2250
| -rwxr-xr-x | install/ui/certificate.js | 713 | ||||
| -rw-r--r-- | install/ui/host.js | 75 | ||||
| -rw-r--r-- | install/ui/service.js | 91 |
3 files changed, 452 insertions, 427 deletions
diff --git a/install/ui/certificate.js b/install/ui/certificate.js index b5356224f..e94c81a03 100755 --- a/install/ui/certificate.js +++ b/install/ui/certificate.js @@ -2,6 +2,7 @@ /* Authors: * Endi Sukma Dewata <edewata@redhat.com> + * Petr Vobornik <pvoborni@redhat.com> * * Copyright (C) 2010 Red Hat * see file 'COPYING' for use and warranty information @@ -220,7 +221,7 @@ IPA.cert.revoke_dialog = function(spec) { label: IPA.messages.buttons.revoke, click: function() { var values = {}; - values['reason'] = that.select.val(); + values.reason = that.select.val(); if (that.revoke) { that.revoke(values); } @@ -284,9 +285,8 @@ IPA.cert.restore_dialog = function(spec) { name: 'restore', label: IPA.messages.buttons.restore, click: function() { - var values = {}; if (that.restore) { - that.restore(values); + that.restore(); } that.close(); } @@ -317,14 +317,14 @@ IPA.cert.view_dialog = function(spec) { that.width = spec.width || 600; that.height = spec.height || 500; - that.subject = IPA.cert.parse_dn(spec.subject); - that.serial_number = spec.serial_number || ''; - that.serial_number_hex = spec.serial_number_hex || ''; - that.issuer = IPA.cert.parse_dn(spec.issuer); - that.issued_on = spec.issued_on || ''; - that.expires_on = spec.expires_on || ''; - that.md5_fingerprint = spec.md5_fingerprint || ''; - that.sha1_fingerprint = spec.sha1_fingerprint || ''; + that.subject = IPA.cert.parse_dn(spec.certificate.subject); + that.serial_number = spec.certificate.serial_number || ''; + that.serial_number_hex = spec.certificate.serial_number_hex || ''; + that.issuer = IPA.cert.parse_dn(spec.certificate.issuer); + that.issued_on = spec.certificate.valid_not_before || ''; + that.expires_on = spec.certificate.valid_not_after || ''; + that.md5_fingerprint = spec.certificate.md5_fingerprint || ''; + that.sha1_fingerprint = spec.certificate.sha1_fingerprint || ''; that.create_button({ name: 'close', @@ -456,8 +456,7 @@ IPA.cert.request_dialog = function(spec) { click: function() { var values = {}; var request = $.trim(that.textarea.val()); - request = IPA.cert.pem_csr_format(request); - values['request'] = request; + values.request = IPA.cert.pem_csr_format(request); if (that.request) { that.request(values); } @@ -484,447 +483,464 @@ IPA.cert.request_dialog = function(spec) { return that; }; -IPA.cert.status_widget = function(spec) { +IPA.cert.loader = function(spec) { spec = spec || {}; - var that = IPA.input_widget(spec); + var that = {}; + that.get_pkey = spec.get_pkey; + that.get_name = spec.get_name; + that.get_principal = spec.get_principal; + that.get_hostname = spec.get_hostname; + + that.load = function (result) { + + var certificate = { + issuer: result.issuer, + certificate: result.certificate, + md5_fingerprint: result.md5_fingerprint, + revocation_reason: result.revocation_reason, + serial_number: result.serial_number, + serial_number_hex: result.serial_number_hex, + sha1_fingerprint: result.sha1_fingerprint, + subject: result.subject, + valid_not_after: result.valid_not_after, + valid_not_before: result.valid_not_before + }; + + if (that.get_entity_certificate) { + certificate.certificate = that.get_entity_certificate(result); + } else if (!certificate.certificate && result.usercertificate) { + // default method of storing certificate for object commands + // which include certificate + certificate.certificate = result.usercertificate[0].__base64__; + } - that.entity_label = spec.entity_label || that.entity.metadata.label_singular; + var info = {}; - that.result = spec.result; + if (that.get_pkey) info.pkey = that.get_pkey(result); + if (that.get_name) info.name = that.get_name(result); + if (that.get_principal) info.principal = that.get_principal(result); + if (that.get_hostname) info.hostname = that.get_hostname(result); - that.get_entity_pkey = spec.get_entity_pkey; - that.get_entity_name = spec.get_entity_name; - that.get_entity_principal = spec.get_entity_principal; - that.get_entity_certificate = spec.get_entity_certificate; + certificate.entity_info = info; - that.is_selfsign = function() { - return IPA.env.ra_plugin == 'selfsign'; + return certificate; }; - that.create = function(container) { - - that.widget_create(container); - - var div = $('<div/>', { - name: 'certificate-valid', - style: 'display: none;' - }).appendTo(container); + return that; +}; - $('<img/>', { - src: 'images/check-icon.png', - style: 'float: left;', - 'class': 'status-icon' - }).appendTo(div); +IPA.cert.load_policy = function(spec) { - var content_div = $('<div/>', { - style: 'float: left;' - }).appendTo(div); + spec = spec || {}; + spec.loader = spec.loader || { + factory: IPA.cert.loader, + get_pkey: spec.get_pkey, + get_name: spec.get_name, + get_principal: spec.get_principal, + get_hostname: spec.get_hostname + }; - content_div.append('<b>'+IPA.messages.objects.cert.valid+':</b>'); + var that = IPA.facet_policy(); + that.loader = IPA.build(spec.loader); - content_div.append(' '); + that.post_load = function(data) { - $('<input/>', { - 'type': 'button', - 'name': 'get', - 'value': IPA.messages.buttons.get - }).appendTo(content_div); + // update cert info in facet (show at least something) + var certificate = that.loader.load(data.result.result); - content_div.append(' '); - - if (!that.is_selfsign()) { - $('<input/>', { - 'type': 'button', - 'name': 'revoke', - 'value': IPA.messages.buttons.revoke - }).appendTo(content_div); + //store cert directly to facet. FIXME: introduce concept of models + that.container.certificate = certificate; + that.notify_loaded(); - content_div.append(' '); + // initialize another load of certificate because current entity + // show commands don't contain revocation_reason so previous data + // might be slightly incorrect + if (certificate && certificate.certificate && !IPA.cert.is_selfsign()) { + that.load_revocation_reason(certificate.serial_number); } + }; - $('<input/>', { - 'type': 'button', - 'name': 'view', - 'value': IPA.messages.buttons.view - }).appendTo(content_div); - - content_div.append(' '); - - $('<input/>', { - 'type': 'button', - 'name': 'create', - 'value': IPA.messages.objects.cert.new_certificate - }).appendTo(content_div); - - if (!that.is_selfsign()) { - div = $('<div/>', { - name: 'certificate-revoked', - style: 'display: none;' - }).appendTo(container); - - $('<img/>', { - src: 'images/caution-icon.png', - style: 'float: left;', - 'class': 'status-icon' - }).appendTo(div); - - content_div = $('<div/>', { - style: 'float: left;' - }).appendTo(div); - - content_div.append('<b>'+IPA.messages.objects.cert.revoked+':</b>'); - - content_div.append(' '); - - content_div.append($('<span/>', { - 'name': 'revocation_reason' - })); - - content_div.append(' '); - - $('<input/>', { - 'type': 'button', - 'name': 'restore', - 'value': IPA.messages.buttons.restore - }).appendTo(content_div); - - content_div.append(' '); + that.load_revocation_reason = function(serial_number) { + IPA.command({ + entity: 'cert', + method: 'show', + args: [serial_number], + on_success: function(data, text_status, xhr) { + var cert = that.container.certificate; + cert.revocation_reason = data.result.result.revocation_reason; + that.notify_loaded(); + } + }).execute(); + }; - $('<input/>', { - 'type': 'button', - 'name': 'create', - 'value': IPA.messages.objects.cert.new_certificate - }).appendTo(content_div); + that.notify_loaded = function() { + if (that.container.certificate_loaded) { + that.container.certificate_loaded.notify( + [that.container.certificate], that.container); } + }; - div = $('<div/>', { - name: 'certificate-missing', - style: 'display: none;' - }).appendTo(container); - - $('<img/>', { - src: 'images/caution-icon.png', - style: 'float: left;', - 'class': 'status-icon' - }).appendTo(div); - - content_div = $('<div/>', { - style: 'float: left;' - }).appendTo(div); - - content_div.append('<b>'+IPA.messages.objects.cert.missing+':</b>'); + return that; +}; - content_div.append(' '); +IPA.cert.is_selfsign = function() { + return IPA.env.ra_plugin == 'selfsign'; +}; - $('<input/>', { - 'type': 'button', - 'name': 'create', - 'value': IPA.messages.objects.cert.new_certificate - }).appendTo(content_div); +IPA.cert.view_action = function(spec) { + spec = spec || {}; + spec.name = spec.name || 'view_cert'; + spec.label = spec.label || IPA.messages.buttons.view; + spec.enable_cond = spec.enable_cond || ['has_certificate']; - that.status_valid = $('div[name=certificate-valid]', that.container); - that.status_revoked = $('div[name=certificate-revoked]', that.container); - that.status_missing = $('div[name=certificate-missing]', that.container); + var that = IPA.action(spec); + that.entity_label = spec.entity_label; - var button = $('input[name=get]', that.container); - that.get_button = IPA.button({ - name: 'get', - label: IPA.messages.buttons.get, - click: function() { - IPA.command({ - entity: that.entity.name, - method: 'show', - args: [that.pkey], - on_success: function(data, text_status, xhr) { - get_certificate(data.result.result); - } - }).execute(); - return false; - } - }); - button.replaceWith(that.get_button); + that.execute_action = function(facet) { - button = $('input[name=revoke]', that.container); - that.revoke_button = IPA.button({ - name: 'revoke', - label: IPA.messages.buttons.revoke, - click: function() { - IPA.command({ - entity: that.entity.name, - method: 'show', - args: [that.pkey], - on_success: function(data, text_status, xhr) { - revoke_certificate(data.result.result); - } - }).execute(); - return false; - } - }); - button.replaceWith(that.revoke_button); + var certificate = facet.certificate; + if (!certificate) that.facet.refresh(); - button = $('input[name=view]', that.container); - that.view_button = IPA.button({ - name: 'view', - label: IPA.messages.buttons.view, - click: function() { - IPA.command({ - entity: that.entity.name, - method: 'show', - args: [that.pkey], - on_success: function(data, text_status, xhr) { - view_certificate(data.result.result); - } - }).execute(); - return false; - } - }); - button.replaceWith(that.view_button); + var entity_label = that.entity_label || facet.entity.metadata.label_singular; + var entity_name = certificate.entity_info.name; - that.revocation_reason = $('span[name=revocation_reason]', that.container); + var title = IPA.messages.objects.cert.view_certificate; + title = title.replace('${entity}', entity_label); + title = title.replace('${primary_key}', entity_name); - button = $('input[name=restore]', that.container); - that.restore_button = IPA.button({ - name: 'restore', - label: IPA.messages.buttons.restore, - click: function() { - IPA.command({ - entity: that.entity.name, - method: 'show', - args: [that.pkey], - on_success: function(data, text_status, xhr) { - restore_certificate(data.result.result); - } - }).execute(); - return false; - } - }); - button.replaceWith(that.restore_button); - - $('input[name=create]', that.container).each(function(index) { - button = $(this); - that.create_button = IPA.button({ - name: 'create', - label: IPA.messages.objects.cert.new_certificate, - click: function() { - request_certificate(that.result); - return false; - } - }); - button.replaceWith(that.create_button); + var dialog = IPA.cert.view_dialog({ + title: title, + certificate: certificate }); - }; - - that.update = function() { - - that.pkey = that.get_entity_pkey(that.result); - - var entity_certificate = that.get_entity_certificate(that.result); - if (entity_certificate) { - check_status(that.result.serial_number); - } else { - set_status(IPA.cert.CERTIFICATE_STATUS_MISSING); - } - }; - that.clear = function() { - that.status_valid.css('display', 'none'); - that.status_missing.css('display', 'none'); - that.status_revoked.css('display', 'none'); - that.revoke_button.css('display', 'none'); - that.restore_button.css('display', 'none'); - that.revocation_reason.text(''); + dialog.open(); }; - function set_status(status, revocation_reason) { - that.status_valid.css('display', status == IPA.cert.CERTIFICATE_STATUS_VALID ? '' : 'none'); - that.status_missing.css('display', status == IPA.cert.CERTIFICATE_STATUS_MISSING ? '' : 'none'); - - if (!that.is_selfsign()) { - that.status_revoked.css('display', status == IPA.cert.CERTIFICATE_STATUS_REVOKED ? '' : 'none'); - that.revoke_button.css('display', status == IPA.cert.CERTIFICATE_STATUS_VALID ? '' : 'none'); - - var reason = IPA.cert.CRL_REASON[revocation_reason]; - that.revocation_reason.html(revocation_reason === undefined || reason === null ? '' : IPA.messages.objects.cert[reason]); - that.restore_button.css('display', reason == 'certificate_hold' ? '' : 'none'); - } - } + return that; +}; - function check_status(serial_number) { +IPA.cert.get_action = function(spec) { - if (that.is_selfsign()) { - set_status(IPA.cert.CERTIFICATE_STATUS_VALID); - return; - } + spec = spec || {}; + spec.name = spec.name || 'get_cert'; + spec.label = spec.label || IPA.messages.buttons.get; + spec.enable_cond = spec.enable_cond || ['has_certificate']; - IPA.command({ - entity: 'cert', - method: 'show', - args: [serial_number], - on_success: function(data, text_status, xhr) { - var revocation_reason = data.result.result.revocation_reason; - if (revocation_reason == undefined) { - set_status(IPA.cert.CERTIFICATE_STATUS_VALID); - } else { - set_status(IPA.cert.CERTIFICATE_STATUS_REVOKED, revocation_reason); - } - } - }).execute(); - } + var that = IPA.action(spec); + that.entity_label = spec.entity_label; - function view_certificate(result) { + that.execute_action = function(facet) { - var entity_certificate = that.get_entity_certificate(result); - if (!entity_certificate) { - set_status(IPA.cert.CERTIFICATE_STATUS_MISSING); - return; - } + var certificate = facet.certificate; + if (!certificate) that.facet.refresh(); - var entity_name = that.get_entity_name(result); + var entity_label = that.entity_label || facet.entity.metadata.label_singular; + var entity_name = certificate.entity_info.name; var title = IPA.messages.objects.cert.view_certificate; - title = title.replace('${entity}', that.entity_label); + title = title.replace('${entity}', entity_label); title = title.replace('${primary_key}', entity_name); - var dialog = IPA.cert.view_dialog({ - 'title': title, - 'subject': result['subject'], - 'serial_number': result['serial_number'], - 'serial_number_hex': result['serial_number_hex'], - 'issuer': result['issuer'], - 'issued_on': result['valid_not_before'], - 'expires_on': result['valid_not_after'], - 'md5_fingerprint': result['md5_fingerprint'], - 'sha1_fingerprint': result['sha1_fingerprint'] + var dialog = IPA.cert.download_dialog({ + title: title, + certificate: certificate.certificate }); dialog.open(); - } - - function get_certificate(result) { + }; - var entity_certificate = that.get_entity_certificate(result); - if (!entity_certificate) { - set_status(IPA.cert.CERTIFICATE_STATUS_MISSING); - return; - } + return that; +}; - var entity_name = that.get_entity_name(result); +IPA.cert.request_action = function(spec) { - var title = IPA.messages.objects.cert.view_certificate; - title = title.replace('${entity}', that.entity_label); - title = title.replace('${primary_key}', entity_name); + spec = spec || {}; + spec.name = spec.name || 'request_cert'; + spec.label = spec.label || IPA.messages.objects.cert.new_certificate; - var dialog = IPA.cert.download_dialog({ - title: title, - certificate: entity_certificate - }); + var that = IPA.action(spec); + that.entity_label = spec.entity_label; - dialog.open(); - } + that.execute_action = function(facet) { - function request_certificate(result) { + var certificate = facet.certificate; + if (!certificate) facet.refresh(); - var entity_name = that.get_entity_name(result); - var entity_principal = that.get_entity_principal(result); + var entity_principal = certificate.entity_info.principal; + var entity_label = that.entity_label || facet.entity.metadata.label_singular; + var entity_name = certificate.entity_info.name; + var hostname = certificate.entity_info.hostname; var title = IPA.messages.objects.cert.issue_certificate; - title = title.replace('${entity}', that.entity_label); + title = title.replace('${entity}', entity_label); title = title.replace('${primary_key}', entity_name); + var request_message = IPA.messages.objects.cert.request_message; + request_message = request_message.replace(/\$\{hostname\}/g, hostname); + request_message = request_message.replace(/\$\{realm\}/g, IPA.env.realm); + var dialog = IPA.cert.request_dialog({ title: title, - message: that.request_message, + message: request_message, request: function(values) { - var request = values['request']; IPA.command({ entity: 'cert', method: 'request', - args: [request], + args: [values.request], options: { 'principal': entity_principal }, on_success: function(data, text_status, xhr) { - check_status(data.result.result.serial_number); + facet.refresh(); } }).execute(); } }); dialog.open(); - } + }; - function revoke_certificate(result) { + return that; +}; - var entity_certificate = that.get_entity_certificate(result); - if (!entity_certificate) { - set_status(IPA.cert.CERTIFICATE_STATUS_MISSING); - return; - } +IPA.cert.revoke_action = function(spec) { + + spec = spec || {}; + spec.name = spec.name || 'revoke_cert'; + spec.label = spec.label || IPA.messages.buttons.revoke; + spec.enable_cond = spec.enable_cond || ['has_certificate']; + spec.disable_cond = spec.disable_cond || ['certificate_revoked']; + spec.hide_cond = spec.hide_cond || ['selfsign']; + + var that = IPA.action(spec); + that.entity_label = spec.entity_label; + that.request_message = spec.request_message; - var entity_name = that.get_entity_name(result); - var serial_number = result['serial_number']; + that.execute_action = function(facet) { + + var certificate = facet.certificate; + if (!certificate) facet.refresh(); + + var entity_label = that.entity_label || facet.entity.metadata.label_singular; + var entity_name = certificate.entity_info.name; var title = IPA.messages.objects.cert.revoke_certificate; - title = title.replace('${entity}', that.entity_label); + title = title.replace('${entity}', entity_label); title = title.replace('${primary_key}', entity_name); var dialog = IPA.cert.revoke_dialog({ - 'title': title, - 'revoke': function(values) { - var reason = values['reason']; + title: title, + message: that.request_message, + revoke: function(values) { IPA.command({ entity: 'cert', method: 'revoke', - args: [serial_number], + args: [certificate.serial_number], options: { - 'revocation_reason': reason + 'revocation_reason': values.reason }, on_success: function(data, text_status, xhr) { - check_status(serial_number); + facet.refresh(); } }).execute(); } }); dialog.open(); - } + }; - function restore_certificate(result) { + return that; +}; - var entity_certificate = that.get_entity_certificate(result); - if (!entity_certificate) { - set_status(IPA.cert.CERTIFICATE_STATUS_MISSING); - return; - } +IPA.cert.restore_action = function(spec) { - var entity_name = that.get_entity_name(result); - var serial_number = result['serial_number']; + spec = spec || {}; + spec.name = spec.name || 'restore_cert'; + spec.label = spec.label || IPA.messages.buttons.restore; + spec.enable_cond = spec.enable_cond || ['has_certificate', 'certificate_hold']; + spec.hide_cond = spec.hide_cond || ['selfsign']; + + var that = IPA.action(spec); + that.entity_label = spec.entity_label; + that.request_message = spec.request_message; + + that.execute_action = function(facet) { + + var certificate = facet.certificate; + if (!certificate) facet.refresh(); + + var entity_label = that.entity_label || facet.entity.metadata.label_singular; + var entity_name = certificate.entity_info.name; var title = IPA.messages.objects.cert.restore_certificate; - title = title.replace('${entity}', that.entity_label); + title = title.replace('${entity}', entity_label); title = title.replace('${primary_key}', entity_name); var dialog = IPA.cert.restore_dialog({ - 'title': title, - 'restore': function(values) { + title: title, + message: that.request_message, + restore: function() { + IPA.command({ entity: 'cert', method: 'remove_hold', - args: [serial_number], + args: [certificate.serial_number], on_success: function(data, text_status, xhr) { - check_status(serial_number); + facet.refresh(); } }).execute(); } }); dialog.open(); - } + }; + + return that; +}; + +IPA.cert.certificate_evaluator = function(spec) { + + spec.name = spec.name || 'has_certificate_evaluator'; + spec.event = spec.event || 'certificate_loaded'; + + var that = IPA.state_evaluator(spec); + + that.on_event = function(certificate) { + + var old_state, record, state, value, loaded_value; + + old_state = that.state; + that.state = []; + + if (certificate && certificate.certificate) { + that.state.push('has_certificate'); + + if (certificate.revocation_reason !== undefined) { + that.state.push('certificate_revoked'); + + if (certificate.revocation_reason === 6) { + that.state.push('certificate_hold'); + } + } + } + + if (IPA.cert.is_selfsign()) { + that.state.push('selfsign'); + } + + that.notify_on_change(old_state); + }; + + return that; +}; + + +IPA.cert.status_widget = function(spec) { + + spec = spec || {}; + + var that = IPA.input_widget(spec); + + that.create = function(container) { + + that.widget_create(container); + + that.status_valid = $('<div/>', { + name: 'certificate-valid', + style: 'display: none;' + }).appendTo(container); + + $('<img/>', { + src: 'images/check-icon.png', + style: 'float: left;', + 'class': 'status-icon' + }).appendTo(that.status_valid); + + var content_div = $('<div/>', { + style: 'float: left;' + }).appendTo(that.status_valid); + + content_div.append('<b>'+IPA.messages.objects.cert.valid+'</b>'); + + that.status_revoked = $('<div/>', { + name: 'certificate-revoked', + style: 'display: none;' + }).appendTo(container); + + $('<img/>', { + src: 'images/caution-icon.png', + style: 'float: left;', + 'class': 'status-icon' + }).appendTo(that.status_revoked); + + content_div = $('<div/>', { + style: 'float: left;' + }).appendTo(that.status_revoked); + + content_div.append('<b>'+IPA.messages.objects.cert.revoked+'</b>'); + content_div.append(' '); + that.revocation_reason = $('<span/>', { + 'name': 'revocation_reason' + }).appendTo(content_div); + + that.status_missing = $('<div/>', { + name: 'certificate-missing', + style: 'display: none;' + }).appendTo(container); + + $('<img/>', { + src: 'images/caution-icon.png', + style: 'float: left;', + 'class': 'status-icon' + }).appendTo(that.status_missing); + + content_div = $('<div/>', { + style: 'float: left;' + }).appendTo(that.status_missing); + + content_div.append('<b>'+IPA.messages.objects.cert.missing+'</b>'); + }; + + that.update = function(certificate) { + + certificate = certificate || {}; + + var selfsign = IPA.cert.is_selfsign(); + var has_certificate = certificate.certificate; + var revoked = certificate.revocation_reason !== undefined; + var status = IPA.cert.CERTIFICATE_STATUS_MISSING; + + if (has_certificate && (selfsign || !revoked)) { + status = IPA.cert.CERTIFICATE_STATUS_VALID; + } else if (has_certificate) { + status = IPA.cert.CERTIFICATE_STATUS_REVOKED; + } + that.set_status(status, certificate.revocation_reason); + }; + + that.clear = function() { + that.status_valid.css('display', 'none'); + that.status_missing.css('display', 'none'); + that.status_revoked.css('display', 'none'); + that.revocation_reason.text(''); + }; + + that.set_status = function(status, revocation_reason) { + that.status_valid.css('display', status === IPA.cert.CERTIFICATE_STATUS_VALID ? '' : 'none'); + that.status_missing.css('display', status === IPA.cert.CERTIFICATE_STATUS_MISSING ? '' : 'none'); + + if (!IPA.cert.is_selfsign()) { + that.status_revoked.css('display', status === IPA.cert.CERTIFICATE_STATUS_REVOKED ? '' : 'none'); + + var reason = IPA.cert.CRL_REASON[revocation_reason]; + that.revocation_reason.html(revocation_reason === undefined || reason === null ? '' : IPA.messages.objects.cert[reason]); + } + }; return that; }; @@ -934,12 +950,27 @@ IPA.cert.status_field = function(spec) { spec = spec || {}; var that = IPA.field(spec); + that.registered = false; that.load = function(result) { + that.register_listener(); + that.reset(); + }; - that.widget.result = result; + that.set_certificate = function(certificate) { + that.values = certificate; that.reset(); }; + that.register_listener = function() { + if (!that.registered) { + that.registered = true; + that.container.certificate_loaded.attach(that.set_certificate); + } + }; + return that; }; + +IPA.widget_factories['certificate_status'] = IPA.cert.status_widget; +IPA.field_factories['certificate_status'] = IPA.cert.status_field;
\ No newline at end of file diff --git a/install/ui/host.js b/install/ui/host.js index e693f5f8e..c53ba0539 100644 --- a/install/ui/host.js +++ b/install/ui/host.js @@ -97,9 +97,17 @@ IPA.host.entity = function(spec) { }, { name: 'certificate', + action_panel: { + factory: IPA.action_panel, + name: 'cert_actions', + actions: [ + 'request_cert', 'view_cert', 'get_cert', + 'revoke_cert', 'restore_cert' + ] + }, fields: [ { - type: 'host_certificate_status', + type: 'certificate_status', name: 'certificate_status', label: IPA.messages.objects.host.status } @@ -121,18 +129,25 @@ IPA.host.entity = function(spec) { label: IPA.messages.objects.host.password_reset_title, status: 'present', show_cond: ['has_password'] - } + }, + IPA.cert.view_action, + IPA.cert.get_action, + IPA.cert.request_action, + IPA.cert.revoke_action, + IPA.cert.restore_action ], state: { evaluators: [ IPA.host.has_password_evaluator, IPA.host.has_keytab_evaluator, IPA.host.userpassword_acl_evaluator, - IPA.host.krbprincipalkey_acl_evaluator + IPA.host.krbprincipalkey_acl_evaluator, + IPA.cert.certificate_evaluator ] }, policies: [ - IPA.host_enrollment_policy() + IPA.host.enrollment_policy(), + IPA.host.certificate_policy() ] }). association_facet({ @@ -205,14 +220,17 @@ IPA.host.entity = function(spec) { return that; }; -IPA.host.details_facet = function(spec) { +IPA.host.details_facet = function(spec, no_init) { - var that = IPA.details_facet(spec); + var that = IPA.details_facet(spec, true); + that.certificate_loaded = IPA.observer(); that.get_refresh_command_name = function() { return that.entity.name+'_show_'+that.pkey; }; + if (!no_init) that.init_details_facet(); + return that; }; @@ -498,7 +516,7 @@ IPA.force_host_add_checkbox_widget = function(spec) { IPA.widget_factories['force_host_add_checkbox'] = IPA.force_host_add_checkbox_widget; IPA.field_factories['force_host_add_checkbox'] = IPA.checkbox_field; -IPA.host_enrollment_policy = function(spec) { +IPA.host.enrollment_policy = function(spec) { var that = IPA.facet_policy(); @@ -895,56 +913,29 @@ IPA.host.has_password_evaluator = function(spec) { return that; }; -IPA.host.certificate_status_field = function(spec) { +IPA.host.certificate_policy = function(spec) { spec = spec || {}; - var that = IPA.cert.status_field(spec); - - that.load = function(result) { - - that.widget.result = result; - - var message = IPA.messages.objects.cert.request_message; - message = message.replace(/\$\{hostname\}/g, result.fqdn[0]); - message = message.replace(/\$\{realm\}/g, IPA.env.realm); - that.widget.request_message = message; - - that.reset(); - }; - - return that; -}; - -IPA.host.certificate_status_widget = function(spec) { - - spec = spec || {}; - - var that = IPA.cert.status_widget(spec); - - that.get_entity_pkey = function(result) { + spec.get_pkey = spec.get_pkey || function(result) { var values = result.fqdn; return values ? values[0] : null; }; - that.get_entity_name = function(result) { - return that.get_entity_pkey(result); + spec.get_name = spec.get_name || function(result) { + var values = result.fqdn; + return values ? values[0] : null; }; - that.get_entity_principal = function(result) { + spec.get_principal = spec.get_principal || function(result) { var values = result.krbprincipalname; return values ? values[0] : null; }; - that.get_entity_certificate = function(result) { - var values = result.usercertificate; - return values ? values[0].__base64__ : null; - }; + spec.get_hostname = spec.get_hostname || spec.get_name; + var that = IPA.cert.load_policy(spec); return that; }; -IPA.widget_factories['host_certificate_status'] = IPA.host.certificate_status_widget; -IPA.field_factories['host_certificate_status'] = IPA.host.certificate_status_field; - IPA.register('host', IPA.host.entity); diff --git a/install/ui/service.js b/install/ui/service.js index f714e410e..413d2ee88 100644 --- a/install/ui/service.js +++ b/install/ui/service.js @@ -36,6 +36,7 @@ IPA.service.entity = function(spec) { columns: [ 'krbprincipalname' ] }). details_facet({ + factory: IPA.service.details_facet, sections: [ { name: 'details', @@ -72,9 +73,17 @@ IPA.service.entity = function(spec) { }, { name: 'certificate', + action_panel: { + factory: IPA.action_panel, + name: 'cert_actions', + actions: [ + 'request_cert', 'view_cert', 'get_cert', + 'revoke_cert', 'restore_cert' + ] + }, fields: [ { - type: 'service_certificate_status', + type: 'certificate_status', name: 'certificate_status', label: IPA.messages.objects.service.status } @@ -82,14 +91,23 @@ IPA.service.entity = function(spec) { } ], actions: [ - IPA.service.unprovision_action + IPA.service.unprovision_action, + IPA.cert.view_action, + IPA.cert.get_action, + IPA.cert.request_action, + IPA.cert.revoke_action, + IPA.cert.restore_action ], state: { evaluators: [ IPA.service.has_keytab_evaluator, - IPA.service.krbprincipalkey_acl_evaluator + IPA.service.krbprincipalkey_acl_evaluator, + IPA.cert.certificate_evaluator ] - } + }, + policies: [ + IPA.service.certificate_policy() + ] }). association_facet({ name: 'managedby_host', @@ -145,6 +163,16 @@ IPA.service.entity = function(spec) { return that; }; +IPA.service.details_facet = function(spec, no_init) { + + var that = IPA.details_facet(spec, true); + that.certificate_loaded = IPA.observer(); + + if (!no_init) that.init_details_facet(); + + return that; +}; + IPA.service_adder_dialog = function(spec) { spec = spec || {}; @@ -398,59 +426,34 @@ IPA.service.has_keytab_evaluator = function(spec) { return that; }; -IPA.service.certificate_status_field = function(spec) { - - spec = spec || {}; - - var that = IPA.cert.status_field(spec); - - that.load = function(result) { - - that.widget.result = result; - - var krbprincipalname = result.krbprincipalname[0]; - var hostname = krbprincipalname.replace(/^.*\//, '').replace(/@.*$/, ''); - - var message = IPA.messages.objects.cert.request_message; - message = message.replace(/\$\{hostname\}/g, hostname); - message = message.replace(/\$\{realm\}/g, IPA.env.realm); - that.widget.request_message = message; - - that.reset(); - }; - - return that; -}; - -IPA.service.certificate_status_widget = function(spec) { +IPA.service.certificate_policy = function(spec) { spec = spec || {}; - var that = IPA.cert.status_widget(spec); - - that.get_entity_pkey = function(result) { + function get_pkey(result) { var values = result.krbprincipalname; return values ? values[0] : null; - }; + } + + spec.get_pkey = spec.get_pkey || get_pkey; - that.get_entity_name = function(result) { - var value = that.get_entity_pkey(result); + spec.get_name = spec.get_name || function(result) { + var value = get_pkey(result); return value ? value.replace(/@.*$/, '') : null; }; - that.get_entity_principal = function(result) { - return that.get_entity_pkey(result); - }; + spec.get_principal = spec.get_principal || get_pkey; - that.get_entity_certificate = function(result) { - var values = result.usercertificate; - return values ? values[0].__base64__ : null; + spec.get_hostname = spec.get_hostname || function(result) { + var value = get_pkey(result); + if (value) { + value = value.replace(/@.*$/, '').replace(/^.*\//, ''); + } + return value; }; + var that = IPA.cert.load_policy(spec); return that; }; -IPA.widget_factories['service_certificate_status'] = IPA.service.certificate_status_widget; -IPA.field_factories['service_certificate_status'] = IPA.service.certificate_status_field; - IPA.register('service', IPA.service.entity); |