diff options
author | Petr Vobornik <pvoborni@redhat.com> | 2013-02-22 17:22:30 +0100 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2013-03-18 15:11:08 +0100 |
commit | 070fc176aecc3c7661cdb085b157d2d4c653fc46 (patch) | |
tree | 10822f0b3f2d466787e5f575a6aa0c28026ac512 | |
parent | 5f6310ecc6b5747fd9f8b35786ece5e3b26789d3 (diff) | |
download | freeipa-070fc176aecc3c7661cdb085b157d2d4c653fc46.tar.gz freeipa-070fc176aecc3c7661cdb085b157d2d4c653fc46.tar.xz freeipa-070fc176aecc3c7661cdb085b157d2d4c653fc46.zip |
Web UI:Certificate pages
Following pages were added to Web UI:
* certificated details
* certificate search
Certificate is not regular object so it gets no metadata. Therefore artificial
metadata were created for it to allow usage of search and details facet.
Search and details facet were modified to allow removing of add/remove/update/
reset buttons - certificates have no mod operation and they are not added by
standard means.
User can revoke and restore certificated in details facet.
https://fedorahosted.org/freeipa/ticket/3419
-rwxr-xr-x | install/ui/src/freeipa/certificate.js | 299 | ||||
-rw-r--r-- | install/ui/src/freeipa/details.js | 24 | ||||
-rw-r--r-- | install/ui/src/freeipa/facet.js | 1 | ||||
-rw-r--r-- | install/ui/src/freeipa/field.js | 2 | ||||
-rw-r--r-- | install/ui/src/freeipa/host.js | 18 | ||||
-rw-r--r-- | install/ui/src/freeipa/search.js | 24 | ||||
-rw-r--r-- | install/ui/src/freeipa/service.js | 18 | ||||
-rw-r--r-- | install/ui/src/freeipa/webui.js | 3 | ||||
-rw-r--r-- | install/ui/src/freeipa/widget.js | 31 | ||||
-rw-r--r-- | install/ui/test/data/cert_find.json | 71 | ||||
-rw-r--r-- | install/ui/test/data/ipa_init.json | 7 | ||||
-rw-r--r-- | install/ui/test/data/ipa_init_commands.json | 147 | ||||
-rw-r--r-- | ipalib/plugins/internal.py | 7 |
13 files changed, 621 insertions, 31 deletions
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js index f7bc84359..84cff41f6 100755 --- a/install/ui/src/freeipa/certificate.js +++ b/install/ui/src/freeipa/certificate.js @@ -19,7 +19,7 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -define(['./ipa', './jquery', './dialog'], function(IPA, $) { +define(['./ipa', './jquery','dojo/_base/lang', './dialog'], function(IPA, $, lang) { IPA.cert = {}; @@ -486,6 +486,7 @@ IPA.cert.load_policy = function(spec) { var that = IPA.facet_policy(); that.loader = IPA.build(spec.loader); + that.has_reason = spec.has_reason; that.post_load = function(data) { @@ -499,7 +500,8 @@ IPA.cert.load_policy = function(spec) { // initialize another load of certificate because current entity // show commands don't contain revocation_reason so previous data // might be slightly incorrect - if (certificate && certificate.certificate && !IPA.cert.is_selfsign()) { + if (!that.has_reason && certificate && certificate.certificate && + !IPA.cert.is_selfsign()) { that.load_revocation_reason(certificate.serial_number); } }; @@ -639,6 +641,7 @@ IPA.cert.request_action = function(spec) { on_success: function(data, text_status, xhr) { facet.refresh(); IPA.notify_success(IPA.messages.objects.cert.requested); + facet.certificate_updated.notify([], that.facet); } }).execute(); } @@ -672,9 +675,12 @@ IPA.cert.revoke_action = function(spec) { var entity_label = that.entity_label || facet.entity.metadata.label_singular; var entity_name = certificate.entity_info.name; - var title = IPA.messages.objects.cert.revoke_certificate; - title = title.replace('${entity}', entity_label); - title = title.replace('${primary_key}', entity_name); + var title = IPA.messages.objects.cert.revoke_certificate_simple; + if (entity_name && entity_label) { + title = IPA.messages.objects.cert.revoke_certificate; + title = title.replace('${entity}', entity_label); + title = title.replace('${primary_key}', entity_name); + } that.dialog.title = title; that.dialog.message = that.get_confirm_message(facet); @@ -694,6 +700,7 @@ IPA.cert.revoke_action = function(spec) { on_success: function(data, text_status, xhr) { facet.refresh(); IPA.notify_success(IPA.messages.objects.cert.revoked); + facet.certificate_updated.notify([], that.facet); } }).execute(); }; @@ -725,9 +732,12 @@ IPA.cert.restore_action = function(spec) { var entity_label = that.entity_label || facet.entity.metadata.label_singular; var entity_name = certificate.entity_info.name; - var title = IPA.messages.objects.cert.restore_certificate; - title = title.replace('${entity}', entity_label); - title = title.replace('${primary_key}', entity_name); + var title = IPA.messages.objects.cert.restore_certificate_simple; + if (entity_name && entity_label) { + title = IPA.messages.objects.cert.restore_certificate; + title = title.replace('${entity}', entity_label); + title = title.replace('${primary_key}', entity_name); + } that.dialog.title = title; that.dialog.message = that.get_confirm_message(facet); @@ -744,6 +754,7 @@ IPA.cert.restore_action = function(spec) { on_success: function(data, text_status, xhr) { facet.refresh(); IPA.notify_success(IPA.messages.objects.cert.restored); + facet.certificate_updated.notify([], that.facet); } }).execute(); }; @@ -923,5 +934,275 @@ IPA.cert.status_field = function(spec) { IPA.widget_factories['certificate_status'] = IPA.cert.status_widget; IPA.field_factories['certificate_status'] = IPA.cert.status_field; +IPA.cert.entity = function(spec) { + + spec = spec || {}; + + spec.policies = spec.policies || [ + IPA.search_facet_update_policy(), + IPA.details_facet_update_policy(), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_facet: 'search' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'host', + dest_facet: 'details' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'service', + dest_facet: 'details' + }) + ]; + + var that = IPA.entity(spec); + + that.get_default_metadata = function() { + + var add_param = function(name, label, doc, primary_key) { + entity.takes_params.push({ + name: name, + label: label, + doc: doc, + primary_key: !!primary_key, + flags: ['no_update'] + }); + }; + + var get_param = function(params, name) { + + for (var i=0;i<params.length;i++) { + if (params[i].name === name) return params[i]; + } + return null; + }; + + var cmd = IPA.metadata.commands['cert_find']; + var entity = lang.clone(cmd); + entity.attribute_members = {}; + entity.label = IPA.messages.objects.cert.certificates; + entity.label_singular = IPA.messages.objects.cert.certificate; + entity.methods = [ + 'find', + 'remove-hold', + 'request', + 'revoke', + 'show', + 'status' + ]; + entity.name = "certificate"; + entity.object_name = "certificate"; + entity.object_name_plural = "certificates"; + entity.parent_object = ""; + entity.primary_key = "serial_number"; + entity.rdn_attribute = ""; + entity.relationships = {}; + entity.takes_params = lang.clone(entity.takes_options); + + get_param(entity.takes_params, 'subject').flags = ['no_update']; + var reason = get_param(entity.takes_params, 'revocation_reason'); + reason.flags = ['no_update']; + reason.label = IPA.messages.objects.cert.revocation_reason; + + add_param('serial_number', + IPA.messages.objects.cert.serial_number, + IPA.messages.objects.cert.serial_number, + true); + add_param('serial_number_hex', + IPA.messages.objects.cert.serial_number_hex, + IPA.messages.objects.cert.serial_number_hex); + add_param('issuer', + IPA.messages.objects.cert.issued_by, + IPA.messages.objects.cert.issued_by); + add_param('status', + IPA.messages.objects.cert.status, + IPA.messages.objects.cert.status); + add_param('valid_not_before', + IPA.messages.objects.cert.issued_on, + IPA.messages.objects.cert.issued_on); + add_param('valid_not_after', + IPA.messages.objects.cert.expires_on, + IPA.messages.objects.cert.expires_on); + add_param('md5_fingerprint', + IPA.messages.objects.cert.md5_fingerprint, + IPA.messages.objects.cert.md5_fingerprint); + add_param('sha1_fingerprint', + IPA.messages.objects.cert.sha1_fingerprint, + IPA.messages.objects.cert.sha1_fingerprint); + add_param('certificate', + IPA.messages.objects.cert.certificate, + IPA.messages.objects.cert.certificate); + + + IPA.metadata.objects.cert = entity; + return entity; + }; + + that.init = function() { + + if (IPA.cert.is_selfsign()) { + throw { + expected: true + }; + } + + that.entity_init(); + + that.builder.search_facet({ + factory: IPA.cert.search_facet, + label: IPA.messages.objects.cert.label, + pagination: false, + no_update: true, + columns: [ + { + name: 'serial_number', + primary_key: true, + width: '90px' + }, + 'subject', + { + name: 'status', + width: '120px' + } + ] + }). + details_facet({ + factory: IPA.cert.details_facet, + no_update: true, + actions: [ + IPA.cert.revoke_action, + IPA.cert.restore_action + ], + state: { + evaluators: [ + IPA.cert.certificate_evaluator + ] + }, + sections: [ + { + name: 'details', + label: IPA.messages.objects.cert.certificate, + action_panel: { + factory: IPA.action_panel, + name: 'cert_actions', + actions: [ + 'revoke_cert', 'restore_cert' + ] + }, + fields: [ + 'serial_number', + 'serial_number_hex', + 'subject', + 'issuer', + 'valid_not_before', + 'valid_not_after', + 'sha1_fingerprint', + 'md5_fingerprint', + { + type: 'revocation_reason', + name: 'revocation_reason' + }, + { + type: 'textarea', + name: 'certificate', + style: { + width: '550px', + height: '350px' + } + } + ] + } + ], + policies: [ + IPA.cert.load_policy({ has_reason: true}), + IPA.hide_empty_row_policy({ + widget: 'revocation_reason', + section: 'details' + }) + ] + }); + }; + + return that; +}; + +IPA.cert.search_facet = function(spec) { + + spec = spec || {}; + + var that = IPA.search_facet(spec); + + + that.create_refresh_command = function() { + + var command = that.search_facet_create_refresh_command(); + var arg = command.args.pop(); + + if (arg) { + command.set_option('subject', arg); + } + + return command; + }; + + return that; +}; + +IPA.cert.details_facet = function(spec, no_init) { + + spec = spec || {}; + + var that = IPA.details_facet(spec, true); + that.certificate_loaded = IPA.observer(); + that.certificate_updated = IPA.observer(); + + that.create_refresh_command = function() { + + var command = that.details_facet_create_refresh_command(); + delete command.options.all; + delete command.options.rights; + return command; + }; + + if (!no_init) that.init_details_facet(); + + return that; +}; + + +IPA.revocation_reason_field = function(spec) { + + spec = spec || {}; + + var that = IPA.field(spec); + + that.load = function(record) { + + that.field_load(record); + + var reason = record.revocation_reason; + var text = IPA.cert.CRL_REASON[reason] || ''; + that.values = [text]; + + that.reset(); + }; + + return that; +}; + +IPA.cert.cert_update_policy = function(spec) { + + spec = spec || {}; + spec.event = spec.event || 'certificate_updated'; + return IPA.facet_update_policy(spec); +}; + +IPA.field_factories['revocation_reason'] = IPA.revocation_reason_field; +IPA.widget_factories['revocation_reason'] = IPA.text_widget; + +IPA.register('cert', IPA.cert.entity); + return {}; -}); +});
\ No newline at end of file diff --git a/install/ui/src/freeipa/details.js b/install/ui/src/freeipa/details.js index e8f1e86d9..bd23e564e 100644 --- a/install/ui/src/freeipa/details.js +++ b/install/ui/src/freeipa/details.js @@ -238,21 +238,25 @@ IPA.details_facet = function(spec, no_init) { IPA.update_action); spec.control_buttons = spec.control_buttons || []; + + if (!spec.no_update) { + spec.control_buttons.unshift( + { + name: 'reset', + label: IPA.messages.buttons.reset, + icon: 'reset-icon' + }, + { + name: 'update', + label: IPA.messages.buttons.update, + icon: 'update-icon' + }); + } spec.control_buttons.unshift( { name: 'refresh', label: IPA.messages.buttons.refresh, icon: 'reset-icon' - }, - { - name: 'reset', - label: IPA.messages.buttons.reset, - icon: 'reset-icon' - }, - { - name: 'update', - label: IPA.messages.buttons.update, - icon: 'update-icon' }); spec.state = spec.state || {}; diff --git a/install/ui/src/freeipa/facet.js b/install/ui/src/freeipa/facet.js index 77e05cab6..3ad868e84 100644 --- a/install/ui/src/freeipa/facet.js +++ b/install/ui/src/freeipa/facet.js @@ -38,6 +38,7 @@ IPA.facet = function(spec, no_init) { that.title = spec.title || that.label; that.tab_label = spec.tab_label || that.label; that.display_class = spec.display_class; + that.no_update = spec.no_update; that.disable_breadcrumb = spec.disable_breadcrumb; that.disable_facet_tabs = spec.disable_facet_tabs; diff --git a/install/ui/src/freeipa/field.js b/install/ui/src/freeipa/field.js index f705ef7b8..f972a6589 100644 --- a/install/ui/src/freeipa/field.js +++ b/install/ui/src/freeipa/field.js @@ -275,7 +275,7 @@ IPA.field = function(spec) { */ that.test_dirty = function() { - if (that.read_only) return false; + if (that.read_only || !that.writable) return false; var values = that.save(); diff --git a/install/ui/src/freeipa/host.js b/install/ui/src/freeipa/host.js index 133c38ffd..d064a2fa2 100644 --- a/install/ui/src/freeipa/host.js +++ b/install/ui/src/freeipa/host.js @@ -26,6 +26,23 @@ IPA.host = {}; IPA.host.entity = function(spec) { + spec = spec || {}; + + spec.policies = spec.policies || [ + IPA.search_facet_update_policy(), + IPA.details_facet_update_policy(), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'details' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'search' + }) + ]; + var that = IPA.entity(spec); that.init = function() { @@ -223,6 +240,7 @@ IPA.host.details_facet = function(spec, no_init) { var that = IPA.details_facet(spec, true); that.certificate_loaded = IPA.observer(); + that.certificate_updated = IPA.observer(); that.get_refresh_command_name = function() { return that.entity.name+'_show_'+that.pkey; diff --git a/install/ui/src/freeipa/search.js b/install/ui/src/freeipa/search.js index a3f35b5e9..d57c40126 100644 --- a/install/ui/src/freeipa/search.js +++ b/install/ui/src/freeipa/search.js @@ -42,21 +42,25 @@ IPA.search_facet = function(spec, no_init) { IPA.add_action); spec.control_buttons = spec.control_buttons || []; + + if (!spec.no_update) { + spec.control_buttons.unshift( + { + name: 'remove', + label: IPA.messages.buttons.remove, + icon: 'remove-icon' + }, + { + name: 'add', + label: IPA.messages.buttons.add, + icon: 'add-icon' + }); + } spec.control_buttons.unshift( { name: 'refresh', label: IPA.messages.buttons.refresh, icon: 'reset-icon' - }, - { - name: 'remove', - label: IPA.messages.buttons.remove, - icon: 'remove-icon' - }, - { - name: 'add', - label: IPA.messages.buttons.add, - icon: 'add-icon' }); spec.state = spec.state || {}; diff --git a/install/ui/src/freeipa/service.js b/install/ui/src/freeipa/service.js index ecb8ce9b3..c38cfef1b 100644 --- a/install/ui/src/freeipa/service.js +++ b/install/ui/src/freeipa/service.js @@ -25,6 +25,23 @@ IPA.service = {}; IPA.service.entity = function(spec) { + spec = spec || {}; + + spec.policies = spec.policies || [ + IPA.search_facet_update_policy(), + IPA.details_facet_update_policy(), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'details' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'search' + }) + ]; + var that = IPA.entity(spec); that.init = function() { @@ -172,6 +189,7 @@ IPA.service.details_facet = function(spec, no_init) { var that = IPA.details_facet(spec, true); that.certificate_loaded = IPA.observer(); + that.certificate_updated = IPA.observer(); if (!no_init) that.init_details_facet(); diff --git a/install/ui/src/freeipa/webui.js b/install/ui/src/freeipa/webui.js index f6c3339ec..2bc3bdd47 100644 --- a/install/ui/src/freeipa/webui.js +++ b/install/ui/src/freeipa/webui.js @@ -42,7 +42,8 @@ IPA.admin_navigation = function(spec) { {entity: 'dnsconfig'}, {entity: 'dnsrecord', hidden:true} ] - } + }, + {entity: 'cert', label: IPA.messages.tabs.cert } ]}, {name: 'policy', label: IPA.messages.tabs.policy, children: [ {name: 'hbac', label: IPA.messages.tabs.hbac, children: [ diff --git a/install/ui/src/freeipa/widget.js b/install/ui/src/freeipa/widget.js index 6472cab97..5ce767e7e 100644 --- a/install/ui/src/freeipa/widget.js +++ b/install/ui/src/freeipa/widget.js @@ -960,6 +960,7 @@ IPA.textarea_widget = function (spec) { that.rows = spec.rows || 5; that.cols = spec.cols || 40; + that.style = spec.style; that.create = function(container) { @@ -972,12 +973,15 @@ IPA.textarea_widget = function (spec) { rows: that.rows, cols: that.cols, disabled: that.disabled, + readOnly: !!that.read_only, title: that.tooltip, keyup: function() { that.on_value_changed(); } }).appendTo(container); + if (that.style) that.input.css(that.style); + that.input.bind('input', function() { that.on_value_changed(); }); @@ -990,11 +994,17 @@ IPA.textarea_widget = function (spec) { }; that.save = function() { + if (that.read_only || !that.writable) { + return null; + } var value = that.input.val(); return [value]; }; that.update = function(values) { + var read_only = that.read_only || !that.writable; + that.input.prop('readOnly', read_only); + var value = values && values.length ? values[0] : ''; that.input.val(value); }; @@ -2947,6 +2957,27 @@ IPA.details_table_section = function(spec) { return that; }; +IPA.hide_empty_row_policy = function (spec) { + + spec = spec || {}; + + var that = IPA.facet_policy(); + that.value_name = spec.value_name || spec.widget; + that.widget_name = spec.widget; + that.section_name = spec.section; + + that.post_load = function(data) { + + var value = data.result.result[that.value_name]; + var visible = !IPA.is_empty(value); + + var section = that.container.widgets.get_widget(that.section_name); + section.set_row_visible(that.widget_name, visible); + }; + + return that; +}; + //non-collabsible section IPA.details_table_section_nc = function(spec) { diff --git a/install/ui/test/data/cert_find.json b/install/ui/test/data/cert_find.json new file mode 100644 index 000000000..6c059bd7a --- /dev/null +++ b/install/ui/test/data/cert_find.json @@ -0,0 +1,71 @@ +{ + "error": null, + "id": null, + "result": { + "count": 10, + "result": [ + { + "serial_number": 1, + "serial_number_hex": "0x1", + "status": "VALID", + "subject": "CN=Certificate Authority,O=EXAMPLE.COM" + }, + { + "serial_number": 2, + "serial_number_hex": "0x2", + "status": "VALID", + "subject": "CN=OCSP Subsystem,O=EXAMPLE.COM" + }, + { + "serial_number": 3, + "serial_number_hex": "0x3", + "status": "VALID", + "subject": "CN=dev.example.com,O=EXAMPLE.COM" + }, + { + "serial_number": 4, + "serial_number_hex": "0x4", + "status": "VALID", + "subject": "CN=CA Subsystem,O=EXAMPLE.COM" + }, + { + "serial_number": 5, + "serial_number_hex": "0x5", + "status": "VALID", + "subject": "CN=CA Audit,O=EXAMPLE.COM" + }, + { + "serial_number": 6, + "serial_number_hex": "0x6", + "status": "VALID", + "subject": "CN=ipa-ca-agent,O=EXAMPLE.COM" + }, + { + "serial_number": 7, + "serial_number_hex": "0x7", + "status": "VALID", + "subject": "CN=IPA RA,O=EXAMPLE.COM" + }, + { + "serial_number": 8, + "serial_number_hex": "0x8", + "status": "VALID", + "subject": "CN=dev.example.com,O=EXAMPLE.COM" + }, + { + "serial_number": 9, + "serial_number_hex": "0x9", + "status": "VALID", + "subject": "CN=dev.example.com,O=EXAMPLE.COM" + }, + { + "serial_number": 10, + "serial_number_hex": "0xA", + "status": "VALID", + "subject": "CN=Object Signing Cert,O=EXAMPLE.COM" + } + ], + "summary": "10 certificates matched", + "truncated": false + } +}
\ No newline at end of file diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 73d54578b..685367473 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -176,6 +176,8 @@ "aa_compromise": "AA Compromise", "affiliation_changed": "Affiliation Changed", "ca_compromise": "CA Compromise", + "certificate": "Certificate", + "certificates": "Certificates", "certificate_hold": "Certificate Hold", "cessation_of_operation": "Cessation of Operation", "common_name": "Common Name", @@ -198,14 +200,18 @@ "request_message": "<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<hostname>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${hostname},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>", "requested": "Certificate requested", "restore_certificate": "Restore Certificate for ${entity} ${primary_key}", + "restore_certificate_simple": "Restore Certificate", "restore_confirmation": "To confirm your intention to restore this certificate, click the \"Restore\" button.", "restored": "Certificate restored", + "revocation_reason": "Revocation reason", "revoke_certificate": "Revoke Certificate for ${entity} ${primary_key}", + "revoke_certificate_simple": "Revoke Certificate", "revoke_confirmation": "To confirm your intention to revoke this certificate, select a reason from the pull-down list, and click the \"Revoke\" button.", "revoked": "Certificate Revoked", "serial_number": "Serial Number", "serial_number_hex": "Serial Number (hex)", "sha1_fingerprint": "SHA1 Fingerprint", + "status": "Status", "superseded": "Superseded", "unspecified": "Unspecified", "valid": "Valid Certificate Present", @@ -510,6 +516,7 @@ "audit": "Audit", "automember": "Automember", "automount": "Automount", + "cert": "Certificates", "dns": "DNS", "hbac": "Host Based Access Control", "identity": "Identity", diff --git a/install/ui/test/data/ipa_init_commands.json b/install/ui/test/data/ipa_init_commands.json index 2c128f73e..a7e00ba55 100644 --- a/install/ui/test/data/ipa_init_commands.json +++ b/install/ui/test/data/ipa_init_commands.json @@ -1825,6 +1825,153 @@ ], "takes_options": [] }, + "cert_find": { + "name": "cert_find", + "takes_args": [], + "takes_options": [ + { + "class": "Str", + "doc": "Subject", + "flags": [], + "label": "Subject", + "name": "subject", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Int", + "doc": "Reason for revoking the certificate (0-10)", + "flags": [], + "label": "Reason", + "maxvalue": 10, + "minvalue": 0, + "name": "revocation_reason", + "type": "int" + }, + { + "class": "Int", + "doc": "minimum serial number", + "flags": [], + "label": "<min_serial_number>", + "maxvalue": 2147483647, + "minvalue": 0, + "name": "min_serial_number", + "type": "int" + }, + { + "class": "Int", + "doc": "maximum serial number", + "flags": [], + "label": "<max_serial_number>", + "maxvalue": 2147483647, + "minvalue": -2147483648, + "name": "max_serial_number", + "type": "int" + }, + { + "class": "Flag", + "doc": "match the common name exactly", + "flags": [], + "label": "<exactly>", + "name": "exactly", + "type": "bool" + }, + { + "class": "Str", + "doc": "Valid not after from this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotafter_from>", + "name": "validnotafter_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Valid not after to this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotafter_to>", + "name": "validnotafter_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Valid not before from this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotbefore_from>", + "name": "validnotbefore_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Valid not before to this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotbefore_to>", + "name": "validnotbefore_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Issued on from this date (YYYY-mm-dd)", + "flags": [], + "label": "<issuedon_from>", + "name": "issuedon_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Issued on to this date (YYYY-mm-dd)", + "flags": [], + "label": "<issuedon_to>", + "name": "issuedon_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Revoked on from this date (YYYY-mm-dd)", + "flags": [], + "label": "<revokedon_from>", + "name": "revokedon_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Revoked on to this date (YYYY-mm-dd)", + "flags": [], + "label": "<revokedon_to>", + "name": "revokedon_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Int", + "default": 100, + "doc": "Maximum number of certs returned", + "flags": [ + "no_display" + ], + "label": "Size Limit", + "maxvalue": 2147483647, + "minvalue": 0, + "name": "sizelimit", + "type": "int" + }, + { + "name": "all" + }, + { + "name": "raw" + }, + { + "name": "version" + } + ] + }, "cert_remove_hold": { "name": "cert_remove_hold", "takes_args": { diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index 2ca112ee0..cc0bf99d5 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -312,6 +312,8 @@ class i18n_messages(Command): "aa_compromise": _("AA Compromise"), "affiliation_changed": _("Affiliation Changed"), "ca_compromise": _("CA Compromise"), + "certificate": _("Certificate"), + "certificates": _("Certificates"), "certificate_hold": _("Certificate Hold"), "cessation_of_operation": _("Cessation of Operation"), "common_name": _("Common Name"), @@ -334,14 +336,18 @@ class i18n_messages(Command): "request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<hostname>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${hostname},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"), "requested": _("Certificate requested"), "restore_certificate": _("Restore Certificate for ${entity} ${primary_key}"), + "restore_certificate_simple": _("Restore Certificate"), "restore_confirmation": _("To confirm your intention to restore this certificate, click the \"Restore\" button."), "restored": _("Certificate restored"), + "revocation_reason": _("Revocation reason"), "revoke_certificate": _("Revoke Certificate for ${entity} ${primary_key}"), + "revoke_certificate_simple": _("Revoke Certificate"), "revoke_confirmation": _("To confirm your intention to revoke this certificate, select a reason from the pull-down list, and click the \"Revoke\" button."), "revoked": _("Certificate Revoked"), "serial_number": _("Serial Number"), "serial_number_hex": _("Serial Number (hex)"), "sha1_fingerprint": _("SHA1 Fingerprint"), + "status": _("Status"), "superseded": _("Superseded"), "unspecified": _("Unspecified"), "valid": _("Valid Certificate Present"), @@ -649,6 +655,7 @@ class i18n_messages(Command): "audit": _("Audit"), "automember": _("Automember"), "automount": _("Automount"), + "cert": _("Certificates"), "dns": _("DNS"), "hbac": _("Host Based Access Control"), "identity": _("Identity"), |