diff options
36 files changed, 4 insertions, 2972 deletions
@@ -1191,71 +1191,6 @@ option: Str('version?', exclude='webui') output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('value', <type 'unicode'>, None) -command: entitle_consume -args: 1,4,3 -arg: Int('quantity', minvalue=1) -option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') -option: Int('hidden', autofill=True, default=1, minvalue=1) -option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') -option: Str('version?', exclude='webui') -output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) -output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) -output: Output('value', <type 'unicode'>, None) -command: entitle_find -args: 1,5,4 -arg: Str('criteria?', noextrawhitespace=False) -option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') -option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') -option: Int('sizelimit?', autofill=False, minvalue=0) -option: Int('timelimit?', autofill=False, minvalue=0) -option: Str('version?', exclude='webui') -output: Output('count', <type 'int'>, None) -output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) -output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) -output: Output('truncated', <type 'bool'>, None) -command: entitle_get -args: 0,3,4 -option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') -option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') -option: Str('version?', exclude='webui') -output: Output('count', <type 'int'>, None) -output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) -output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) -output: Output('truncated', <type 'bool'>, None) -command: entitle_import -args: 1,4,1 -arg: File('usercertificate*', cli_name='certificate_file') -option: Str('addattr*', cli_name='addattr', exclude='webui') -option: Str('setattr*', cli_name='setattr', exclude='webui') -option: Str('uuid?', autofill=True, default=u'IMPORTED') -option: Str('version?', exclude='webui') -output: Output('result', <type 'dict'>, None) -command: entitle_register -args: 1,7,3 -arg: Str('username') -option: Str('addattr*', cli_name='addattr', exclude='webui') -option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') -option: Str('ipaentitlementid?') -option: Password('password', confirm=False) -option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') -option: Str('setattr*', cli_name='setattr', exclude='webui') -option: Str('version?', exclude='webui') -output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) -output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) -output: Output('value', <type 'unicode'>, None) -command: entitle_status -args: 0,1,1 -option: Str('version?', exclude='webui') -output: Output('result', <type 'dict'>, None) -command: entitle_sync -args: 0,4,3 -option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') -option: Int('hidden', autofill=True, default=1, minvalue=1) -option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') -option: Str('version?', exclude='webui') -output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) -output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) -output: Output('value', <type 'unicode'>, None) command: env args: 1,3,4 arg: Str('variables*') diff --git a/freeipa.spec.in b/freeipa.spec.in index 239811ac2..fcbad3e97 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -446,7 +446,6 @@ mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa-client/sysrestore mkdir -p %{buildroot}%{_sysconfdir}/bash_completion.d install -pm 644 contrib/completion/ipa.bash_completion %{buildroot}%{_sysconfdir}/bash_completion.d/ipa mkdir -p %{buildroot}%{_sysconfdir}/cron.d -install -pm 644 ipa-compliance.cron %{buildroot}%{_sysconfdir}/cron.d/ipa-compliance (cd %{buildroot}/%{python_sitelib}/ipaserver && find . -type f | \ grep -v dcerpc | grep -v adtrustinstance | \ @@ -597,10 +596,8 @@ fi %{_sbindir}/ipa-managed-entries %{_sbindir}/ipactl %{_sbindir}/ipa-upgradeconfig -%{_sbindir}/ipa-compliance %{_libexecdir}/certmonger/dogtag-ipa-retrieve-agent-submit %{_libexecdir}/ipa-otpd -%{_sysconfdir}/cron.d/ipa-compliance %config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached %dir %attr(0700,apache,apache) %{_localstatedir}/run/ipa_memcached/ %dir %attr(0700,root,root) %{_localstatedir}/run/ipa/ @@ -727,7 +724,6 @@ fi %{_mandir}/man1/ipa-ldap-updater.1.gz %{_mandir}/man8/ipactl.8.gz %{_mandir}/man8/ipa-upgradeconfig.8.gz -%{_mandir}/man1/ipa-compliance.1.gz %{_mandir}/man1/ipa-backup.1.gz %{_mandir}/man1/ipa-restore.1.gz diff --git a/install/share/bootstrap-template.ldif b/install/share/bootstrap-template.ldif index 014f7a55b..f603ad5ce 100644 --- a/install/share/bootstrap-template.ldif +++ b/install/share/bootstrap-template.ldif @@ -125,12 +125,6 @@ objectClass: nsContainer objectClass: top cn: sysaccounts -dn: cn=entitlements,cn=etc,$SUFFIX -changetype: add -objectClass: nsContainer -objectClass: top -cn: entitlements - dn: cn=ipa,cn=etc,$SUFFIX changetype: add objectClass: nsContainer diff --git a/install/share/delegation.ldif b/install/share/delegation.ldif index 14069586c..7fe303082 100644 --- a/install/share/delegation.ldif +++ b/install/share/delegation.ldif @@ -37,23 +37,6 @@ objectClass: nestedgroup cn: helpdesk description: Helpdesk -dn: cn=Entitlement Management,cn=roles,cn=accounts,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: nestedgroup -cn: Entitlement Management -description: Entitlements administrator - -dn: cn=Entitlement Compliance,cn=roles,cn=accounts,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: nestedgroup -cn: Entitlement Compliance -description: Verify entitlement compliance -member: fqdn=$FQDN,cn=computers,cn=accounts,$SUFFIX - ############################################ # Add the default privileges ############################################ @@ -146,26 +129,6 @@ objectClass: nestedgroup cn: Host Enrollment description: Host Enrollment -dn: cn=Register and Write Entitlements,cn=privileges,cn=pbac,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: nestedgroup -cn: Register and Write Entitlements -description: Register and Write Entitlements -member: cn=Entitlement Management,cn=roles,cn=accounts,$SUFFIX - -dn: cn=Read Entitlements,cn=privileges,cn=pbac,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: nestedgroup -cn: Read Entitlements -description: Read Entitlements -member: cn=Entitlement Management,cn=roles,cn=accounts,$SUFFIX -member: cn=Entitlement Compliance,cn=roles,cn=accounts,$SUFFIX - - ############################################ # Default permissions. ############################################ @@ -554,32 +517,6 @@ cn: Modify DNA Range ipapermissiontype: SYSTEM member: cn=Replication Administrators,cn=privileges,cn=pbac,$SUFFIX -# Entitlement management - -dn: cn=Register Entitlements,cn=permissions,cn=pbac,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: ipapermission -cn: Register Entitlements -member: cn=Register and Write Entitlements,cn=privileges,cn=pbac,$SUFFIX - -dn: cn=Read Entitlements,cn=permissions,cn=pbac,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: ipapermission -cn: Read Entitlements -member: cn=Read Entitlements,cn=privileges,cn=pbac,$SUFFIX - -dn: cn=Write Entitlements,cn=permissions,cn=pbac,$SUFFIX -changetype: add -objectClass: top -objectClass: groupofnames -objectClass: ipapermission -cn: Write Entitlements -member: cn=Register and Write Entitlements,cn=privileges,cn=pbac,$SUFFIX - ############################################ # Default permissions (ACIs) ############################################ @@ -701,23 +638,6 @@ changetype: modify add: aci aci: (targetattr = "objectclass")(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "permission:Enroll a host";allow (write) groupdn = "ldap:///cn=Enroll a host,cn=permissions,cn=pbac,$SUFFIX";) -# Entitlement administration - -dn: $SUFFIX -changetype: modify -add: aci -aci: (target = "ldap:///ipaentitlementid=*,cn=entitlements,cn=etc,$SUFFIX")(version 3.0;acl "permission:Register Entitlements";allow (add) groupdn = "ldap:///cn=Register Entitlements,cn=permissions,cn=pbac,$SUFFIX";) - -dn: $SUFFIX -changetype: modify -add: aci -aci: (targetattr = "usercertificate")(target = "ldap:///ipaentitlement=*,cn=entitlements,cn=etc,$SUFFIX")(version 3.0;acl "permission:Write Entitlements";allow (write) groupdn = "ldap:///cn=Write Entitlements,cn=permissions,cn=pbac,$SUFFIX";) - -dn: $SUFFIX -changetype: modify -add: aci -aci: (targetattr = "userpkcs12")(target = "ldap:///ipaentitlementid=*,cn=entitlements,cn=etc,$SUFFIX")(version 3.0;acl "permission:Read Entitlements";allow (read) groupdn = "ldap:///cn=Read Entitlements,cn=permissions,cn=pbac,$SUFFIX";) - # Create virtual operations entry. This is used to control access to # operations that don't rely on LDAP directly. dn: cn=virtual operations,cn=etc,$SUFFIX diff --git a/install/tools/Makefile.am b/install/tools/Makefile.am index 7c553116c..659ce0a87 100644 --- a/install/tools/Makefile.am +++ b/install/tools/Makefile.am @@ -21,7 +21,6 @@ sbin_SCRIPTS = \ ipa-managed-entries \ ipa-ldap-updater \ ipa-upgradeconfig \ - ipa-compliance \ ipa-backup \ ipa-restore \ $(NULL) diff --git a/install/tools/ipa-compliance b/install/tools/ipa-compliance deleted file mode 100644 index 9b34350b4..000000000 --- a/install/tools/ipa-compliance +++ /dev/null @@ -1,201 +0,0 @@ -#!/usr/bin/env python -# -# Authors: -# Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2010 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. -# -# An LDAP client to count entitlements and log to syslog if the number is -# exceeded. - -try: - import sys - import os - import syslog - import tempfile - import krbV - import base64 - import shutil - - from rhsm.certificate import EntitlementCertificate - - from ipaserver.plugins.ldap2 import ldap2 - from ipalib import api, errors, backend - from ipaserver.install import installutils - from ipapython.dn import DN -except ImportError, e: - # If python-rhsm isn't installed exit gracefully and quietly. - if e.args[0] == 'No module named rhsm.certificate': - sys.exit(0) - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -# Each IPA server comes with this many entitlements -DEFAULT_ENTITLEMENTS = 25 - -class client(backend.Executioner): - """ - A simple-minded IPA client that can execute remote commands. - """ - - def run(self, method, **kw): - self.create_context() - result = self.execute(method, **kw) - return result - -def parse_options(): - from optparse import OptionParser - - parser = OptionParser() - parser.add_option("--debug", dest="debug", action="store_true", - default=False, help="enable debugging") - - options, args = parser.parse_args() - return options, args - -def check_compliance(tmpdir, debug=False): - cfg = dict( - context='cli', - in_server=False, - debug=debug, - verbose=0, - ) - - api.bootstrap(**cfg) - api.register(client) - api.finalize() - from ipalib.x509 import normalize_certificate, make_pem - - try: - # Create a new credentials cache for this tool. This executes - # using the systems host principal. - ccache_file = 'FILE:%s/ccache' % tmpdir - krbcontext = krbV.default_context() - principal = str('host/%s@%s' % (api.env.host, api.env.realm)) - keytab = krbV.Keytab(name='/etc/krb5.keytab', context=krbcontext) - principal = krbV.Principal(name=principal, context=krbcontext) - os.environ['KRB5CCNAME'] = ccache_file - ccache = krbV.CCache(name=ccache_file, context=krbcontext, primary_principal=principal) - ccache.init(principal) - ccache.init_creds_keytab(keytab=keytab, principal=principal) - except krbV.Krb5Error, e: - raise StandardError('Error initializing principal %s in %s: %s' % (principal.name, '/etc/krb5.keytab', str(e))) - - # entitle-sync doesn't return any information we want to see, it just - # needs to be done so the LDAP data is correct. - try: - result = api.Backend.client.run('entitle_sync') - except errors.NotRegisteredError: - # Even if not registered they have some default entitlements - pass - - conn = ldap2(shared_instance=False) - - # Bind using GSSAPI - conn.connect(ccache=ccache_file) - - hostcount = 0 - # Get the hosts first - try: - (entries, truncated) = conn.find_entries('(krblastpwdchange=*)', [], - DN(api.env.container_host, api.env.basedn), - conn.SCOPE_ONELEVEL, - size_limit = -1) - except errors.NotFound: - # No hosts - pass - - if not truncated: - hostcount = len(entries) - else: - # This will not happen unless we bump into a server-side limit. - msg = 'The host count result was truncated, they will be underreported' - syslog.syslog(syslog.LOG_ERR, msg) - if sys.stdin.isatty(): - print msg - - available = 0 - try: - (entries, truncated) = conn.find_entries('(objectclass=ipaentitlement)', - ['userCertificate'], - DN(api.env.container_entitlements, api.env.basedn), - conn.SCOPE_ONELEVEL, - size_limit = -1) - - for entry in entries: - (dn, attrs) = entry - if 'usercertificate' in attrs: - rawcert = attrs['usercertificate'][0] - rawcert = normalize_certificate(rawcert) - cert = make_pem(base64.b64encode(rawcert)) - cert = EntitlementCertificate(cert) - order = cert.getOrder() - available += int(order.getQuantityUsed()) - except errors.NotFound: - pass - - conn.disconnect() - - available += DEFAULT_ENTITLEMENTS - - if hostcount > available: - syslog.syslog(syslog.LOG_ERR, 'IPA is out of compliance: %d of %d entitlements used.' % (hostcount, available)) - if sys.stdin.isatty(): - print 'IPA is out of compliance: %d of %d entitlements used.' % (hostcount, available) - else: - if sys.stdin.isatty(): - # If run from the command-line display some info - print 'IPA is in compliance: %d of %d entitlements used.' % (hostcount, available) - -def main(): - installutils.check_server_configuration() - - if not os.path.exists('/etc/ipa/default.conf'): - return 0 - - options, args = parse_options() - - try: - tmpdir = tempfile.mkdtemp(prefix = "tmp-") - try: - check_compliance(tmpdir, options.debug) - finally: - shutil.rmtree(tmpdir) - except KeyboardInterrupt: - return 1 - except (StandardError, errors.PublicError), e: - syslog.syslog(syslog.LOG_ERR, 'IPA compliance checking failed: %s' % str(e)) - if sys.stdin.isatty(): - print 'IPA compliance checking failed: %s' % str(e) - return 1 - - return 0 - -try: - if not os.geteuid()==0: - sys.exit("\nMust be root to check compliance\n") - - main() -except SystemExit, e: - sys.exit(e) -except RuntimeError, e: - sys.exit(e) diff --git a/install/tools/man/Makefile.am b/install/tools/man/Makefile.am index a1bf076bf..b16d2b5c7 100644 --- a/install/tools/man/Makefile.am +++ b/install/tools/man/Makefile.am @@ -19,7 +19,6 @@ man1_MANS = \ ipa-compat-manage.1 \ ipa-nis-manage.1 \ ipa-managed-entries.1 \ - ipa-compliance.1 \ ipa-backup.1 \ ipa-restore.1 \ $(NULL) diff --git a/install/tools/man/ipa-compliance.1 b/install/tools/man/ipa-compliance.1 deleted file mode 100644 index 4f8a6191d..000000000 --- a/install/tools/man/ipa-compliance.1 +++ /dev/null @@ -1,45 +0,0 @@ -.\" A man page for ipa-compliance -.\" Copyright (C) 2010 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-compliance" "1" "Dec 14 2010" "FreeIPA" "FreeIPA Manual Pages" -.SH "NAME" -ipa\-compliance \- Check entitlement compliance -.SH "SYNOPSIS" -ipa\-compliance [\fIOPTION\fR] -.SH "DESCRIPTION" -Verify that the IPA installation is in compliance with the number of client entitlements it has. - -Entitlements are managed using the ipa entitle command. - -An enrolled host is an machine that has a host keytab in the IPA system. - -The entitlements take the form of x509v3 certificates. The certificates are examined and the quantities summed. This is compared to the number of enrolled hosts to determine compliance. - -The command logs to syslog and if run from a tty will log to the terminal as well. - -The IPA server provides 25 entitlements of its own. -.SH "OPTIONS" -.TP -\fB\-\-debug\fR -Enable debugging output in the command -.SH "EXIT STATUS" -0 if the command was successful - -1 if an error occurred -.SH "NOTES" -Entitlements are not checked if the python\-rhsm package is not installed. diff --git a/install/ui/images/Makefile.am b/install/ui/images/Makefile.am index 06e2cd73f..ea9b712b1 100644 --- a/install/ui/images/Makefile.am +++ b/install/ui/images/Makefile.am @@ -12,9 +12,6 @@ app_DATA = \ centered-background.png \ check-icon.png \ combobox-open.png \ - entitle-consume.png \ - entitle-import.png \ - entitle-register.png \ facet-tab-off.png \ facet-tab-on.png \ firefox-icon.png \ diff --git a/install/ui/images/entitle-consume.png b/install/ui/images/entitle-consume.png Binary files differdeleted file mode 100644 index e643e1062..000000000 --- a/install/ui/images/entitle-consume.png +++ /dev/null diff --git a/install/ui/images/entitle-import.png b/install/ui/images/entitle-import.png Binary files differdeleted file mode 100644 index 261e3297d..000000000 --- a/install/ui/images/entitle-import.png +++ /dev/null diff --git a/install/ui/images/entitle-register.png b/install/ui/images/entitle-register.png Binary files differdeleted file mode 100644 index 4a4608724..000000000 --- a/install/ui/images/entitle-register.png +++ /dev/null diff --git a/install/ui/ipa.css b/install/ui/ipa.css index 5c141bc13..8ef0a5096 100644 --- a/install/ui/ipa.css +++ b/install/ui/ipa.css @@ -179,21 +179,6 @@ body { margin: -4px 0 0 1px; } -.register-icon { - background: url(images/entitle-register.png); - margin: -4px 0 0 1px; -} - -.import-icon { - background: url(images/entitle-import.png); - margin: -4px 0 0 1px; -} - -.consume-icon { - background: url(images/entitle-consume.png); - margin: -4px 0 0 1px; -} - .ipa-icon { font-size: 0.7em; padding-right: 0.3em; diff --git a/install/ui/src/freeipa/entitle.js b/install/ui/src/freeipa/entitle.js deleted file mode 100644 index 1a60d6500..000000000 --- a/install/ui/src/freeipa/entitle.js +++ /dev/null @@ -1,770 +0,0 @@ -/* Authors: - * Endi S. Dewata <edewata@redhat.com> - * - * Copyright (C) 2010 Red Hat - * see file 'COPYING' for use and warranty information - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -define([ - './ipa', - './jquery', - './phases', - './reg', - './text', - './details', - './search', - './add', - './facet', - './entity', - './field', - './widget'], - function(IPA, $, phases, reg, text) { - -var exp = IPA.entitle = {}; - -IPA.entitle.unregistered = 'unregistered'; -IPA.entitle.online = 'online'; -IPA.entitle.offline = 'offline'; - - -var make_spec = function() { -return { - name: 'entitle', - facet_groups: [ 'account', 'certificates' ], - facets: [ - { - $type: 'details', - $factory: IPA.entitle.details_facet, - label: '@i18n:objects.entitle.account', - facet_group: 'account', - sections: [ - { - name: 'general', - label: '@i18n:details.general', - fields: [ - { - name: 'uuid', - label: '@mc-opt:entitle_register:ipaentitlementid:label', - read_only: true - }, - { - $factory: IPA.entitle.download_widget, - name: 'certificate', - label: '@i18n:objects.entitle.certificate' - } - ] - }, - { - name: 'status', - label: '@i18n:objects.entitle.status', - fields: [ - { - name: 'product', - label: '@i18n:objects.entitle.product', - read_only: true - }, - { - name: 'quantity', - label: '@mc-arg:entitle_consume:quantity:label', - read_only: true - }, - { - name: 'consumed', - label: '@i18n:objects.entitle.consumed', - read_only: true - } - ] - } - ] - }, - { - $factory: IPA.entitle.certificates_facet, - name: 'certificates', - label: '@i18n:objects.entitle.certificates', - facet_group: 'certificates', - columns: [ - { - name: 'product', - label: '@i18n:objects.entitle.product' - }, - { - name: 'quantity', - label: '@mc-arg:entitle_consume:quantity:label' - }, - { - name: 'start', - label: '@i18n:objects.entitle.start' - }, - { - name: 'end', - label: '@i18n:objects.entitle.end' - }, - { - $factory: IPA.entitle.certificate_column, - name: 'certificate', - label: '@i18n:objects.entitle.certificate' - } - ] - } - ], - standard_association_facets: true, - dialogs: [ - { - $factory: IPA.entitle.register_online_dialog, - name: 'online_registration', - title: '@i18n:objects.entitle.registration', - fields: [ - { - name: 'username', - label: '@mc-arg:entitle_register:username:label' - }, - { - name: 'password', - label: '@mc-opt:entitle_register:password:label', - $type: 'password' - } -/* currently not supported - , { - name: 'ipaentitlementid', - label: '@mc-opt:entitle_register:ipaentitlementid:label' - } -*/ - ] - }, - { - $factory: IPA.entitle.register_offline_dialog, - name: 'offline_registration', - title: '@i18n:objects.entitle.import_certificate', - message: '@i18n:objects.entitle.import_message', - fields: [ - { - name: 'certificate', - label: '@i18n:objects.entitle.certificate' - } - ] - }, - { - $factory: IPA.entitle.consume_dialog, - name: 'consume', - title: '@i18n:objects.entitle.consume_entitlement', - fields: [ - { - name: 'quantity', - label: '@mc-arg:entitle_consume:quantity:label', - metadata: '@mc-arg:entitle_consume:quantity' - } - ] - }, - { - $factory: IPA.entitle.import_dialog, - name: 'import', - title: '@i18n:objects.entitle.import_certificate', - message: '@i18n:objects.entitle.import_message', - fields: [ - { - name: 'certificate', - label: '@i18n:objects.entitle.certificate' - } - ] - } - ] -};}; - -IPA.entitle.entity = function(spec) { - - spec = spec || {}; - - var that = IPA.entity(spec); - - that.status = spec.status || IPA.entitle.unregistered; - - that.get_accounts = function(on_success, on_error) { - - var command = IPA.command({ - name: 'entitle_find_'+that.status, - entity: 'entitle', - method: 'find', - options: { all: true }, - on_success: on_success, - on_error: on_error - }); - - command.execute(); - }; - - that.get_status = function(on_success, on_error) { - - var command = IPA.command({ - name: 'entitle_status_'+that.status, - entity: 'entitle', - method: 'status', - on_success: function(data, text_status, xhr) { - if (data.result.result.uuid == 'IMPORTED') { - that.status = IPA.entitle.offline; - } else { - that.status = IPA.entitle.online; - } - - if (on_success) { - on_success.call(this, data, text_status, xhr); - } - }, - on_error: function(xhr, text_status, error_thrown) { - that.status = IPA.entitle.unregistered; - - if (on_error) { - on_error.call(this, xhr, text_status, error_thrown); - } - }, - retry: false - }); - - command.execute(); - }; - - that.get_certificates = function(on_success, on_error) { - - var command = IPA.command({ - entity: 'entitle', - method: 'get', - on_success: on_success, - on_error: on_error, - retry: false - }); - - command.execute(); - }; - - that.register_online = function(username, password, ipaentitlementid, on_success, on_error) { - - var command = IPA.command({ - entity: 'entitle', - method: 'register', - args: [ username ], - options: { - password: password - }, - on_success: function(data, text_status, xhr) { - that.status = IPA.entitle.online; - if (on_success) { - on_success.call(this, data, text_status, xhr); - } - }, - on_error: on_error - }); - - if (ipaentitlementid) { - command.set_option('ipaentitlementid', ipaentitlementid); - } - - command.execute(); - }; - - that.register_offline = function(certificate, on_success, on_error) { - - var command = IPA.command({ - entity: 'entitle', - method: 'import', - args: [ certificate ], - on_success: function(data, text_status, xhr) { - that.status = IPA.entitle.offline; - if (on_success) { - on_success.call(this, data, text_status, xhr); - } - }, - on_error: on_error - }); - - command.execute(); - }; - - that.consume = function(quantity, on_success, on_error) { - - var command = IPA.command({ - entity: 'entitle', - method: 'consume', - args: [ quantity ], - on_success: on_success, - on_error: on_error - }); - - command.execute(); - }; - - that.import_certificate = function(certificate, on_success, on_error) { - - var command = IPA.command({ - entity: 'entitle', - method: 'import', - args: [ certificate ], - on_success: function(data, text_status, xhr) { - that.status = IPA.entitle.offline; - if (on_success) { - on_success.call(this, data, text_status, xhr); - } - }, - on_error: on_error - }); - - command.execute(); - }; - - return that; -}; - -IPA.entitle.details_facet = function(spec) { - - spec = spec || {}; - spec.disable_breadcrumb = true; - - var that = IPA.details_facet(spec); - - that.create_controls = function() { - - that.register_buttons = $('<span/>', { - name: 'register_buttons' - }).appendTo(that.controls); - - that.register_online_button = IPA.action_button({ - name: 'register', - label: '@i18n:objects.entitle.register', - icon: 'register-icon', - click: function() { - var dialog = that.entity.get_dialog('online_registration'); - dialog.open(that.container); - return false; - } - }).appendTo(that.register_buttons); - - that.register_online_button.css('display', 'none'); -/* - that.register_offline_button = IPA.action_button({ - name: 'import', - label: '@i18n:objects.entitle.import', - icon: 'import-icon', - click: function() { - var dialog = that.entity.get_dialog('offline_registration'); - dialog.open(that.container); - return false; - } - }).appendTo(that.register_buttons); - - that.register_offline_button.css('display', 'none'); -*/ - }; - - that.refresh = function() { - - var summary = $('span[name=summary]', that.container).empty(); - summary.append(text.get('@i18n:objects.entitle.loading')); - - function on_success(data, text_status, xhr) { - if (that.entity.status == IPA.entitle.unregistered) { - that.register_online_button.css('display', 'inline'); - // that.register_offline_button.css('display', 'inline'); - - } else { - that.register_online_button.css('display', 'none'); - // that.register_offline_button.css('display', 'none'); - } - - that.load(data); - - summary.empty(); - } - - function on_error(xhr, text_status, error_thrown) { - - that.register_online_button.css('display', 'inline'); - // that.register_offline_button.css('display', 'inline'); - - var data = {}; - data.result = {}; - data.result.result = { - uuid: '', - product: '', - quantity: 0, - consumed: 0 - }; - that.load(data); - - summary.empty(); - summary.append(error_thrown.name+': '+error_thrown.message); - } - - that.entity.get_status( - on_success, - on_error); - }; - - return that; -}; - -IPA.entitle.certificates_facet = function(spec) { - - spec = spec || {}; - spec.disable_facet_tabs = false; - spec.selectable = false; - - var that = IPA.table_facet(spec); - - var init = function() { - that.init_table(that.entity); - }; - - that.create_header = function(container) { - - that.facet_create_header(container); - - that.consume_buttons = $('<span/>', { - name: 'consume_buttons' - }).appendTo(that.controls); - - that.consume_button = IPA.action_button({ - name: 'consume', - label: '@i18n:objects.entitle.consume', - icon: 'consume-icon', - click: function() { - var dialog = that.entity.get_dialog('consume'); - dialog.open(that.container); - return false; - } - }).appendTo(that.consume_buttons); - - that.consume_button.css('display', 'none'); - - that.import_button = IPA.action_button({ - name: 'import', - label: '@i18n:objects.entitle.import_button', - icon: 'import-icon', - click: function() { - var dialog = that.entity.get_dialog('import'); - dialog.open(that.container); - return false; - } - }).appendTo(that.consume_buttons); - - that.import_button.css('display', 'none'); - }; - - that.refresh = function() { - - function on_success(data, text_status, xhr) { - - if (that.entity.status == IPA.entitle.online) { - that.consume_button.css('display', 'inline'); - that.import_button.css('display', 'none'); - - } else if (that.entity.status == IPA.entitle.offline) { - that.consume_button.css('display', 'none'); - that.import_button.css('display', 'inline'); - - } else { - that.consume_button.css('display', 'none'); - that.import_button.css('display', 'inline'); - } - - that.load(data); - } - - function on_error(xhr, text_status, error_thrown) { - - that.consume_button.css('display', 'none'); - that.import_button.css('display', 'inline'); - - that.table.summary.text(error_thrown.name+': '+error_thrown.message); - } - - that.entity.get_status( - function(data, text_status, xhr) { - that.entity.get_certificates( - on_success, - on_error); - }, - on_error); - }; - - init(); - - return that; -}; - -IPA.entitle.certificate_column = function(spec) { - - spec = spec || {}; - - var that = IPA.column(spec); - - that.setup = function(container, record) { - - container.empty(); - - var certificate = record[that.name]; - - $('<a/>', { - href: '#download', - html: text.get('@i18n:objects.entitle.download'), - click: function() { - var dialog = IPA.cert.download_dialog({ - title: '@i18n:objects.entitle.download_certificate', - certificate: certificate - }); - dialog.open(); - return false; - } - }).appendTo(container); - }; - - return that; -}; - -IPA.entitle.certificate_dialog = function(spec) { - - spec = spec || {}; - - var that = IPA.dialog(spec); - - that.width = spec.width || 500; - that.height = spec.height || 400; - that.message = text.get(spec.message); - that.label = text.get(spec.label); - - that.get_certificate = function() { - var certificate = that.textarea.val(); - return IPA.cert.BEGIN_CERTIFICATE+'\n'+ - $.trim(certificate)+'\n'+ - IPA.cert.END_CERTIFICATE+'\n'; - }; - - that.create = function() { - that.container.append(that.message); - that.container.append('<br/>'); - that.container.append('<br/>'); - - that.container.append(IPA.cert.BEGIN_CERTIFICATE); - that.container.append('<br/>'); - - that.textarea = $('<textarea/>', { - style: 'width: 100%; height: 225px;' - }).appendTo(that.container); - - that.container.append('<br/>'); - that.container.append(IPA.cert.END_CERTIFICATE); - }; - - return that; -}; - -IPA.entitle.register_online_dialog = function(spec) { - - spec = spec || {}; - - var that = IPA.dialog(spec); - - that.create_button({ - name: 'register', - label: '@i18n:objects.entitle.register', - click: function() { - var record = {}; - that.save(record); - - that.entity.register_online( - record.username[0], - record.password[0], - record.ipaentitlementid[0], - function() { - var facet = that.entity.get_facet(); - facet.refresh(); - that.close(); - } - ); - } - }); - - that.create_button({ - name: 'cancel', - label: '@i18n:buttons.cancel', - click: function() { - that.close(); - } - }); - - return that; -}; - -IPA.entitle.register_offline_dialog = function(spec) { - - spec = spec || {}; - - var that = IPA.entitle.certificate_dialog(spec); - - that.create_button({ - name: 'register', - label: that.label, - click: function() { - that.entity.register_offline( - that.get_certificate(), - function() { - var facet = that.entity.get_facet(); - facet.refresh(); - that.close(); - } - ); - } - }); - - that.create_button({ - name: 'cancel', - label: '@i18n:buttons.cancel', - click: function() { - that.close(); - } - }); - - return that; -}; - -IPA.entitle.consume_dialog = function(spec) { - - spec = spec || {}; - - var that = IPA.dialog(spec); - - that.create_button({ - name: 'consume', - label: '@i18n:objects.entitle.consume', - click: function() { - - if (!that.validate()) { - return; - } - - var record = {}; - that.save(record); - - that.entity.consume( - record.quantity[0], - function() { - var facet = that.entity.get_facet(); - facet.refresh(); - that.close(); - } - ); - } - }); - - that.create_button({ - name: 'cancel', - label: '@i18n:buttons.cancel', - click: function() { - that.close(); - } - }); - - return that; -}; - -IPA.entitle.import_dialog = function(spec) { - - spec = spec || {}; - - var that = IPA.entitle.certificate_dialog(spec); - - that.create_button({ - name: 'import', - label: '@i18n:objects.entitle.import_button', - click: function() { - that.entity.import_certificate( - that.get_certificate(), - function() { - var facet = that.entity.get_facet(); - facet.refresh(); - that.close(); - } - ); - } - }); - - that.create_button({ - name: 'cancel', - label: '@i18n:buttons.cancel', - click: function() { - that.close(); - } - }); - - return that; -}; - -IPA.entitle.download_widget = function(spec) { - - spec = spec || {}; - - var that = IPA.input_widget(spec); - - that.create = function(container) { - that.link = $('<a/>', { - 'href': '#download', - 'html': text.get('@i18n:objects.entitle.download'), - 'click': function() { - that.entity.get_accounts( - function(data, text_status, xhr) { - var userpkcs12 = data.result.result[0].userpkcs12; - if (!userpkcs12) { - alert(text.get('@i18n:objects.entitle.no_certificate')); - return; - } - - /* - * WARNING - despite using cert.download_dialog() and passing - * a certificate, it's NOT a certificate, it's a binary - * PKCS12 file that's been base64 encoded! - * Hence the reason add_pem_delimiters is false. - */ - var dialog = IPA.cert.download_dialog({ - title: '@i18n:objects.entitle.download_certificate', - certificate: userpkcs12[0].__base64__, - add_pem_delimiters: false - }); - dialog.open(); - } - ); - return false; - } - }).appendTo(container); - }; - - that.update = function() { - if (that.entity.status == IPA.entitle.online) { - that.link.css('display', 'inline'); - } else { - that.link.css('display', 'none'); - } - that.updated.notify([], that); - }; - - return that; -}; - -exp.entity_spec = make_spec(); -exp.register = function() { - var e = reg.entity; - e.register({type: 'entitle', spec: exp.entity_spec}); -}; -phases.on('registration', exp.register); - -return exp; -});
\ No newline at end of file diff --git a/install/ui/test/data/entitle_consume.json b/install/ui/test/data/entitle_consume.json deleted file mode 100644 index 878bf7bbf..000000000 --- a/install/ui/test/data/entitle_consume.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "result": { - "consumed": 13, - "ipaentitlementid": [ - "b788ccee-4b09-48f0-8a9a-2c769f7b41e0" - ], - "ipauniqueid": [ - "c63b1972-5ffe-11e0-8340-00163e2fe6de" - ], - "objectclass": [ - "ipaobject", - "ipaentitlement" - ], - "product": "MKT-multiplier-client-50", - "quantity": 250, - "uuid": "b788ccee-4b09-48f0-8a9a-2c769f7b41e0" - }, - "summary": "Consumed 1 entitlement(s).", - "value": "1" - } -}
\ No newline at end of file diff --git a/install/ui/test/data/entitle_find_offline.json b/install/ui/test/data/entitle_find_offline.json deleted file mode 100644 index 442dbf03d..000000000 --- a/install/ui/test/data/entitle_find_offline.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "count": 1, - "result": [ - { - "dn": "ipaentitlementid=b788ccee-4b09-48f0-8a9a-2c769f7b41e0,cn=entitlements,cn=etc,dc=example,dc=com", - "ipaentitlementid": [ - "IMPORTED" - ], - "ipauniqueid": [ - "c63b1972-5ffe-11e0-8340-00163e2fe6de" - ], - "objectclass": [ - "ipaobject", - "ipaentitlement" - ], - "usercertificate": [ - { - "__base64__": "MIIHVTCCBr6gAwIBAgIIY9jsLQtqWO8wDQYJKoZIhvcNAQEFBQAwRzEmMCQGA1UEAwwddm0tMDIyLmlkbS5sYWIuYm9zLnJlZGhhdC5jb20xCzAJBgNVBAYTAlVTMRAwDgYDVQQHDAdSYWxlaWdoMB4XDTExMDQwNTAwMDAwMFoXDTEyMDQwNDAwMDAwMFowKzEpMCcGA1UEAwwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU4MmNjYjAyMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD0eal/e5ua7opJhvPdd3nr36p2l2t2WMDPRtyOo+h7yZOspoW+qAavd8HwBEbLNjVq56oMyB5/5saE3ubVMxyYFl6dvCpyOy1irxFiZAt3bl1oV3Al8xL0Tieug1SMUOkbz18zcmr/fhGe2ShU5cx9HRfBBx2GexCyUzdn8JiJHpSRKLBxicCmNAwlrv847v32ymJYJ/069Qetx87Xv/Qlct9zRMbi/4EMZ2rwabtOt8ZEYufkhdZvQgm/uPmWEMKYqvkALl97MjfkPTv9IRv8Rrypt/GgCATxHABAVCadYcnE/QYOWwhpJjIPIBwImtUgLKSfJMmep1nHOJfyeYNAgMBAAGjggTgMIIE3DARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgSwMHcGA1UdIwRwMG6AFIzw8TMZRe2EemNNdk/OQJydGp/goUukSTBHMSYwJAYDVQQDDB12bS0wMjIuaWRtLmxhYi5ib3MucmVkaGF0LmNvbTELMAkGA1UEBhMCVVMxEDAOBgNVBAcMB1JhbGVpZ2iCCQC0zvfl5WJ2gTAdBgNVHQ4EFgQU/z8K8+VKhseEGe81ukYTXjCZ6TswEwYDVR0lBAwwCgYIKwYBBQUHAwIwKgYNKwYBBAGSCAkBuIBDAQQZDBdNdWx0aXBsaWVyIFByb2R1Y3QgQml0czAUBgsrBgEEAZIICQIBAQQFDAN5dW0wKAYMKwYBBAGSCAkCAQEBBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwKAYMKwYBBAGSCAkCAQECBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAQEFBA0MC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgEBBgQSDBAvZm9vL3BhdGgvYWx3YXlzMCYGDCsGAQQBkggJAgEBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzATBgwrBgEEAZIICQIBAQQEAwwBMDATBgwrBgEEAZIICQIBAQMEAwwBMDATBgwrBgEEAZIICQIBAQgEAwwBMTAVBgwrBgEEAZIICQIBAQkEBQwDMjAwMBQGCysGAQQBkggJAgABBAUMA3l1bTAnBgwrBgEEAZIICQIAAQEEFwwVbmV2ZXItZW5hYmxlZC1jb250ZW50MCcGDCsGAQQBkggJAgABAgQXDBVuZXZlci1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAAEFBA0MC3Rlc3QtdmVuZG9yMCEGDCsGAQQBkggJAgABBgQRDA8vZm9vL3BhdGgvbmV2ZXIwJQYMKwYBBAGSCAkCAAEHBBUMEy9mb28vcGF0aC9uZXZlci9ncGcwEwYMKwYBBAGSCAkCAAEEBAMMATAwEwYMKwYBBAGSCAkCAAEDBAMMATAwEwYMKwYBBAGSCAkCAAEIBAMMATAwFQYMKwYBBAGSCAkCAAEJBAUMAzYwMDAzBgorBgEEAZIICQQBBCUMI011bHRpcGxpZXIgUHJvZHVjdCBDbGllbnQgUGFjayAoNTApMDAGCisGAQQBkggJBAIEIgwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU3YTcxNTAxMTgwKAYKKwYBBAGSCAkEAwQaDBhNS1QtbXVsdGlwbGllci1jbGllbnQtNTAwEQYKKwYBBAGSCAkEBQQDDAE1MCQGCisGAQQBkggJBAYEFgwUMjAxMS0wNC0wNVQwMDowMDowMFowJAYKKwYBBAGSCAkEBwQWDBQyMDEyLTA0LTA0VDAwOjAwOjAwWjASBgorBgEEAZIICQQMBAQMAjMwMBIGCisGAQQBkggJBAoEBAwCNDIwGwYKKwYBBAGSCAkEDQQNDAsxMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAExMDQGCisGAQQBkggJBQEEJgwkYjc4OGNjZWUtNGIwOS00OGYwLThhOWEtMmM3NjlmN2I0MWUwMA0GCSqGSIb3DQEBBQUAA4GBAEigZmqXPj9m1oq+ZCDrW6xTvs7AGqz96MQRSK6mmFt9XRG/2cs24JnJLPxwP8Eo+w051RkyijfLEzOaXACswPFvhmxnlJxT9QnVGYO2bmPhcDi+OwwQPvDNqG5K97vBOMctEKxIJWVC83ZkKRyjHDlRnZkfE3XnbAGuhPD96lbg" - }, - { - "__base64__": "MIIHVTCCBr6gAwIBAgIIAJuMxFgwNhUwDQYJKoZIhvcNAQEFBQAwRzEmMCQGA1UEAwwddm0tMDIyLmlkbS5sYWIuYm9zLnJlZGhhdC5jb20xCzAJBgNVBAYTAlVTMRAwDgYDVQQHDAdSYWxlaWdoMB4XDTExMDQwNTAwMDAwMFoXDTEyMDQwNDAwMDAwMFowKzEpMCcGA1UEAwwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGViN2EyNjAyMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD0eal/e5ua7opJhvPdd3nr36p2l2t2WMDPRtyOo+h7yZOspoW+qAavd8HwBEbLNjVq56oMyB5/5saE3ubVMxyYFl6dvCpyOy1irxFiZAt3bl1oV3Al8xL0Tieug1SMUOkbz18zcmr/fhGe2ShU5cx9HRfBBx2GexCyUzdn8JiJHpSRKLBxicCmNAwlrv847v32ymJYJ/069Qetx87Xv/Qlct9zRMbi/4EMZ2rwabtOt8ZEYufkhdZvQgm/uPmWEMKYqvkALl97MjfkPTv9IRv8Rrypt/GgCATxHABAVCadYcnE/QYOWwhpJjIPIBwImtUgLKSfJMmep1nHOJfyeYNAgMBAAGjggTgMIIE3DARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgSwMHcGA1UdIwRwMG6AFIzw8TMZRe2EemNNdk/OQJydGp/goUukSTBHMSYwJAYDVQQDDB12bS0wMjIuaWRtLmxhYi5ib3MucmVkaGF0LmNvbTELMAkGA1UEBhMCVVMxEDAOBgNVBAcMB1JhbGVpZ2iCCQC0zvfl5WJ2gTAdBgNVHQ4EFgQU/z8K8+VKhseEGe81ukYTXjCZ6TswEwYDVR0lBAwwCgYIKwYBBQUHAwIwKgYNKwYBBAGSCAkBuIBDAQQZDBdNdWx0aXBsaWVyIFByb2R1Y3QgQml0czAUBgsrBgEEAZIICQIBAQQFDAN5dW0wKAYMKwYBBAGSCAkCAQEBBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwKAYMKwYBBAGSCAkCAQECBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAQEFBA0MC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgEBBgQSDBAvZm9vL3BhdGgvYWx3YXlzMCYGDCsGAQQBkggJAgEBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzATBgwrBgEEAZIICQIBAQQEAwwBMDATBgwrBgEEAZIICQIBAQMEAwwBMDATBgwrBgEEAZIICQIBAQgEAwwBMTAVBgwrBgEEAZIICQIBAQkEBQwDMjAwMBQGCysGAQQBkggJAgABBAUMA3l1bTAnBgwrBgEEAZIICQIAAQEEFwwVbmV2ZXItZW5hYmxlZC1jb250ZW50MCcGDCsGAQQBkggJAgABAgQXDBVuZXZlci1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAAEFBA0MC3Rlc3QtdmVuZG9yMCEGDCsGAQQBkggJAgABBgQRDA8vZm9vL3BhdGgvbmV2ZXIwJQYMKwYBBAGSCAkCAAEHBBUMEy9mb28vcGF0aC9uZXZlci9ncGcwEwYMKwYBBAGSCAkCAAEEBAMMATAwEwYMKwYBBAGSCAkCAAEDBAMMATAwEwYMKwYBBAGSCAkCAAEIBAMMATAwFQYMKwYBBAGSCAkCAAEJBAUMAzYwMDAzBgorBgEEAZIICQQBBCUMI011bHRpcGxpZXIgUHJvZHVjdCBDbGllbnQgUGFjayAoNTApMDAGCisGAQQBkggJBAIEIgwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU3YTcxNTAxMTgwKAYKKwYBBAGSCAkEAwQaDBhNS1QtbXVsdGlwbGllci1jbGllbnQtNTAwEQYKKwYBBAGSCAkEBQQDDAE1MCQGCisGAQQBkggJBAYEFgwUMjAxMS0wNC0wNVQwMDowMDowMFowJAYKKwYBBAGSCAkEBwQWDBQyMDEyLTA0LTA0VDAwOjAwOjAwWjASBgorBgEEAZIICQQMBAQMAjMwMBIGCisGAQQBkggJBAoEBAwCNDIwGwYKKwYBBAGSCAkEDQQNDAsxMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAEzMDQGCisGAQQBkggJBQEEJgwkYjc4OGNjZWUtNGIwOS00OGYwLThhOWEtMmM3NjlmN2I0MWUwMA0GCSqGSIb3DQEBBQUAA4GBAGc7e1w8IkyBrhwgmPNSeYnvfgMzqWRaZnDPJ29u/xECc95/EU51/ieFsX91SXSxC7IOSHgy62AMVLDKomkx+i82a5iNjGxEEDEqodQgKioSsZ9zDJsBM8kQ3TeZgPrCxB0y/uKFwZ8QgZ74/EpEPj4v6gyOcF4rszDCTfb8V5/f" - } - ] - } - ], - "summary": null, - "truncated": false - } -}
\ No newline at end of file diff --git a/install/ui/test/data/entitle_find_online.json b/install/ui/test/data/entitle_find_online.json deleted file mode 100644 index 8143fd426..000000000 --- a/install/ui/test/data/entitle_find_online.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "count": 1, - "result": [ - { - "dn": "ipaentitlementid=b788ccee-4b09-48f0-8a9a-2c769f7b41e0,cn=entitlements,cn=etc,dc=example,dc=com", - "ipaentitlementid": [ - "b788ccee-4b09-48f0-8a9a-2c769f7b41e0" - ], - "ipauniqueid": [ - "c63b1972-5ffe-11e0-8340-00163e2fe6de" - ], - "objectclass": [ - "ipaobject", - "ipaentitlement" - ], - "usercertificate": [ - { - "__base64__": "MIIHVTCCBr6gAwIBAgIIY9jsLQtqWO8wDQYJKoZIhvcNAQEFBQAwRzEmMCQGA1UEAwwddm0tMDIyLmlkbS5sYWIuYm9zLnJlZGhhdC5jb20xCzAJBgNVBAYTAlVTMRAwDgYDVQQHDAdSYWxlaWdoMB4XDTExMDQwNTAwMDAwMFoXDTEyMDQwNDAwMDAwMFowKzEpMCcGA1UEAwwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU4MmNjYjAyMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD0eal/e5ua7opJhvPdd3nr36p2l2t2WMDPRtyOo+h7yZOspoW+qAavd8HwBEbLNjVq56oMyB5/5saE3ubVMxyYFl6dvCpyOy1irxFiZAt3bl1oV3Al8xL0Tieug1SMUOkbz18zcmr/fhGe2ShU5cx9HRfBBx2GexCyUzdn8JiJHpSRKLBxicCmNAwlrv847v32ymJYJ/069Qetx87Xv/Qlct9zRMbi/4EMZ2rwabtOt8ZEYufkhdZvQgm/uPmWEMKYqvkALl97MjfkPTv9IRv8Rrypt/GgCATxHABAVCadYcnE/QYOWwhpJjIPIBwImtUgLKSfJMmep1nHOJfyeYNAgMBAAGjggTgMIIE3DARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgSwMHcGA1UdIwRwMG6AFIzw8TMZRe2EemNNdk/OQJydGp/goUukSTBHMSYwJAYDVQQDDB12bS0wMjIuaWRtLmxhYi5ib3MucmVkaGF0LmNvbTELMAkGA1UEBhMCVVMxEDAOBgNVBAcMB1JhbGVpZ2iCCQC0zvfl5WJ2gTAdBgNVHQ4EFgQU/z8K8+VKhseEGe81ukYTXjCZ6TswEwYDVR0lBAwwCgYIKwYBBQUHAwIwKgYNKwYBBAGSCAkBuIBDAQQZDBdNdWx0aXBsaWVyIFByb2R1Y3QgQml0czAUBgsrBgEEAZIICQIBAQQFDAN5dW0wKAYMKwYBBAGSCAkCAQEBBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwKAYMKwYBBAGSCAkCAQECBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAQEFBA0MC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgEBBgQSDBAvZm9vL3BhdGgvYWx3YXlzMCYGDCsGAQQBkggJAgEBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzATBgwrBgEEAZIICQIBAQQEAwwBMDATBgwrBgEEAZIICQIBAQMEAwwBMDATBgwrBgEEAZIICQIBAQgEAwwBMTAVBgwrBgEEAZIICQIBAQkEBQwDMjAwMBQGCysGAQQBkggJAgABBAUMA3l1bTAnBgwrBgEEAZIICQIAAQEEFwwVbmV2ZXItZW5hYmxlZC1jb250ZW50MCcGDCsGAQQBkggJAgABAgQXDBVuZXZlci1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAAEFBA0MC3Rlc3QtdmVuZG9yMCEGDCsGAQQBkggJAgABBgQRDA8vZm9vL3BhdGgvbmV2ZXIwJQYMKwYBBAGSCAkCAAEHBBUMEy9mb28vcGF0aC9uZXZlci9ncGcwEwYMKwYBBAGSCAkCAAEEBAMMATAwEwYMKwYBBAGSCAkCAAEDBAMMATAwEwYMKwYBBAGSCAkCAAEIBAMMATAwFQYMKwYBBAGSCAkCAAEJBAUMAzYwMDAzBgorBgEEAZIICQQBBCUMI011bHRpcGxpZXIgUHJvZHVjdCBDbGllbnQgUGFjayAoNTApMDAGCisGAQQBkggJBAIEIgwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU3YTcxNTAxMTgwKAYKKwYBBAGSCAkEAwQaDBhNS1QtbXVsdGlwbGllci1jbGllbnQtNTAwEQYKKwYBBAGSCAkEBQQDDAE1MCQGCisGAQQBkggJBAYEFgwUMjAxMS0wNC0wNVQwMDowMDowMFowJAYKKwYBBAGSCAkEBwQWDBQyMDEyLTA0LTA0VDAwOjAwOjAwWjASBgorBgEEAZIICQQMBAQMAjMwMBIGCisGAQQBkggJBAoEBAwCNDIwGwYKKwYBBAGSCAkEDQQNDAsxMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAExMDQGCisGAQQBkggJBQEEJgwkYjc4OGNjZWUtNGIwOS00OGYwLThhOWEtMmM3NjlmN2I0MWUwMA0GCSqGSIb3DQEBBQUAA4GBAEigZmqXPj9m1oq+ZCDrW6xTvs7AGqz96MQRSK6mmFt9XRG/2cs24JnJLPxwP8Eo+w051RkyijfLEzOaXACswPFvhmxnlJxT9QnVGYO2bmPhcDi+OwwQPvDNqG5K97vBOMctEKxIJWVC83ZkKRyjHDlRnZkfE3XnbAGuhPD96lbg" - }, - { - "__base64__": "MIIHVTCCBr6gAwIBAgIIAJuMxFgwNhUwDQYJKoZIhvcNAQEFBQAwRzEmMCQGA1UEAwwddm0tMDIyLmlkbS5sYWIuYm9zLnJlZGhhdC5jb20xCzAJBgNVBAYTAlVTMRAwDgYDVQQHDAdSYWxlaWdoMB4XDTExMDQwNTAwMDAwMFoXDTEyMDQwNDAwMDAwMFowKzEpMCcGA1UEAwwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGViN2EyNjAyMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD0eal/e5ua7opJhvPdd3nr36p2l2t2WMDPRtyOo+h7yZOspoW+qAavd8HwBEbLNjVq56oMyB5/5saE3ubVMxyYFl6dvCpyOy1irxFiZAt3bl1oV3Al8xL0Tieug1SMUOkbz18zcmr/fhGe2ShU5cx9HRfBBx2GexCyUzdn8JiJHpSRKLBxicCmNAwlrv847v32ymJYJ/069Qetx87Xv/Qlct9zRMbi/4EMZ2rwabtOt8ZEYufkhdZvQgm/uPmWEMKYqvkALl97MjfkPTv9IRv8Rrypt/GgCATxHABAVCadYcnE/QYOWwhpJjIPIBwImtUgLKSfJMmep1nHOJfyeYNAgMBAAGjggTgMIIE3DARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgSwMHcGA1UdIwRwMG6AFIzw8TMZRe2EemNNdk/OQJydGp/goUukSTBHMSYwJAYDVQQDDB12bS0wMjIuaWRtLmxhYi5ib3MucmVkaGF0LmNvbTELMAkGA1UEBhMCVVMxEDAOBgNVBAcMB1JhbGVpZ2iCCQC0zvfl5WJ2gTAdBgNVHQ4EFgQU/z8K8+VKhseEGe81ukYTXjCZ6TswEwYDVR0lBAwwCgYIKwYBBQUHAwIwKgYNKwYBBAGSCAkBuIBDAQQZDBdNdWx0aXBsaWVyIFByb2R1Y3QgQml0czAUBgsrBgEEAZIICQIBAQQFDAN5dW0wKAYMKwYBBAGSCAkCAQEBBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwKAYMKwYBBAGSCAkCAQECBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAQEFBA0MC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgEBBgQSDBAvZm9vL3BhdGgvYWx3YXlzMCYGDCsGAQQBkggJAgEBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzATBgwrBgEEAZIICQIBAQQEAwwBMDATBgwrBgEEAZIICQIBAQMEAwwBMDATBgwrBgEEAZIICQIBAQgEAwwBMTAVBgwrBgEEAZIICQIBAQkEBQwDMjAwMBQGCysGAQQBkggJAgABBAUMA3l1bTAnBgwrBgEEAZIICQIAAQEEFwwVbmV2ZXItZW5hYmxlZC1jb250ZW50MCcGDCsGAQQBkggJAgABAgQXDBVuZXZlci1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAAEFBA0MC3Rlc3QtdmVuZG9yMCEGDCsGAQQBkggJAgABBgQRDA8vZm9vL3BhdGgvbmV2ZXIwJQYMKwYBBAGSCAkCAAEHBBUMEy9mb28vcGF0aC9uZXZlci9ncGcwEwYMKwYBBAGSCAkCAAEEBAMMATAwEwYMKwYBBAGSCAkCAAEDBAMMATAwEwYMKwYBBAGSCAkCAAEIBAMMATAwFQYMKwYBBAGSCAkCAAEJBAUMAzYwMDAzBgorBgEEAZIICQQBBCUMI011bHRpcGxpZXIgUHJvZHVjdCBDbGllbnQgUGFjayAoNTApMDAGCisGAQQBkggJBAIEIgwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU3YTcxNTAxMTgwKAYKKwYBBAGSCAkEAwQaDBhNS1QtbXVsdGlwbGllci1jbGllbnQtNTAwEQYKKwYBBAGSCAkEBQQDDAE1MCQGCisGAQQBkggJBAYEFgwUMjAxMS0wNC0wNVQwMDowMDowMFowJAYKKwYBBAGSCAkEBwQWDBQyMDEyLTA0LTA0VDAwOjAwOjAwWjASBgorBgEEAZIICQQMBAQMAjMwMBIGCisGAQQBkggJBAoEBAwCNDIwGwYKKwYBBAGSCAkEDQQNDAsxMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAEzMDQGCisGAQQBkggJBQEEJgwkYjc4OGNjZWUtNGIwOS00OGYwLThhOWEtMmM3NjlmN2I0MWUwMA0GCSqGSIb3DQEBBQUAA4GBAGc7e1w8IkyBrhwgmPNSeYnvfgMzqWRaZnDPJ29u/xECc95/EU51/ieFsX91SXSxC7IOSHgy62AMVLDKomkx+i82a5iNjGxEEDEqodQgKioSsZ9zDJsBM8kQ3TeZgPrCxB0y/uKFwZ8QgZ74/EpEPj4v6gyOcF4rszDCTfb8V5/f" - } - ], - "userpkcs12": [ - { - "__base64__": "MIIKBAIBAzCCCcoGCSqGSIb3DQEHAaCCCbsEggm3MIIJszCCBEcGCSqGSIb3DQEHBqCCBDgwggQ0AgEAMIIELQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIgN0lOQyl9z8CAggAgIIEAEXoWAijUCgIVOsxqmBdCkXrKkw1JjCVuvW8wtY6SWrKQvC51C0MJFytvqfWOpey3XJZdpa9FzgSPXdlI6V09uFt1yQ4OgamFU43Og2BTe79vkNaVayXkhrvT8NH+BPSWEVFmUfAmicsl2+dYE7vjVdhtOWfAtFzKYprATpVJ2mG1uMBXbBmU9jeEkcVTS81QiyfZTbwgCj75gfGgvMXeTcr4BwGknocukpQyryvJgDjItZtV1p4C5jfsTbLYv9NY+aScSLodNx9DbmS8oaTL8MUmuqca9eCi7BSw6RYiPrDwvKEYZ4+eoTxSFDaqLV5Jrxv6zNd5lqfUwXwJXlEDV4ywo3pVY9HZ/BIqwMoraCwqJt6Fl+zuy8+4qWbK92Aq/vpUQ9+1den7NmwX+GhbA3eVUslDrv1V5ItOAPROC3eQniSbInDP0pzeKtxmeFp1D6z4Ne7OG5raLXyz2PLrQzK7ZnGbky5I5zBTbqrMea9NXHTpP8luQ80iJc9ufAkPcNBI4Qfb01vmLbbseuE0XAOhoETSDSs98bVAOg7Olr78UsCSy7mam02LFSRleNPAjaJGBM50NwVEVbxvHEanKCsWYMZ4+gObUEcDLamb7vnPBvjnBTM7DO+qJ01qrRAZA8/fAZcSskLw37hPJiPdrdimSBJYVB33j8DXM9eeMMt6EGYhjxmC/L2Ui/EcJRfSiGmQbFM0weSnLfDu4SHA7cbLTaz7vRSPLIZhNdUfgGexD8bkLeEUJ8GOIO2oIH+U+UbOMY3XfFhvo6h8drf3cP3xfhpQt4KvXiNkeK3UqnxTzc5yMl6cGcYLNRVloay/OxdfUVHtdahQecZuHfJqxpJQUMrhtQB6ZpZC1oId797WAoalK2b8YGdXQGa32WBLbV3DmtgfzCRviuZHIR9bfpdtlTWoBybgoZ3qnioqfggYZgGRCMRL9k6ENzUTo8pqPotgfrICV71r1q9rucfe3yOB/Ixwm8qfgtafqIdyRgs+ANXnGdOQjk5eN8ayX4njiUupfAMJ5wqwf6DYcYWG5xkGWzAuKWiYH3nKj8DIhdTSqsvTYkkVsmMWnrRIWaIe9lrydulAwpOEnNXUv/xtq2rVw8PwZWqW0nu937LdLVsmYKQUMkojXom0E6HhEKBLoG0EkEGh9M4A9zfmeAOW3yxdcGr6ipjB7nAQkkJhAvY3eVXVc6WIQnw9XpAtWSDQXULLHtFMCu2DZi+YZs8yR66Ye5UdtFL3z50pShWRivtN/ZFeRjjEBrd1ZMm8MEuixDMqt9VO9/U+9usmo7fYSoS4DtAX17i1RWe/ErcfQ2Cr9GCMCXVx3GD9pv9XoCG44b+SjOXMzxzvaxsl814QmQwggVkBgkqhkiG9w0BBwGgggVVBIIFUTCCBU0wggVJBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIype6mZDVuTYCAggABIIEyL19l59xf3ns8ERqTEwDrtR37DxT+L+lxd6ebYbZaI+Vj2lKbAPSgS7DYZybQzygxsRDEhH1MuYYTw2qp4S4gFsM8cqxnhlMu8StZM5PaTUOpIB4x4heZTDIEWl1Egc2+BmZU47E+5Q6yk8ySXav95+r0ZdnBTq3CoyBOPvCDDzOcy8m0N+HHHtme2E9F2Fl9/vw82r4D/TbfVMpE4eNVXtXPkLePml67EAI+GDTyjGyFrx4e+Nrd8cNA+QH2/E+j3PlzlnbJ7HJ/Yw4uTrfovNj70U1GmYpIn8ECKrt2glx1u/7wn8YsQdZuFCMurvho6HrLTICxmOvtUlCW8D09/HSmBJnhaKpcX8z2vfXmk7YjodXBgwFl9YZEQ83JuvDIanFDuGPr9kEGcgiojY3HqO8exQyDImWqJMKLRTfQDsLrhRpwa/E5odZi11RVbBAEywYMRH3KeRq/FqZcdZ7+WkBtynbRLXCgmOX0Hno+aMMu35qNhBbztnpdHRY1SG3Zcqaym4wLOWw8uwy16UgqiaSFIQN2fQCwnaJvYUDOslpCYHolUdTt4jzkMJNJpp72f3elp+FNfC9a2GPtw3YdEVf9wKgJRYriwMS4R0ICmX7T5JkrrBSVyfc6QB6AyVxKqsNoDDsOgBuYSe0GOVnQTszYbT3kBzdWAHmuCWrdSEbPmJ49PP+TqnDnRFnmVAYBFrL2ftWNZi0Sh8R+sRgRxVYUQY7mdfSfhPmunO7ajARRAz1MuvFFObvM1fi/f3CjshVUigjlyP9O2WJ6jy96eMYxF6Kv1NOn/deL++HiZx9I0o2w1qZBTx/XH9SkoI5SFWAbhs7QoesXagRg3WV70UZBU5jQ046ti6VV0/LV5n5/pCCXfvQEtM1XYs9VivcIyeNvGUQjZVEhZHvFVnOv84BWX2uAI0o1UiaCMZ37Z+xzM+6V+xTw6LYZz59p3Z5iccfuqNMHqpfo64kozbOQgQaJio87UwgjUf2Xz9bfMlrUmbyAh2dVFlpCtx1/g6QPcjr3H19Q0Y+gBXan429AJwV2Li9Ao7XBKiMB+Z1kC+K8/BVOlpcqUke66HkU28kpzdKB6sp/IqzkDw6d/SOC8mCxeW0P1o31cymbUySkAATF0yX2S6QEQKvGccS8lXK9sRicx/0ASi3qGdRzLg7NpvRk6DV6b7exOEyU20zk06oSqyhqvyJj9td/F4Fk5LYJbp48TxcWmqvPI4xq8UBti8kU43B6GyQBp9c0RoJduh0XXvqKZdscsVn0SAKztYUJ7AYZq52zHE32sO8EkDdVt/XnFFd30DV3RHC2ZqYjccn341XHecRyqUBUPmUYiobtmExGwPvbGDoIBUvYNNY00SqndxQtosPTJ3N57ERNRdFnJQhynvC28rmPed5VIsOWXkCe9HFt1K+5tqOZBGu/t71ZNnfYCd9AtW9YWi2Gc0vPvbzXShL4IVD3JtGtmx0qJwqegEGx5Jt+jgN+hkhV7lZ8Mf5cXdzFVHHMZ22H1x3K2c9xNesl7ujLHO+w/GUg68VGdKupAtaznSZuShKWeE6bhC/k09/Pzw66e3acC9XIYZEtE3qdp1enh0GyG6F/+aZNIopLW0+SVlcaHQ5nWk02qIlXnM/NTFIMCEGCSqGSIb3DQEJFDEUHhIAYwBhAG4AZABsAGUAcABpAG4wIwYJKoZIhvcNAQkVMRYEFCOfpBaMGfFNW9pfjr4Gq/ZGP+8mMDEwITAJBgUrDgMCGgUABBQtetasMHCVuGKVgrZ03L3XC5bvJQQI32CVwjN0JugCAggA" - } - ] - } - ], - "summary": null, - "truncated": false - } -}
\ No newline at end of file diff --git a/install/ui/test/data/entitle_get.json b/install/ui/test/data/entitle_get.json deleted file mode 100644 index 2ecae3f21..000000000 --- a/install/ui/test/data/entitle_get.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "count": 2, - "result": [ - { - "certificate": "-----BEGIN CERTIFICATE-----\nMIIHVTCCBr6gAwIBAgIIAJuMxFgwNhUwDQYJKoZIhvcNAQEFBQAwRzEmMCQGA1UE\nAwwddm0tMDIyLmlkbS5sYWIuYm9zLnJlZGhhdC5jb20xCzAJBgNVBAYTAlVTMRAw\nDgYDVQQHDAdSYWxlaWdoMB4XDTExMDQwNTAwMDAwMFoXDTEyMDQwNDAwMDAwMFow\nKzEpMCcGA1UEAwwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGViN2EyNjAyMjMwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD0eal/e5ua7opJhvPdd3nr36p\n2l2t2WMDPRtyOo+h7yZOspoW+qAavd8HwBEbLNjVq56oMyB5/5saE3ubVMxyYFl6\ndvCpyOy1irxFiZAt3bl1oV3Al8xL0Tieug1SMUOkbz18zcmr/fhGe2ShU5cx9HRf\nBBx2GexCyUzdn8JiJHpSRKLBxicCmNAwlrv847v32ymJYJ/069Qetx87Xv/Qlct9\nzRMbi/4EMZ2rwabtOt8ZEYufkhdZvQgm/uPmWEMKYqvkALl97MjfkPTv9IRv8Rry\npt/GgCATxHABAVCadYcnE/QYOWwhpJjIPIBwImtUgLKSfJMmep1nHOJfyeYNAgMB\nAAGjggTgMIIE3DARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgSwMHcGA1Ud\nIwRwMG6AFIzw8TMZRe2EemNNdk/OQJydGp/goUukSTBHMSYwJAYDVQQDDB12bS0w\nMjIuaWRtLmxhYi5ib3MucmVkaGF0LmNvbTELMAkGA1UEBhMCVVMxEDAOBgNVBAcM\nB1JhbGVpZ2iCCQC0zvfl5WJ2gTAdBgNVHQ4EFgQU/z8K8+VKhseEGe81ukYTXjCZ\n6TswEwYDVR0lBAwwCgYIKwYBBQUHAwIwKgYNKwYBBAGSCAkBuIBDAQQZDBdNdWx0\naXBsaWVyIFByb2R1Y3QgQml0czAUBgsrBgEEAZIICQIBAQQFDAN5dW0wKAYMKwYB\nBAGSCAkCAQEBBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwKAYMKwYBBAGSCAkC\nAQECBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAQEFBA0M\nC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgEBBgQSDBAvZm9vL3BhdGgvYWx3YXlz\nMCYGDCsGAQQBkggJAgEBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzATBgwrBgEE\nAZIICQIBAQQEAwwBMDATBgwrBgEEAZIICQIBAQMEAwwBMDATBgwrBgEEAZIICQIB\nAQgEAwwBMTAVBgwrBgEEAZIICQIBAQkEBQwDMjAwMBQGCysGAQQBkggJAgABBAUM\nA3l1bTAnBgwrBgEEAZIICQIAAQEEFwwVbmV2ZXItZW5hYmxlZC1jb250ZW50MCcG\nDCsGAQQBkggJAgABAgQXDBVuZXZlci1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGS\nCAkCAAEFBA0MC3Rlc3QtdmVuZG9yMCEGDCsGAQQBkggJAgABBgQRDA8vZm9vL3Bh\ndGgvbmV2ZXIwJQYMKwYBBAGSCAkCAAEHBBUMEy9mb28vcGF0aC9uZXZlci9ncGcw\nEwYMKwYBBAGSCAkCAAEEBAMMATAwEwYMKwYBBAGSCAkCAAEDBAMMATAwEwYMKwYB\nBAGSCAkCAAEIBAMMATAwFQYMKwYBBAGSCAkCAAEJBAUMAzYwMDAzBgorBgEEAZII\nCQQBBCUMI011bHRpcGxpZXIgUHJvZHVjdCBDbGllbnQgUGFjayAoNTApMDAGCisG\nAQQBkggJBAIEIgwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU3YTcxNTAxMTgwKAYK\nKwYBBAGSCAkEAwQaDBhNS1QtbXVsdGlwbGllci1jbGllbnQtNTAwEQYKKwYBBAGS\nCAkEBQQDDAE1MCQGCisGAQQBkggJBAYEFgwUMjAxMS0wNC0wNVQwMDowMDowMFow\nJAYKKwYBBAGSCAkEBwQWDBQyMDEyLTA0LTA0VDAwOjAwOjAwWjASBgorBgEEAZII\nCQQMBAQMAjMwMBIGCisGAQQBkggJBAoEBAwCNDIwGwYKKwYBBAGSCAkEDQQNDAsx\nMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAEz\nMDQGCisGAQQBkggJBQEEJgwkYjc4OGNjZWUtNGIwOS00OGYwLThhOWEtMmM3Njlm\nN2I0MWUwMA0GCSqGSIb3DQEBBQUAA4GBAGc7e1w8IkyBrhwgmPNSeYnvfgMzqWRa\nZnDPJ29u/xECc95/EU51/ieFsX91SXSxC7IOSHgy62AMVLDKomkx+i82a5iNjGxE\nEDEqodQgKioSsZ9zDJsBM8kQ3TeZgPrCxB0y/uKFwZ8QgZ74/EpEPj4v6gyOcF4r\nszDCTfb8V5/f\n-----END CERTIFICATE-----\n", - "end": "2012-04-04T00:00:00Z", - "product": "Multiplier Product Client Pack (50)", - "quantity": 3, - "serial": "43783396311184917", - "start": "2011-04-05T00:00:00Z" - }, - { - "certificate": "-----BEGIN CERTIFICATE-----\nMIIHVTCCBr6gAwIBAgIIY9jsLQtqWO8wDQYJKoZIhvcNAQEFBQAwRzEmMCQGA1UE\nAwwddm0tMDIyLmlkbS5sYWIuYm9zLnJlZGhhdC5jb20xCzAJBgNVBAYTAlVTMRAw\nDgYDVQQHDAdSYWxlaWdoMB4XDTExMDQwNTAwMDAwMFoXDTEyMDQwNDAwMDAwMFow\nKzEpMCcGA1UEAwwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU4MmNjYjAyMjAwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD0eal/e5ua7opJhvPdd3nr36p\n2l2t2WMDPRtyOo+h7yZOspoW+qAavd8HwBEbLNjVq56oMyB5/5saE3ubVMxyYFl6\ndvCpyOy1irxFiZAt3bl1oV3Al8xL0Tieug1SMUOkbz18zcmr/fhGe2ShU5cx9HRf\nBBx2GexCyUzdn8JiJHpSRKLBxicCmNAwlrv847v32ymJYJ/069Qetx87Xv/Qlct9\nzRMbi/4EMZ2rwabtOt8ZEYufkhdZvQgm/uPmWEMKYqvkALl97MjfkPTv9IRv8Rry\npt/GgCATxHABAVCadYcnE/QYOWwhpJjIPIBwImtUgLKSfJMmep1nHOJfyeYNAgMB\nAAGjggTgMIIE3DARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgSwMHcGA1Ud\nIwRwMG6AFIzw8TMZRe2EemNNdk/OQJydGp/goUukSTBHMSYwJAYDVQQDDB12bS0w\nMjIuaWRtLmxhYi5ib3MucmVkaGF0LmNvbTELMAkGA1UEBhMCVVMxEDAOBgNVBAcM\nB1JhbGVpZ2iCCQC0zvfl5WJ2gTAdBgNVHQ4EFgQU/z8K8+VKhseEGe81ukYTXjCZ\n6TswEwYDVR0lBAwwCgYIKwYBBQUHAwIwKgYNKwYBBAGSCAkBuIBDAQQZDBdNdWx0\naXBsaWVyIFByb2R1Y3QgQml0czAUBgsrBgEEAZIICQIBAQQFDAN5dW0wKAYMKwYB\nBAGSCAkCAQEBBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwKAYMKwYBBAGSCAkC\nAQECBBgMFmFsd2F5cy1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGSCAkCAQEFBA0M\nC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgEBBgQSDBAvZm9vL3BhdGgvYWx3YXlz\nMCYGDCsGAQQBkggJAgEBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzATBgwrBgEE\nAZIICQIBAQQEAwwBMDATBgwrBgEEAZIICQIBAQMEAwwBMDATBgwrBgEEAZIICQIB\nAQgEAwwBMTAVBgwrBgEEAZIICQIBAQkEBQwDMjAwMBQGCysGAQQBkggJAgABBAUM\nA3l1bTAnBgwrBgEEAZIICQIAAQEEFwwVbmV2ZXItZW5hYmxlZC1jb250ZW50MCcG\nDCsGAQQBkggJAgABAgQXDBVuZXZlci1lbmFibGVkLWNvbnRlbnQwHQYMKwYBBAGS\nCAkCAAEFBA0MC3Rlc3QtdmVuZG9yMCEGDCsGAQQBkggJAgABBgQRDA8vZm9vL3Bh\ndGgvbmV2ZXIwJQYMKwYBBAGSCAkCAAEHBBUMEy9mb28vcGF0aC9uZXZlci9ncGcw\nEwYMKwYBBAGSCAkCAAEEBAMMATAwEwYMKwYBBAGSCAkCAAEDBAMMATAwEwYMKwYB\nBAGSCAkCAAEIBAMMATAwFQYMKwYBBAGSCAkCAAEJBAUMAzYwMDAzBgorBgEEAZII\nCQQBBCUMI011bHRpcGxpZXIgUHJvZHVjdCBDbGllbnQgUGFjayAoNTApMDAGCisG\nAQQBkggJBAIEIgwgOGE5MGNlOTYyZjI4ZGFiYjAxMmYyOGU3YTcxNTAxMTgwKAYK\nKwYBBAGSCAkEAwQaDBhNS1QtbXVsdGlwbGllci1jbGllbnQtNTAwEQYKKwYBBAGS\nCAkEBQQDDAE1MCQGCisGAQQBkggJBAYEFgwUMjAxMS0wNC0wNVQwMDowMDowMFow\nJAYKKwYBBAGSCAkEBwQWDBQyMDEyLTA0LTA0VDAwOjAwOjAwWjASBgorBgEEAZII\nCQQMBAQMAjMwMBIGCisGAQQBkggJBAoEBAwCNDIwGwYKKwYBBAGSCAkEDQQNDAsx\nMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAEx\nMDQGCisGAQQBkggJBQEEJgwkYjc4OGNjZWUtNGIwOS00OGYwLThhOWEtMmM3Njlm\nN2I0MWUwMA0GCSqGSIb3DQEBBQUAA4GBAEigZmqXPj9m1oq+ZCDrW6xTvs7AGqz9\n6MQRSK6mmFt9XRG/2cs24JnJLPxwP8Eo+w051RkyijfLEzOaXACswPFvhmxnlJxT\n9QnVGYO2bmPhcDi+OwwQPvDNqG5K97vBOMctEKxIJWVC83ZkKRyjHDlRnZkfE3Xn\nbAGuhPD96lbg\n-----END CERTIFICATE-----\n", - "end": "2012-04-04T00:00:00Z", - "product": "Multiplier Product Client Pack (50)", - "quantity": 1, - "serial": "7194760082933569775", - "start": "2011-04-05T00:00:00Z" - } - ], - "summary": null, - "truncated": false - } -}
\ No newline at end of file diff --git a/install/ui/test/data/entitle_import.json b/install/ui/test/data/entitle_import.json deleted file mode 100644 index f6dc905b3..000000000 --- a/install/ui/test/data/entitle_import.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "error": null, - "id": null, - "result": { - "result": { - "consumed": 1, - "product": "Multiplier Product Client Pack (50)", - "quantity": 1, - "uuid": "IMPORTED" - } - } -} diff --git a/install/ui/test/data/entitle_register.json b/install/ui/test/data/entitle_register.json deleted file mode 100644 index c66124738..000000000 --- a/install/ui/test/data/entitle_register.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "result": { - "dn": "ipaentitlementid=cf9d9755-7445-438c-a40c-23b1c60e1f9b,cn=entitlements,cn=etc,dc=example,dc=com", - "ipaentitlementid": [ - "cf9d9755-7445-438c-a40c-23b1c60e1f9b" - ], - "ipauniqueid": [ - "50afc3cc-649c-11e0-ab97-00163e2fe6de" - ], - "objectclass": [ - "ipaobject", - "ipaentitlement" - ], - "userpkcs12": [ - { - "__base64__": "MIIKBAIBAzCCCcoGCSqGSIb3DQEHAaCCCbsEggm3MIIJszCCBEcGCSqGSIb3DQEHBqCCBDgwggQ0AgEAMIIELQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIxnjz6Zlw3KwCAggAgIIEABj2ncaXXZKd82QKa6p1SAKmIoSY3/Nw8y7RPCtOJdTbcSimEjWXEvcL7V9Y5pa7dn9P8T6bnKzTreA39d4gBpsQtPDknwuTyrcZc1XaMdwtOh2nLMvMLye/fhD5XP0jgospdzg9vf/drq7IHG2e8hK735PesmFj4Jx01oGyS7SzuEQ8Mf44l35pOdGhjBvnZTTaLdtQFR1Atu1EyX7+KHz6ZRkuv8+aVXTuV/EkFm18FW5LgoetYnHb4YvgukFQE1ZDxBebyUvB5MIVuJnBn4kPkHfNg32+sQpFwQoB6RAro9Kwkb25I+x8XTv7BTMwfGEr7e2LRlhsWmm5oQz24XCUpeSJb4LNmBuiqb+gBCpAiG++uZczrWHvdolBQY4igX2/1fd/PMK6NUFJbzL8dikyIHxZyo8gSb01wMk1Bq9uVM+R7fzyBUtqitz7+rXp8hc/BbamVvyfVeG31KR59WJDxbVtgLQmuDxJWBsG86YWoujV/1iheMiknLfI4prKcbtaGuJCvD9ZdiBooUBWi6l9zt2paoH+8zQPu/BPmOYt5onv+LeXBy//awEw78VXmA27kc9TTsQpIZu9busMWBaL0735fCjIoQIQhumwcuRwiWi/9QRgE/+uYbnBu+PtBV2nC+6AjPDbpebZqPQ2hDZeQ5YleSd5wSkSWtbLkAyouFi9uhnKAXyIpH+lJzVqOPrntOTljCFVNrvdxH6AjVUVfP+VIZALM+7H2TBoUtylauWe39GHShWxXlithLDE/Ssv8uwHdoRoOHjcFMlSjuWzgFDGM7MFWv/W9uQkGUax7wtZVzOpAWoaFEEFXnvFKqgESxA7ij/FVkFvWyx2uW3ERTkW0UZZ4l247x99RolhxLKD287gyjFxmOiIYIe380dERQQF3P18LFmJaLCTEdrx3ZHmYDtj8UzT8B3SkBLFz4ERnE19snixqxGoxHBN3ZvWVm+f2IxSALcl+dUANG/1PCWmWYXeEallMnQyITi4r2amx1Du4kFVzltTgB1kd5r7iFNO163XJ45dIdmJAeg23AnX6N1ldavTnGuOZ98hpj93mHadXDZFNUkBAN4sSSZx57qvev/Cn5k6YLq1u0X+jHfx+ADRyQwB8dWPYzmwdCsZp2Qmpd7KBAXcUY6BIQpMLK3uaDfH6PcBsphX/ECRtFqwrZ1gnAXsf/iv2mykH4mSWiEkMnO1RmAHxkfqquU7ZqSxVeEYSQT81OU/RlKD/hHOW7QMKkbtRVVhHSL/aEjfjiKzugk+ce3si4DvhOyWmAwOysb43baI8m0aWMLTFv7HRnjdnkFOWRoZ2KI7JBNNp10Py5xkOF5UKhYLavGxCk0bDjXID5wWrgtUboswggVkBgkqhkiG9w0BBwGgggVVBIIFUTCCBU0wggVJBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIXn9I2KvCFUICAggABIIEyOr5+72qJs/f+xsFXBpOSYJU6JWdrvHMFdln7gW+haXjTA3a3KH9u3WeBddeYV+c9KCQIqbRh+pTGH0Zj6jKLr3uYR5nbQxOarysiTRfPuZVbJMrloHjAsCvIatXH8Ghvuscasv922TCaZy7EqZZKttX/XhUYSp5cY26tUnb3M+v2HYcMh2Y0MaOKwAZGaWRswRSogjWO4PijLL3ZHN9RKiLFsM8uPFEMM1T5j0v1gzu/pIAjmuCUJqW3/4pxQdWqxRHvbpsrYenObrvAbLG6jb61kpl3NqtG3wprnS090wihmVatqFfbx5EiECi9SmUN0IkygluqTAnQ69ZJOatEFm7vwXGcv/dkJtj/YzGjg+MLtbDQ7sNwKqekhOaaaDyjrgiBftAHvtPuLNKgEQlC/9FC9OxFRotFdHp1hpd0vVJqixCCYuieWDQNplG10uTl5xcoI1XxO1tDH8ar8qp0lUQFsjnuHPwW4Keo/9xVE4WOESxmxRTX4tHQn2NUYZCNv9mnXNfYENV2xVIEd6r6QuSrSo2tfYsaz5L1pH2TV4QMMpm4DyN0tuLFCE7EDEZJK4j3l3Ezlzuj31uTTIFZ9KVy/2e9GvxeTkUMASzWskwgQxbRejrtKjye/DJhiTbmrV/WIGLjzs0srPBZm5QD0pCLxRbLmC1KK5S7zn/2c4XW1d+Hu+vnOJhcvXv84kpobCefZNOvhcMsgMn3QmXDxRT0NhSajsxihtm8+r+MVL3KsmTwEN8OxFzDGDW4kHfM94a7+zpvAPWfSxLygpZa6jqjIRAGJKzWGtTmzsZYCtM+setghjTTrOoT7jcJSI8Tha35R16sIuG7+QQszdrj+VUzjG8qKjby+YhWP7syDWMsoV8J4K5kNsjs4B9cGg+pP/lajNGDB1ZGSW0JCqgq5dLUBFURXPXDTkdOqmOm2/kK3XZnmspt5mm/ofCvlmsncXEBr8DBgEC+G3UU6D1woCGt7oQ5xkyprIZIiztSN3HDLLyyeH1XgQxYBR5rZa+sWJR/DEReFvbwkf5qICRUloFNDA1+XVhKLnb9hQwvlbVkwE6dW2zOmExc7Pj63YQZsAsbDJSMn5S4nJ9od30VDiBYgs0F+nUejMe8YpOHnMgIMa2CN3U9zqSDGukVnS15zUH9f7HVFtsGgJFijsUmeUneiSRc/Toocgfzmedwog7vCdZSJt1LifA2FJkHQqxbXCcQqRyihgPrJ4cNxMdD/M23HXekRZaQ6pByu00AalWZgAyNyMRFKCmbfgNAG7011ezQGf8ubwines7u/4+1aH7FvkXam6Mq421klH5MMz07eH7vvDk9kt7ydjbtGiNUOHy9BFQyX845kwzfuS7lHgcIhXtEV4Rz16TaGwpXDqaxkESh1SlsTE5K7vl6RZlRv3b4Ero77Qc8+cEOteRGGq601leLP8nFAE42e36jXRGA0rNtDeE0mzhWsfPa2oZXbhUsa/UwSO4y3E/v/wTnWujzjIx56DHa+PeL0n/3iIb2W3YM1UcISKeHR/W1pAl7P7bEXwU840QrVuuPRDXoO5WRV4YGesWkk1Y0s8CwveyPKkPk5EMGOYenT5Hl2iobwPQ0nB2grB2Xf7Mz+PxN80IrZ7EpKkkJDFIMCEGCSqGSIb3DQEJFDEUHhIAYwBhAG4AZABsAGUAcABpAG4wIwYJKoZIhvcNAQkVMRYEFCSRjVYZWlcYO2q3RujbLY3xz3w9MDEwITAJBgUrDgMCGgUABBRTgMXTmP9+Z+fIVhw4Etyj7dd6zgQI8DqMKrvKUjcCAggA" - } - ] - }, - "summary": "Registered to entitlement server.", - "value": "" - } -}
\ No newline at end of file diff --git a/install/ui/test/data/entitle_status_offline.json b/install/ui/test/data/entitle_status_offline.json deleted file mode 100644 index 44fe79e14..000000000 --- a/install/ui/test/data/entitle_status_offline.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "result": { - "consumed": 2, - "product": "MKT-multiplier-client-50", - "quantity": 250, - "uuid": "IMPORTED" - } - } -} diff --git a/install/ui/test/data/entitle_status_online.json b/install/ui/test/data/entitle_status_online.json deleted file mode 100644 index 1cfdfe647..000000000 --- a/install/ui/test/data/entitle_status_online.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "error": null, - "id": 0, - "result": { - "result": { - "consumed": 2, - "product": "MKT-multiplier-client-50", - "quantity": 250, - "uuid": "a3865364-33cc-4ce3-b000-0f08498cc085" - } - } -} diff --git a/install/ui/test/data/entitle_status_unregistered.json b/install/ui/test/data/entitle_status_unregistered.json deleted file mode 100644 index 8a691ada2..000000000 --- a/install/ui/test/data/entitle_status_unregistered.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "error": { - "code": 4306, - "message": "Not registered yet", - "name": { - "__base64__": "Tm90UmVnaXN0ZXJlZEVycm9y" - } - }, - "id": 0, - "result": null -} diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 122dd17fb..b484cad1c 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -275,27 +275,6 @@ "add_permission": "Add Permission", "remove_permission": "Remove Permission" }, - "entitle": { - "account": "Account", - "certificate": "Certificate", - "certificates": "Certificates", - "consume": "Consume", - "consume_entitlement": "Consume Entitlement", - "consumed": "Consumed", - "download": "Download", - "download_certificate": "Download Certificate", - "end": "End", - "import_button": "Import", - "import_certificate": "Import Certificate", - "import_message": "Enter the Base64-encoded entitlement certificate below:", - "loading": "Loading...", - "no_certificate": "No Certificate.", - "product": "Product", - "register": "Register", - "registration": "Registration", - "start": "Start", - "status": "Status" - }, "group": { "details": "Group Settings", "external": "External", @@ -723,7 +702,6 @@ "container_automount": "cn=automount", "container_configs": "cn=configs,cn=policies", "container_dns": "cn=dns", - "container_entitlements": "cn=entitlements,cn=etc", "container_group": "cn=groups,cn=accounts", "container_hbac": "cn=hbac", "container_hbacservice": "cn=hbacservices,cn=hbac", diff --git a/install/ui/test/data/ipa_init_commands.json b/install/ui/test/data/ipa_init_commands.json index b66ae4dd1..f83059bcd 100644 --- a/install/ui/test/data/ipa_init_commands.json +++ b/install/ui/test/data/ipa_init_commands.json @@ -8448,221 +8448,6 @@ } ] }, - "entitle_consume": { - "takes_args": [ - { - "class": "Int", - "doc": "Quantity", - "flags": [], - "label": "Quantity", - "maxvalue": 2147483647, - "minvalue": 1, - "name": "quantity", - "required": true, - "type": "int" - } - ], - "takes_options": [ - { - "class": "Int", - "default": 1, - "doc": "Quantity", - "flags": [ - "no_option", - "no_output" - ], - "label": "Quantity", - "maxvalue": 2147483647, - "minvalue": 1, - "name": "hidden", - "required": true, - "type": "int" - }, - { - "name": "all" - }, - { - "name": "raw" - }, - { - "name": "version" - } - ] - }, - "entitle_find": { - "takes_args": [], - "takes_options": [ - { - "class": "Int", - "doc": "Time limit of search in seconds", - "flags": [ - "no_display" - ], - "label": "Time Limit", - "maxvalue": 2147483647, - "minvalue": 0, - "name": "timelimit", - "type": "int" - }, - { - "class": "Int", - "doc": "Maximum number of entries returned", - "flags": [ - "no_display" - ], - "label": "Size Limit", - "maxvalue": 2147483647, - "minvalue": 0, - "name": "sizelimit", - "type": "int" - }, - { - "name": "all" - }, - { - "name": "raw" - }, - { - "name": "version" - } - ] - }, - "entitle_get": { - "name": "entitle_get", - "takes_args": [], - "takes_options": [ - { - "name": "all" - }, - { - "name": "raw" - }, - { - "name": "version" - } - ] - }, - "entitle_import": { - "takes_args": [ - { - "class": "File", - "doc": "<usercertificate>", - "flags": [], - "label": "<usercertificate>", - "multivalue": true, - "name": "usercertificate", - "type": "unicode" - } - ], - "takes_options": [ - { - "name": "setattr" - }, - { - "name": "addattr" - }, - { - "class": "Str", - "default": "IMPORTED", - "doc": "Enrollment UUID", - "flags": [ - "no_update", - "no_create" - ], - "label": "UUID", - "name": "uuid", - "noextrawhitespace": true, - "type": "unicode" - } - ] - }, - "entitle_register": { - "takes_args": [ - { - "class": "Str", - "doc": "Username", - "flags": [], - "label": "Username", - "name": "username", - "noextrawhitespace": true, - "required": true, - "type": "unicode" - } - ], - "takes_options": [ - { - "name": "setattr" - }, - { - "name": "addattr" - }, - { - "class": "Str", - "doc": "Enrollment UUID (not implemented)", - "flags": [ - "no_update", - "no_create" - ], - "label": "UUID", - "name": "ipaentitlementid", - "noextrawhitespace": true, - "type": "unicode" - }, - { - "class": "Password", - "doc": "Registration password", - "flags": [], - "label": "Password", - "name": "password", - "noextrawhitespace": true, - "required": true, - "type": "unicode" - }, - { - "name": "all" - }, - { - "name": "raw" - }, - { - "name": "version" - } - ] - }, - "entitle_status": { - "name": "entitle_status", - "takes_args": [], - "takes_options": [] - }, - "entitle_sync": { - "takes_args": [], - "takes_options": [ - { - "class": "Int", - "default": 1, - "doc": "Quantity", - "flags": [ - "no_option", - "no_output" - ], - "label": "Quantity", - "maxvalue": 2147483647, - "minvalue": 1, - "name": "hidden", - "required": true, - "type": "int" - }, - { - "name": "all" - }, - { - "name": "raw" - }, - { - "name": "version" - } - ] - }, "env": { "name": "env", "takes_args": [ diff --git a/install/ui/test/data/ipa_init_methods.json b/install/ui/test/data/ipa_init_methods.json index 3564a87b3..948c3a578 100644 --- a/install/ui/test/data/ipa_init_methods.json +++ b/install/ui/test/data/ipa_init_methods.json @@ -3696,473 +3696,6 @@ } ] }, - "entitle_consume": { - "takes_args": [ - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Int", - "cli_name": "quantity", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Quantity", - "exclude": null, - "flags": [], - "hint": null, - "include": null, - "label": "Quantity", - "maxvalue": 2147483647, - "minvalue": 1, - "multivalue": false, - "name": "quantity", - "primary_key": false, - "query": false, - "required": true, - "sortorder": 2, - "type": "int" - } - ], - "takes_options": [ - { - "alwaysask": false, - "attribute": false, - "autofill": true, - "class": "Int", - "cli_name": "hidden", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": 1, - "doc": "Quantity", - "exclude": null, - "flags": [ - "no_option", - "no_output" - ], - "hint": null, - "include": null, - "label": "Quantity", - "maxvalue": 2147483647, - "minvalue": 1, - "multivalue": false, - "name": "hidden", - "primary_key": false, - "query": false, - "required": true, - "sortorder": 2, - "type": "int" - } - ] - }, - "entitle_find": { - "takes_options": [ - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Int", - "cli_name": "timelimit", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Time limit of search in seconds", - "exclude": null, - "flags": [ - "no_display" - ], - "hint": null, - "include": null, - "label": "Time Limit", - "maxvalue": 2147483647, - "minvalue": 0, - "multivalue": false, - "name": "timelimit", - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "int" - }, - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Int", - "cli_name": "sizelimit", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Maximum number of entries returned", - "exclude": null, - "flags": [ - "no_display" - ], - "hint": null, - "include": null, - "label": "Size Limit", - "maxvalue": 2147483647, - "minvalue": 0, - "multivalue": false, - "name": "sizelimit", - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "int" - } - ] - }, - "entitle_import": { - "takes_args": [ - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "File", - "cli_name": "certificate_file", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "<usercertificate>", - "exclude": null, - "flags": [], - "hint": null, - "include": null, - "label": "<usercertificate>", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": true, - "name": "usercertificate", - "noextrawhitespace": false, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "stdin_if_missing": false, - "type": "unicode" - } - ], - "takes_options": [ - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Str", - "cli_name": "setattr", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.", - "exclude": [ - "webui" - ], - "flags": [], - "hint": null, - "include": null, - "label": "<setattr>", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": true, - "name": "setattr", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "unicode" - }, - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Str", - "cli_name": "addattr", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.", - "exclude": [ - "webui" - ], - "flags": [], - "hint": null, - "include": null, - "label": "<addattr>", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": true, - "name": "addattr", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "unicode" - }, - { - "alwaysask": false, - "attribute": false, - "autofill": true, - "class": "Str", - "cli_name": "uuid", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": "IMPORTED", - "doc": "Enrollment UUID", - "exclude": null, - "flags": [ - "no_update", - "no_create" - ], - "hint": null, - "include": null, - "label": "UUID", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": false, - "name": "uuid", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "unicode" - } - ] - }, - "entitle_register": { - "takes_args": [ - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Str", - "cli_name": "username", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Username", - "exclude": null, - "flags": [], - "hint": null, - "include": null, - "label": "Username", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": false, - "name": "username", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": true, - "sortorder": 2, - "type": "unicode" - } - ], - "takes_options": [ - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Str", - "cli_name": "setattr", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.", - "exclude": [ - "webui" - ], - "flags": [], - "hint": null, - "include": null, - "label": "<setattr>", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": true, - "name": "setattr", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "unicode" - }, - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Str", - "cli_name": "addattr", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.", - "exclude": [ - "webui" - ], - "flags": [], - "hint": null, - "include": null, - "label": "<addattr>", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": true, - "name": "addattr", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "unicode" - }, - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Str", - "cli_name": "ipaentitlementid", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Enrollment UUID (not implemented)", - "exclude": null, - "flags": [ - "no_update", - "no_create" - ], - "hint": null, - "include": null, - "label": "UUID", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": false, - "name": "ipaentitlementid", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": false, - "sortorder": 2, - "type": "unicode" - }, - { - "alwaysask": false, - "attribute": false, - "autofill": false, - "class": "Password", - "cli_name": "password", - "cli_short_name": null, - "confirm": false, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": null, - "doc": "Registration password", - "exclude": null, - "flags": [], - "hint": null, - "include": null, - "label": "Password", - "length": null, - "maxlength": null, - "minlength": null, - "multivalue": false, - "name": "password", - "noextrawhitespace": true, - "pattern": null, - "pattern_errmsg": null, - "primary_key": false, - "query": false, - "required": true, - "sortorder": 2, - "type": "unicode" - } - ] - }, - "entitle_sync": { - "takes_args": [], - "takes_options": [ - { - "alwaysask": false, - "attribute": false, - "autofill": true, - "class": "Int", - "cli_name": "hidden", - "cli_short_name": null, - "csv": false, - "csv_separator": ",", - "csv_skipspace": true, - "default": 1, - "doc": "Quantity", - "exclude": null, - "flags": [ - "no_option", - "no_output" - ], - "hint": null, - "include": null, - "label": "Quantity", - "maxvalue": 2147483647, - "minvalue": 1, - "multivalue": false, - "name": "hidden", - "primary_key": false, - "query": false, - "required": true, - "sortorder": 2, - "type": "int" - } - ] - }, "group_add": { "takes_args": [], "takes_options": [ @@ -11174,4 +10707,4 @@ }, "objects": {} } -}
\ No newline at end of file +} diff --git a/install/ui/test/data/ipa_init_objects.json b/install/ui/test/data/ipa_init_objects.json index 12f7ebfd6..5d1fd65aa 100644 --- a/install/ui/test/data/ipa_init_objects.json +++ b/install/ui/test/data/ipa_init_objects.json @@ -848,7 +848,6 @@ "ipadefaultloginshell", "ipadefaultprimarygroup", "ipaenabledflag", - "ipaentitlementid", "ipaexternalmember", "ipagroupobjectclasses", "ipagroupsearchfields", @@ -4056,67 +4055,6 @@ ], "uuid_attribute": "" }, - "entitle": { - "aciattrs": [ - "ipaentitlementid", - "ipauniqueid", - "usercertificate", - "userpkcs12" - ], - "attribute_members": {}, - "bindable": false, - "container_dn": "cn=entitlements,cn=etc", - "default_attributes": [ - "ipaentitlement" - ], - "hidden_attributes": [ - "objectclass", - "aci" - ], - "label": "Entitlements", - "label_singular": "Entitlement", - "methods": [ - "consume", - "find", - "import", - "register", - "sync" - ], - "name": "entitle", - "object_class": [ - "ipaobject", - "ipaentitlement" - ], - "object_class_config": null, - "object_name": "entitlement", - "object_name_plural": "entitlements", - "parent_object": "", - "rdn_attribute": "", - "relationships": { - "member": [ - "Member", - "", - "no_" - ], - "memberindirect": [ - "Indirect Member", - null, - "no_indirect_" - ], - "memberof": [ - "Member Of", - "in_", - "not_in_" - ], - "memberofindirect": [ - "Indirect Member Of", - null, - "not_in_indirect_" - ] - }, - "takes_params": [], - "uuid_attribute": "ipaentitlementid" - }, "group": { "aciattrs": [ "businesscategory", diff --git a/install/ui/test/data/json_metadata.json b/install/ui/test/data/json_metadata.json index f87ab114c..a3febc1ff 100644 --- a/install/ui/test/data/json_metadata.json +++ b/install/ui/test/data/json_metadata.json @@ -3034,7 +3034,6 @@ "ipadefaultloginshell", "ipadefaultprimarygroup", "ipaenabledflag", - "ipaentitlementid", "ipagroupobjectclasses", "ipagroupsearchfields", "ipahomesrootdir", diff --git a/install/ui/test/data/privilege_find.json b/install/ui/test/data/privilege_find.json index c4d4d1ab4..1b9bb4479 100644 --- a/install/ui/test/data/privilege_find.json +++ b/install/ui/test/data/privilege_find.json @@ -175,20 +175,6 @@ }, { "cn": [ - "entitlementadmin" - ], - "description": [ - "Entitlement Administrators" - ], - "dn": "cn=entitlementadmin,cn=privileges,cn=accounts,dc=example,dc=com", - "memberof_permission": [ - "addentitlements", - "removeentitlements", - "modifyentitlements" - ] - }, - { - "cn": [ "dnsadmin" ], "description": [ @@ -212,4 +198,4 @@ "summary": "14 privileges matched", "truncated": false } -}
\ No newline at end of file +} diff --git a/install/ui/test/data/privilege_find_pkeys.json b/install/ui/test/data/privilege_find_pkeys.json index e8bad4b40..1b8460458 100644 --- a/install/ui/test/data/privilege_find_pkeys.json +++ b/install/ui/test/data/privilege_find_pkeys.json @@ -72,12 +72,6 @@ }, { "cn": [ - "entitlementadmin" - ], - "dn": "cn=entitlementadmin,cn=privileges,cn=accounts,dc=example,dc=com" - }, - { - "cn": [ "dnsadmin" ], "dn": "cn=dnsadmin,cn=privileges,cn=accounts,dc=example,dc=com" @@ -92,4 +86,4 @@ "summary": "14 privileges matched", "truncated": false } -}
\ No newline at end of file +} diff --git a/install/ui/test/data/privilege_get_records.json b/install/ui/test/data/privilege_get_records.json index e821d1b99..66ab1d06e 100644 --- a/install/ui/test/data/privilege_get_records.json +++ b/install/ui/test/data/privilege_get_records.json @@ -232,25 +232,6 @@ "error": null, "result": { "cn": [ - "entitlementadmin" - ], - "description": [ - "Entitlement Administrators" - ], - "dn": "cn=entitlementadmin,cn=privileges,cn=accounts,dc=example,dc=com", - "memberof_permission": [ - "addentitlements", - "removeentitlements", - "modifyentitlements" - ] - }, - "summary": null, - "value": "entitlementadmin" - }, - { - "error": null, - "result": { - "cn": [ "dnsadmin" ], "description": [ @@ -280,4 +261,4 @@ } ] } -}
\ No newline at end of file +} diff --git a/ipa-client/man/default.conf.5 b/ipa-client/man/default.conf.5 index 39af41fbf..9e87bb7c8 100644 --- a/ipa-client/man/default.conf.5 +++ b/ipa-client/man/default.conf.5 @@ -187,7 +187,6 @@ The following define the containers for the IPA server. Containers define where container_automount: cn=automount container_configs: cn=configs,cn=policies container_dns: cn=dns - container_entitlements: cn=entitlements,cn=etc container_group: cn=groups,cn=accounts container_hbac: cn=hbac container_hbacservice: cn=hbacservices,cn=hbac diff --git a/ipa-compliance.cron b/ipa-compliance.cron deleted file mode 100644 index 662f560a7..000000000 --- a/ipa-compliance.cron +++ /dev/null @@ -1,5 +0,0 @@ -SHELL=/bin/bash -PATH=/sbin:/bin:/usr/sbin:/usr/bin -MAILTO=root -HOME=/ -0 0-23/4 * * * root /usr/sbin/ipa-compliance diff --git a/ipalib/constants.py b/ipalib/constants.py index de0845789..79885a33a 100644 --- a/ipalib/constants.py +++ b/ipalib/constants.py @@ -98,7 +98,6 @@ DEFAULT_CONFIG = ( ('container_sudorule', DN(('cn', 'sudorules'), ('cn', 'sudo'))), ('container_sudocmd', DN(('cn', 'sudocmds'), ('cn', 'sudo'))), ('container_sudocmdgroup', DN(('cn', 'sudocmdgroups'), ('cn', 'sudo'))), - ('container_entitlements', DN(('cn', 'entitlements'), ('cn', 'etc'))), ('container_automember', DN(('cn', 'automember'), ('cn', 'etc'))), ('container_selinux', DN(('cn', 'usermap'), ('cn', 'selinux'))), ('container_s4u2proxy', DN(('cn', 's4u2proxy'), ('cn', 'etc'))), diff --git a/ipalib/plugins/entitle.py b/ipalib/plugins/entitle.py deleted file mode 100644 index 05779a9fb..000000000 --- a/ipalib/plugins/entitle.py +++ /dev/null @@ -1,750 +0,0 @@ -# Authors: -# Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2010 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -from ipalib import api, SkipPluginModule -try: - from rhsm.connection import * - from rhsm.certificate import EntitlementCertificate - import M2Crypto - if api.env.in_server and api.env.context in ['lite', 'server']: - from ipaserver.install.certs import NSS_DIR -except ImportError, e: - if not api.env.validate_api: - raise SkipPluginModule(reason=str(e)) - -import os -from ipalib import api, errors -from ipalib import Flag, Int, Str, Password, File -from ipalib.plugins.baseldap import * -from ipalib.plugins.virtual import * -from ipalib import _, ngettext -from ipalib.output import Output, standard_list_of_entries -from ipalib.request import context -from ipapython import ipautil -import tempfile -import shutil -import socket -import base64 -from OpenSSL import crypto -from ipapython.ipautil import run -from ipalib.request import context -from ipalib.plugins.service import validate_certificate -from ipalib import x509 - -import locale - -__doc__ = _(""" -Entitlements - -Manage entitlements for client machines - -Entitlements can be managed either by registering with an entitlement -server with a username and password or by manually importing entitlement -certificates. An entitlement certificate contains embedded information -such as the product being entitled, the quantity and the validity dates. - -An entitlement server manages the number of client entitlements available. -To mark these entitlements as used by the IPA server you provide a quantity -and they are marked as consumed on the entitlement server. - - Register with an entitlement server: - ipa entitle-register consumer - - Import an entitlement certificate: - ipa entitle-import /home/user/ipaclient.pem - - Display current entitlements: - ipa entitle-status - - Retrieve details on entitlement certificates: - ipa entitle-get - - Consume some entitlements from the entitlement server: - ipa entitle-consume 50 - -The registration ID is a Unique Identifier (UUID). This ID will be -IMPORTED if you have used entitle-import. - -Changes to /etc/rhsm/rhsm.conf require a restart of the httpd service. -""") - -def read_file(filename): - fp = open(filename, 'r') - data = fp.readlines() - fp.close() - data = ''.join(data) - return data - -def write_file(filename, pem): - cert_file = open(filename, 'w') - cert_file.write(pem) - cert_file.close() - -def read_pkcs12_pin(): - pwdfile = '%s/pwdfile.txt' % NSS_DIR - fp = open(pwdfile, 'r') - pwd = fp.read() - fp.close() - return pwd - -def get_pool(ldap): - """ - Get our entitlement pool. Assume there is only one pool. - """ - db = None - try: - (db, uuid, certfile, keyfile) = get_uuid(ldap) - if db is None: - # db is None means manual registration - return (None, uuid) - - cp = UEPConnection(handler='/candlepin', cert_file=certfile, key_file=keyfile) - - pools = cp.getPoolsList(uuid) - poolid = pools[0]['id'] - - pool = cp.getPool(poolid) - finally: - if db: - shutil.rmtree(db, ignore_errors=True) - - return (pool, uuid) - -def get_uuid(ldap): - """ - Retrieve our UUID, certificate and key from LDAP. - - Except on error the caller is responsible for removing temporary files - """ - db = None - try: - db = tempfile.mkdtemp(prefix = "tmp-") - registrations = api.Command['entitle_find'](all=True) - if registrations['count'] == 0: - shutil.rmtree(db, ignore_errors=True) - raise errors.NotRegisteredError() - result = registrations['result'][0] - uuid = str(result['ipaentitlementid'][0]) - - entry_attrs = dict(ipaentitlementid=uuid) - dn = ldap.make_dn( - entry_attrs, 'ipaentitlementid', - DN(api.env.container_entitlements, api.env.basedn) - ) - if not ldap.can_read(dn, 'userpkcs12'): - raise errors.ACIError( - info=_('not allowed to perform this command')) - - if not 'userpkcs12' in result: - return (None, uuid, None, None) - data = result['userpkcs12'][0] - pkcs12 = crypto.load_pkcs12(data, read_pkcs12_pin()) - cert = pkcs12.get_certificate() - key = pkcs12.get_privatekey() - write_file(db + '/cert.pem', - crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) - write_file(db + '/key.pem', - crypto.dump_privatekey(crypto.FILETYPE_PEM, key)) - except Exception, e: - if db is not None: - shutil.rmtree(db, ignore_errors=True) - raise e - - return (db, uuid, db + '/cert.pem', db + '/key.pem') - -output_params = ( - Str('ipaentitlementid?', - label='UUID', - ), - Str('usercertificate', - label=_('Certificate'), - ), -) - -class entitle(LDAPObject): - """ - Entitlement object - """ - container_dn = api.env.container_entitlements - object_name = _('entitlement') - object_name_plural = _('entitlements') - object_class = ['ipaobject', 'ipaentitlement'] - search_attributes = ['usercertificate'] - default_attributes = ['ipaentitlement'] - uuid_attribute = 'ipaentitlementid' - - label = _('Entitlements') - label_singular = _('Entitlement') - - """ - def get_dn(self, *keys, **kwargs): - try: - (dn, entry_attrs) = self.backend.find_entry_by_attr( - self.primary_key.name, keys[-1], self.object_class, [''], - DN(self.container_dn, api.env.basedn) - ) - except errors.NotFound: - dn = super(entitle, self).get_dn(*keys, **kwargs) - return dn - """ - -api.register(entitle) - -class entitle_status(VirtualCommand): - __doc__ = _('Display current entitlements.') - - operation="show entitlement" - - has_output_params = ( - Str('uuid', - label=_('UUID'), - ), - Str('product', - label=_('Product'), - ), - Int('quantity', - label=_('Quantity'), - ), - Int('consumed', - label=_('Consumed'), - ), - ) - - has_output = ( - Output('result', - type=dict, - doc=_('Dictionary mapping variable name to value'), - ), - ) - - def execute(self, *keys, **kw): - ldap = self.api.Backend.ldap2 - - os.environ['LANG'] = 'en_US' - locale.setlocale(locale.LC_ALL, '') - - (pool, uuid) = get_pool(ldap) - - if pool is None: - # This assumes there is only 1 product - quantity = 0 - product = '' - registrations = api.Command['entitle_find'](all=True)['result'][0] - if u'usercertificate' in registrations: - certs = registrations['usercertificate'] - for cert in certs: - cert = x509.make_pem(base64.b64encode(cert)) - try: - pc = EntitlementCertificate(cert) - o = pc.getOrder() - if o.getQuantityUsed(): - quantity = quantity + int(o.getQuantityUsed()) - product = o.getName() - except M2Crypto.X509.X509Error, e: - self.error('Invalid entitlement certificate, skipping.') - pool = dict(productId=product, quantity=quantity, - consumed=quantity, uuid=unicode(uuid)) - - result={'product': unicode(pool['productId']), - 'quantity': pool['quantity'], - 'consumed': pool['consumed'], - 'uuid': unicode(uuid), - } - - return dict( - result=result - ) - -api.register(entitle_status) - - -class entitle_consume(LDAPUpdate): - __doc__ = _('Consume an entitlement.') - - operation="consume entitlement" - - msg_summary = _('Consumed %(value)s entitlement(s).') - - takes_args = ( - Int('quantity', - label=_('Quantity'), - minvalue=1, - ), - ) - - # We don't want rights or add/setattr - takes_options = ( - # LDAPUpdate requires at least one option so autofill one - # This isn't otherwise used. - Int('hidden', - label=_('Quantity'), - minvalue=1, - autofill=True, - default=1, - flags=['no_option', 'no_output'] - ), - ) - - has_output_params = output_params + ( - Str('product', - label=_('Product'), - ), - Int('consumed', - label=_('Consumed'), - ), - ) - - def execute(self, *keys, **options): - """ - Override this so we can set value to the number of entitlements - consumed. - """ - result = super(entitle_consume, self).execute(*keys, **options) - result['value'] = unicode(keys[-1]) - return result - - def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): - assert isinstance(dn, DN) - quantity = keys[-1] - - os.environ['LANG'] = 'en_US' - locale.setlocale(locale.LC_ALL, '') - - (db, uuid, certfile, keyfile) = get_uuid(ldap) - entry_attrs['ipaentitlementid'] = uuid - dn = ldap.make_dn( - entry_attrs, self.obj.uuid_attribute, - DN(self.obj.container_dn, api.env.basedn) - ) - if db is None: - raise errors.NotRegisteredError() - try: - (pool, uuid) = get_pool(ldap) - - result=api.Command['entitle_status']()['result'] - available = result['quantity'] - result['consumed'] - - if quantity > available: - raise errors.ValidationError( - name='quantity', - error=_('There are only %d entitlements left') % available) - - try: - cp = UEPConnection(handler='/candlepin', cert_file=certfile, key_file=keyfile) - cp.bindByEntitlementPool(uuid, pool['id'], quantity=quantity) - except RestlibException, e: - raise errors.ACIError(info=e.msg) - results = cp.getCertificates(uuid) - usercertificate = [] - for cert in results: - usercertificate.append(x509.normalize_certificate(cert['cert'])) - entry_attrs['usercertificate'] = usercertificate - entry_attrs['ipaentitlementid'] = uuid - finally: - if db: - shutil.rmtree(db, ignore_errors=True) - - return dn - - def post_callback(self, ldap, dn, entry_attrs, *keys, **options): - """ - Returning the certificates isn't very interesting. Return the - status of entitlements instead. - """ - assert isinstance(dn, DN) - if 'usercertificate' in entry_attrs: - del entry_attrs['usercertificate'] - if 'userpkcs12' in entry_attrs: - del entry_attrs['userpkcs12'] - result = api.Command['entitle_status']() - for attr in result['result']: - entry_attrs[attr] = result['result'][attr] - - return dn - -api.register(entitle_consume) - - -class entitle_get(VirtualCommand): - __doc__ = _('Retrieve the entitlement certs.') - - operation="retrieve entitlement" - - has_output_params = ( - Str('product', - label=_('Product'), - ), - Int('quantity', - label=_('Quantity'), - ), - Str('start', - label=_('Start'), - ), - Str('end', - label=_('End'), - ), - Str('serial', - label=_('Serial Number'), - ), - ) - - has_output = output.standard_list_of_entries - - def execute(self, *keys, **kw): - ldap = self.api.Backend.ldap2 - - os.environ['LANG'] = 'en_US' - locale.setlocale(locale.LC_ALL, '') - - (db, uuid, certfile, keyfile) = get_uuid(ldap) - if db is None: - quantity = 0 - product = '' - registrations = api.Command['entitle_find'](all=True)['result'][0] - certs = [] - if u'usercertificate' in registrations: - # make it look like a UEP cert - for cert in registrations['usercertificate']: - certs.append(dict(cert = x509.make_pem(base64.b64encode(cert)))) - else: - try: - cp = UEPConnection(handler='/candlepin', cert_file=certfile, key_file=keyfile) - certs = cp.getCertificates(uuid) - finally: - if db: - shutil.rmtree(db, ignore_errors=True) - - entries = [] - for c in certs: - try: - pc = EntitlementCertificate(c['cert']) - except M2Crypto.X509.X509Error: - raise errors.CertificateFormatError(error=_('Not an entitlement certificate')) - order = pc.getOrder() - quantity = 0 - if order.getQuantityUsed(): - quantity = order.getQuantityUsed() - result={'product': unicode(order.getName()), - 'quantity': int(order.getQuantityUsed()), - 'start': unicode(order.getStart()), - 'end': unicode(order.getEnd()), - 'serial': unicode(pc.serialNumber()), - 'certificate': unicode(c['cert']), - } - entries.append(result) - del pc - del order - - return dict( - result=entries, - count=len(entries), - truncated=False, - ) - -api.register(entitle_get) - -class entitle_find(LDAPSearch): - __doc__ = _('Search for entitlement accounts.') - - has_output_params = output_params - INTERNAL = True - - def post_callback(self, ldap, entries, truncated, *args, **options): - if len(entries) == 0: - raise errors.NotRegisteredError() - return truncated - -api.register(entitle_find) - -class entitle_register(LDAPCreate): - __doc__ = _('Register to the entitlement system.') - - operation="register entitlement" - - msg_summary = _('Registered to entitlement server.') - - takes_args = ( - Str('username', - label=_('Username'), - ), - ) - - takes_options = LDAPCreate.takes_options + ( - Str('ipaentitlementid?', - label='UUID', - doc=_('Enrollment UUID (not implemented)'), - flags=['no_create', 'no_update'], - ), - Password('password', - label=_('Password'), - doc=_('Registration password'), - confirm=False, - ), - ) - - """ - has_output_params = ( - ) - - has_output = ( - Output('result', - type=dict, - doc=_('Dictionary mapping variable name to value'), - ), - ) - """ - - def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): - dn = DN(self.obj.container_dn, self.api.env.basedn) - if not ldap.can_add(dn): - raise errors.ACIError(info=_('No permission to register')) - os.environ['LANG'] = 'en_US' - locale.setlocale(locale.LC_ALL, '') - - if 'ipaentitlementid' in options: - raise errors.ValidationError(name='ipaentitlementid', - error=_('Registering to specific UUID is not supported yet.')) - - try: - registrations = api.Command['entitle_find']() - raise errors.AlreadyRegisteredError() - except errors.NotRegisteredError: - pass - try: - admin_cp = UEPConnection(handler='/candlepin', username=keys[-1], password=options.get('password')) - result = admin_cp.registerConsumer(name=api.env.realm, type="domain") - uuid = result['uuid'] - db = None - try: - # Create a PKCS#12 file to store the private key and - # certificate in LDAP. Encrypt using the Apache cert - # database password. - db = tempfile.mkdtemp(prefix = "tmp-") - write_file(db + '/in.cert', result['idCert']['cert']) - write_file(db + '/in.key', result['idCert']['key']) - args = ['/usr/bin/openssl', 'pkcs12', - '-export', - '-in', db + '/in.cert', - '-inkey', db + '/in.key', - '-out', db + '/out.p12', - '-name', 'candlepin', - '-passout', 'pass:%s' % read_pkcs12_pin() - ] - - (stdout, stderr, rc) = run(args, raiseonerr=False) - pkcs12 = read_file(db + '/out.p12') - - entry_attrs['ipaentitlementid'] = uuid - entry_attrs['userpkcs12'] = pkcs12 - finally: - if db is not None: - shutil.rmtree(db, ignore_errors=True) - except RestlibException, e: - if e.code == 401: - raise errors.ACIError(info=e.msg) - else: - raise e - except socket.gaierror: - raise errors.ACIError(info=e.args[1]) - - dn = ldap.make_dn( - entry_attrs, self.obj.uuid_attribute, - DN(self.obj.container_dn, api.env.basedn) - ) - return dn - -api.register(entitle_register) - - -class entitle_import(LDAPUpdate): - __doc__ = _('Import an entitlement certificate.') - - has_output_params = ( - Str('product', - label=_('Product'), - ), - Int('quantity', - label=_('Quantity'), - ), - Int('consumed', - label=_('Consumed'), - ), - ) - - has_output = ( - Output('result', - type=dict, - doc=_('Dictionary mapping variable name to value'), - ), - ) - - takes_args = ( - File('usercertificate*', validate_certificate, - cli_name='certificate_file', - ), - ) - - # any update requires at least 1 option to be set so force an invisible - # one here by setting the uuid. - takes_options = LDAPCreate.takes_options + ( - Str('uuid?', - label=_('UUID'), - doc=_('Enrollment UUID'), - flags=['no_create', 'no_update'], - autofill=True, - default=u'IMPORTED', - ), - ) - - def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): - assert isinstance(dn, DN) - try: - (db, uuid, certfile, keyfile) = get_uuid(ldap) - if db is not None: - raise errors.AlreadyRegisteredError() - except errors.NotRegisteredError: - pass - - try: - entry_attrs['ipaentitlementid'] = unicode('IMPORTED') - newcert = x509.normalize_certificate(keys[-1][0]) - cert = x509.make_pem(base64.b64encode(newcert)) - try: - pc = EntitlementCertificate(cert) - o = pc.getOrder() - if o is None: - raise errors.CertificateFormatError(error=_('Not an entitlement certificate')) - except M2Crypto.X509.X509Error: - raise errors.CertificateFormatError(error=_('Not an entitlement certificate')) - dn = DN(('ipaentitlementid', entry_attrs['ipaentitlementid']), dn) - (dn, current_attrs) = ldap.get_entry(dn, ['*']) - entry_attrs['usercertificate'] = current_attrs['usercertificate'] - entry_attrs['usercertificate'].append(newcert) - except errors.NotFound: - # First import, create the entry - entry_attrs['ipaentitlementid'] = unicode('IMPORTED') - entry_attrs['objectclass'] = self.obj.object_class - entry_attrs['usercertificate'] = x509.normalize_certificate(keys[-1][0]) - ldap.add_entry(dn, entry_attrs) - setattr(context, 'entitle_import', True) - - return dn - - def exc_callback(self, keys, options, exc, call_func, *call_args, **call_kwargs): - """ - If we are adding the first entry there are no updates so EmptyModlist - will get thrown. Ignore it. - """ - if call_func.func_name == 'update_entry': - if isinstance(exc, errors.EmptyModlist): - if not getattr(context, 'entitle_import', False): - raise exc - return (call_args, {}) - raise exc - - def execute(self, *keys, **options): - super(entitle_import, self).execute(*keys, **options) - - return dict( - result=api.Command['entitle_status']()['result'] - ) - -api.register(entitle_import) - -class entitle_sync(LDAPUpdate): - __doc__ = _('Re-sync the local entitlement cache with the entitlement server.') - - operation="sync entitlement" - - msg_summary = _('Entitlement(s) synchronized.') - - # We don't want rights or add/setattr - takes_options = ( - # LDAPUpdate requires at least one option so autofill one - # This isn't otherwise used. - Int('hidden', - label=_('Quantity'), - minvalue=1, - autofill=True, - default=1, - flags=['no_option', 'no_output'] - ), - ) - - has_output_params = output_params + ( - Str('product', - label=_('Product'), - ), - Int('consumed', - label=_('Consumed'), - ), - ) - - def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): - assert isinstance(dn, DN) - os.environ['LANG'] = 'en_US' - locale.setlocale(locale.LC_ALL, '') - - (db, uuid, certfile, keyfile) = get_uuid(ldap) - if db is None: - raise errors.NotRegisteredError() - try: - (pool, uuid) = get_pool(ldap) - - cp = UEPConnection(handler='/candlepin', cert_file=certfile, key_file=keyfile) - results = cp.getCertificates(uuid) - usercertificate = [] - for cert in results: - usercertificate.append(x509.normalize_certificate(cert['cert'])) - entry_attrs['usercertificate'] = usercertificate - entry_attrs['ipaentitlementid'] = uuid - finally: - if db: - shutil.rmtree(db, ignore_errors=True) - - dn = ldap.make_dn( - entry_attrs, self.obj.uuid_attribute, - DN(self.obj.container_dn, api.env.basedn) - ) - return dn - - def post_callback(self, ldap, dn, entry_attrs, *keys, **options): - """ - Returning the certificates isn't very interesting. Return the - status of entitlements instead. - """ - assert isinstance(dn, DN) - if 'usercertificate' in entry_attrs: - del entry_attrs['usercertificate'] - if 'userpkcs12' in entry_attrs: - del entry_attrs['userpkcs12'] - result = api.Command['entitle_status']() - for attr in result['result']: - entry_attrs[attr] = result['result'][attr] - - return dn - - def exc_callback(self, keys, options, exc, call_func, *call_args, **call_kwargs): - if call_func.func_name == 'update_entry': - if isinstance(exc, errors.EmptyModlist): - # If there is nothing to change we are already synchronized. - return - raise exc - -api.register(entitle_sync) diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index ca631c1e6..9bbc0c9f5 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -410,27 +410,6 @@ class i18n_messages(Command): "add_permission":_("Add Permission"), "remove_permission": _("Remove Permission"), }, - "entitle": { - "account": _("Account"), - "certificate": _("Certificate"), - "certificates": _("Certificates"), - "consume": _("Consume"), - "consume_entitlement": _("Consume Entitlement"), - "consumed": _("Consumed"), - "download": _("Download"), - "download_certificate": _("Download Certificate"), - "end": _("End"), - "import_button": _("Import"), - "import_certificate": _("Import Certificate"), - "import_message": _("Enter the Base64-encoded entitlement certificate below:"), - "loading": _("Loading..."), - "no_certificate": _("No Certificate."), - "product": _("Product"), - "register": _("Register"), - "registration": _("Registration"), - "start": _("Start"), - "status": _("Status"), - }, "group": { "details": _("Group Settings"), "external": _("External"), |
