diff options
| -rwxr-xr-x | install/ui/src/freeipa/certificate.js | 299 | ||||
| -rw-r--r-- | install/ui/src/freeipa/details.js | 24 | ||||
| -rw-r--r-- | install/ui/src/freeipa/facet.js | 1 | ||||
| -rw-r--r-- | install/ui/src/freeipa/field.js | 2 | ||||
| -rw-r--r-- | install/ui/src/freeipa/host.js | 18 | ||||
| -rw-r--r-- | install/ui/src/freeipa/search.js | 24 | ||||
| -rw-r--r-- | install/ui/src/freeipa/service.js | 18 | ||||
| -rw-r--r-- | install/ui/src/freeipa/webui.js | 3 | ||||
| -rw-r--r-- | install/ui/src/freeipa/widget.js | 31 | ||||
| -rw-r--r-- | install/ui/test/data/cert_find.json | 71 | ||||
| -rw-r--r-- | install/ui/test/data/ipa_init.json | 7 | ||||
| -rw-r--r-- | install/ui/test/data/ipa_init_commands.json | 147 | ||||
| -rw-r--r-- | ipalib/plugins/internal.py | 7 |
13 files changed, 621 insertions, 31 deletions
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js index f7bc84359..84cff41f6 100755 --- a/install/ui/src/freeipa/certificate.js +++ b/install/ui/src/freeipa/certificate.js @@ -19,7 +19,7 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -define(['./ipa', './jquery', './dialog'], function(IPA, $) { +define(['./ipa', './jquery','dojo/_base/lang', './dialog'], function(IPA, $, lang) { IPA.cert = {}; @@ -486,6 +486,7 @@ IPA.cert.load_policy = function(spec) { var that = IPA.facet_policy(); that.loader = IPA.build(spec.loader); + that.has_reason = spec.has_reason; that.post_load = function(data) { @@ -499,7 +500,8 @@ IPA.cert.load_policy = function(spec) { // initialize another load of certificate because current entity // show commands don't contain revocation_reason so previous data // might be slightly incorrect - if (certificate && certificate.certificate && !IPA.cert.is_selfsign()) { + if (!that.has_reason && certificate && certificate.certificate && + !IPA.cert.is_selfsign()) { that.load_revocation_reason(certificate.serial_number); } }; @@ -639,6 +641,7 @@ IPA.cert.request_action = function(spec) { on_success: function(data, text_status, xhr) { facet.refresh(); IPA.notify_success(IPA.messages.objects.cert.requested); + facet.certificate_updated.notify([], that.facet); } }).execute(); } @@ -672,9 +675,12 @@ IPA.cert.revoke_action = function(spec) { var entity_label = that.entity_label || facet.entity.metadata.label_singular; var entity_name = certificate.entity_info.name; - var title = IPA.messages.objects.cert.revoke_certificate; - title = title.replace('${entity}', entity_label); - title = title.replace('${primary_key}', entity_name); + var title = IPA.messages.objects.cert.revoke_certificate_simple; + if (entity_name && entity_label) { + title = IPA.messages.objects.cert.revoke_certificate; + title = title.replace('${entity}', entity_label); + title = title.replace('${primary_key}', entity_name); + } that.dialog.title = title; that.dialog.message = that.get_confirm_message(facet); @@ -694,6 +700,7 @@ IPA.cert.revoke_action = function(spec) { on_success: function(data, text_status, xhr) { facet.refresh(); IPA.notify_success(IPA.messages.objects.cert.revoked); + facet.certificate_updated.notify([], that.facet); } }).execute(); }; @@ -725,9 +732,12 @@ IPA.cert.restore_action = function(spec) { var entity_label = that.entity_label || facet.entity.metadata.label_singular; var entity_name = certificate.entity_info.name; - var title = IPA.messages.objects.cert.restore_certificate; - title = title.replace('${entity}', entity_label); - title = title.replace('${primary_key}', entity_name); + var title = IPA.messages.objects.cert.restore_certificate_simple; + if (entity_name && entity_label) { + title = IPA.messages.objects.cert.restore_certificate; + title = title.replace('${entity}', entity_label); + title = title.replace('${primary_key}', entity_name); + } that.dialog.title = title; that.dialog.message = that.get_confirm_message(facet); @@ -744,6 +754,7 @@ IPA.cert.restore_action = function(spec) { on_success: function(data, text_status, xhr) { facet.refresh(); IPA.notify_success(IPA.messages.objects.cert.restored); + facet.certificate_updated.notify([], that.facet); } }).execute(); }; @@ -923,5 +934,275 @@ IPA.cert.status_field = function(spec) { IPA.widget_factories['certificate_status'] = IPA.cert.status_widget; IPA.field_factories['certificate_status'] = IPA.cert.status_field; +IPA.cert.entity = function(spec) { + + spec = spec || {}; + + spec.policies = spec.policies || [ + IPA.search_facet_update_policy(), + IPA.details_facet_update_policy(), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_facet: 'search' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'host', + dest_facet: 'details' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'service', + dest_facet: 'details' + }) + ]; + + var that = IPA.entity(spec); + + that.get_default_metadata = function() { + + var add_param = function(name, label, doc, primary_key) { + entity.takes_params.push({ + name: name, + label: label, + doc: doc, + primary_key: !!primary_key, + flags: ['no_update'] + }); + }; + + var get_param = function(params, name) { + + for (var i=0;i<params.length;i++) { + if (params[i].name === name) return params[i]; + } + return null; + }; + + var cmd = IPA.metadata.commands['cert_find']; + var entity = lang.clone(cmd); + entity.attribute_members = {}; + entity.label = IPA.messages.objects.cert.certificates; + entity.label_singular = IPA.messages.objects.cert.certificate; + entity.methods = [ + 'find', + 'remove-hold', + 'request', + 'revoke', + 'show', + 'status' + ]; + entity.name = "certificate"; + entity.object_name = "certificate"; + entity.object_name_plural = "certificates"; + entity.parent_object = ""; + entity.primary_key = "serial_number"; + entity.rdn_attribute = ""; + entity.relationships = {}; + entity.takes_params = lang.clone(entity.takes_options); + + get_param(entity.takes_params, 'subject').flags = ['no_update']; + var reason = get_param(entity.takes_params, 'revocation_reason'); + reason.flags = ['no_update']; + reason.label = IPA.messages.objects.cert.revocation_reason; + + add_param('serial_number', + IPA.messages.objects.cert.serial_number, + IPA.messages.objects.cert.serial_number, + true); + add_param('serial_number_hex', + IPA.messages.objects.cert.serial_number_hex, + IPA.messages.objects.cert.serial_number_hex); + add_param('issuer', + IPA.messages.objects.cert.issued_by, + IPA.messages.objects.cert.issued_by); + add_param('status', + IPA.messages.objects.cert.status, + IPA.messages.objects.cert.status); + add_param('valid_not_before', + IPA.messages.objects.cert.issued_on, + IPA.messages.objects.cert.issued_on); + add_param('valid_not_after', + IPA.messages.objects.cert.expires_on, + IPA.messages.objects.cert.expires_on); + add_param('md5_fingerprint', + IPA.messages.objects.cert.md5_fingerprint, + IPA.messages.objects.cert.md5_fingerprint); + add_param('sha1_fingerprint', + IPA.messages.objects.cert.sha1_fingerprint, + IPA.messages.objects.cert.sha1_fingerprint); + add_param('certificate', + IPA.messages.objects.cert.certificate, + IPA.messages.objects.cert.certificate); + + + IPA.metadata.objects.cert = entity; + return entity; + }; + + that.init = function() { + + if (IPA.cert.is_selfsign()) { + throw { + expected: true + }; + } + + that.entity_init(); + + that.builder.search_facet({ + factory: IPA.cert.search_facet, + label: IPA.messages.objects.cert.label, + pagination: false, + no_update: true, + columns: [ + { + name: 'serial_number', + primary_key: true, + width: '90px' + }, + 'subject', + { + name: 'status', + width: '120px' + } + ] + }). + details_facet({ + factory: IPA.cert.details_facet, + no_update: true, + actions: [ + IPA.cert.revoke_action, + IPA.cert.restore_action + ], + state: { + evaluators: [ + IPA.cert.certificate_evaluator + ] + }, + sections: [ + { + name: 'details', + label: IPA.messages.objects.cert.certificate, + action_panel: { + factory: IPA.action_panel, + name: 'cert_actions', + actions: [ + 'revoke_cert', 'restore_cert' + ] + }, + fields: [ + 'serial_number', + 'serial_number_hex', + 'subject', + 'issuer', + 'valid_not_before', + 'valid_not_after', + 'sha1_fingerprint', + 'md5_fingerprint', + { + type: 'revocation_reason', + name: 'revocation_reason' + }, + { + type: 'textarea', + name: 'certificate', + style: { + width: '550px', + height: '350px' + } + } + ] + } + ], + policies: [ + IPA.cert.load_policy({ has_reason: true}), + IPA.hide_empty_row_policy({ + widget: 'revocation_reason', + section: 'details' + }) + ] + }); + }; + + return that; +}; + +IPA.cert.search_facet = function(spec) { + + spec = spec || {}; + + var that = IPA.search_facet(spec); + + + that.create_refresh_command = function() { + + var command = that.search_facet_create_refresh_command(); + var arg = command.args.pop(); + + if (arg) { + command.set_option('subject', arg); + } + + return command; + }; + + return that; +}; + +IPA.cert.details_facet = function(spec, no_init) { + + spec = spec || {}; + + var that = IPA.details_facet(spec, true); + that.certificate_loaded = IPA.observer(); + that.certificate_updated = IPA.observer(); + + that.create_refresh_command = function() { + + var command = that.details_facet_create_refresh_command(); + delete command.options.all; + delete command.options.rights; + return command; + }; + + if (!no_init) that.init_details_facet(); + + return that; +}; + + +IPA.revocation_reason_field = function(spec) { + + spec = spec || {}; + + var that = IPA.field(spec); + + that.load = function(record) { + + that.field_load(record); + + var reason = record.revocation_reason; + var text = IPA.cert.CRL_REASON[reason] || ''; + that.values = [text]; + + that.reset(); + }; + + return that; +}; + +IPA.cert.cert_update_policy = function(spec) { + + spec = spec || {}; + spec.event = spec.event || 'certificate_updated'; + return IPA.facet_update_policy(spec); +}; + +IPA.field_factories['revocation_reason'] = IPA.revocation_reason_field; +IPA.widget_factories['revocation_reason'] = IPA.text_widget; + +IPA.register('cert', IPA.cert.entity); + return {}; -}); +});
\ No newline at end of file diff --git a/install/ui/src/freeipa/details.js b/install/ui/src/freeipa/details.js index e8f1e86d9..bd23e564e 100644 --- a/install/ui/src/freeipa/details.js +++ b/install/ui/src/freeipa/details.js @@ -238,21 +238,25 @@ IPA.details_facet = function(spec, no_init) { IPA.update_action); spec.control_buttons = spec.control_buttons || []; + + if (!spec.no_update) { + spec.control_buttons.unshift( + { + name: 'reset', + label: IPA.messages.buttons.reset, + icon: 'reset-icon' + }, + { + name: 'update', + label: IPA.messages.buttons.update, + icon: 'update-icon' + }); + } spec.control_buttons.unshift( { name: 'refresh', label: IPA.messages.buttons.refresh, icon: 'reset-icon' - }, - { - name: 'reset', - label: IPA.messages.buttons.reset, - icon: 'reset-icon' - }, - { - name: 'update', - label: IPA.messages.buttons.update, - icon: 'update-icon' }); spec.state = spec.state || {}; diff --git a/install/ui/src/freeipa/facet.js b/install/ui/src/freeipa/facet.js index 77e05cab6..3ad868e84 100644 --- a/install/ui/src/freeipa/facet.js +++ b/install/ui/src/freeipa/facet.js @@ -38,6 +38,7 @@ IPA.facet = function(spec, no_init) { that.title = spec.title || that.label; that.tab_label = spec.tab_label || that.label; that.display_class = spec.display_class; + that.no_update = spec.no_update; that.disable_breadcrumb = spec.disable_breadcrumb; that.disable_facet_tabs = spec.disable_facet_tabs; diff --git a/install/ui/src/freeipa/field.js b/install/ui/src/freeipa/field.js index f705ef7b8..f972a6589 100644 --- a/install/ui/src/freeipa/field.js +++ b/install/ui/src/freeipa/field.js @@ -275,7 +275,7 @@ IPA.field = function(spec) { */ that.test_dirty = function() { - if (that.read_only) return false; + if (that.read_only || !that.writable) return false; var values = that.save(); diff --git a/install/ui/src/freeipa/host.js b/install/ui/src/freeipa/host.js index 133c38ffd..d064a2fa2 100644 --- a/install/ui/src/freeipa/host.js +++ b/install/ui/src/freeipa/host.js @@ -26,6 +26,23 @@ IPA.host = {}; IPA.host.entity = function(spec) { + spec = spec || {}; + + spec.policies = spec.policies || [ + IPA.search_facet_update_policy(), + IPA.details_facet_update_policy(), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'details' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'search' + }) + ]; + var that = IPA.entity(spec); that.init = function() { @@ -223,6 +240,7 @@ IPA.host.details_facet = function(spec, no_init) { var that = IPA.details_facet(spec, true); that.certificate_loaded = IPA.observer(); + that.certificate_updated = IPA.observer(); that.get_refresh_command_name = function() { return that.entity.name+'_show_'+that.pkey; diff --git a/install/ui/src/freeipa/search.js b/install/ui/src/freeipa/search.js index a3f35b5e9..d57c40126 100644 --- a/install/ui/src/freeipa/search.js +++ b/install/ui/src/freeipa/search.js @@ -42,21 +42,25 @@ IPA.search_facet = function(spec, no_init) { IPA.add_action); spec.control_buttons = spec.control_buttons || []; + + if (!spec.no_update) { + spec.control_buttons.unshift( + { + name: 'remove', + label: IPA.messages.buttons.remove, + icon: 'remove-icon' + }, + { + name: 'add', + label: IPA.messages.buttons.add, + icon: 'add-icon' + }); + } spec.control_buttons.unshift( { name: 'refresh', label: IPA.messages.buttons.refresh, icon: 'reset-icon' - }, - { - name: 'remove', - label: IPA.messages.buttons.remove, - icon: 'remove-icon' - }, - { - name: 'add', - label: IPA.messages.buttons.add, - icon: 'add-icon' }); spec.state = spec.state || {}; diff --git a/install/ui/src/freeipa/service.js b/install/ui/src/freeipa/service.js index ecb8ce9b3..c38cfef1b 100644 --- a/install/ui/src/freeipa/service.js +++ b/install/ui/src/freeipa/service.js @@ -25,6 +25,23 @@ IPA.service = {}; IPA.service.entity = function(spec) { + spec = spec || {}; + + spec.policies = spec.policies || [ + IPA.search_facet_update_policy(), + IPA.details_facet_update_policy(), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'details' + }), + IPA.cert.cert_update_policy({ + source_facet: 'details', + dest_entity: 'cert', + dest_facet: 'search' + }) + ]; + var that = IPA.entity(spec); that.init = function() { @@ -172,6 +189,7 @@ IPA.service.details_facet = function(spec, no_init) { var that = IPA.details_facet(spec, true); that.certificate_loaded = IPA.observer(); + that.certificate_updated = IPA.observer(); if (!no_init) that.init_details_facet(); diff --git a/install/ui/src/freeipa/webui.js b/install/ui/src/freeipa/webui.js index f6c3339ec..2bc3bdd47 100644 --- a/install/ui/src/freeipa/webui.js +++ b/install/ui/src/freeipa/webui.js @@ -42,7 +42,8 @@ IPA.admin_navigation = function(spec) { {entity: 'dnsconfig'}, {entity: 'dnsrecord', hidden:true} ] - } + }, + {entity: 'cert', label: IPA.messages.tabs.cert } ]}, {name: 'policy', label: IPA.messages.tabs.policy, children: [ {name: 'hbac', label: IPA.messages.tabs.hbac, children: [ diff --git a/install/ui/src/freeipa/widget.js b/install/ui/src/freeipa/widget.js index 6472cab97..5ce767e7e 100644 --- a/install/ui/src/freeipa/widget.js +++ b/install/ui/src/freeipa/widget.js @@ -960,6 +960,7 @@ IPA.textarea_widget = function (spec) { that.rows = spec.rows || 5; that.cols = spec.cols || 40; + that.style = spec.style; that.create = function(container) { @@ -972,12 +973,15 @@ IPA.textarea_widget = function (spec) { rows: that.rows, cols: that.cols, disabled: that.disabled, + readOnly: !!that.read_only, title: that.tooltip, keyup: function() { that.on_value_changed(); } }).appendTo(container); + if (that.style) that.input.css(that.style); + that.input.bind('input', function() { that.on_value_changed(); }); @@ -990,11 +994,17 @@ IPA.textarea_widget = function (spec) { }; that.save = function() { + if (that.read_only || !that.writable) { + return null; + } var value = that.input.val(); return [value]; }; that.update = function(values) { + var read_only = that.read_only || !that.writable; + that.input.prop('readOnly', read_only); + var value = values && values.length ? values[0] : ''; that.input.val(value); }; @@ -2947,6 +2957,27 @@ IPA.details_table_section = function(spec) { return that; }; +IPA.hide_empty_row_policy = function (spec) { + + spec = spec || {}; + + var that = IPA.facet_policy(); + that.value_name = spec.value_name || spec.widget; + that.widget_name = spec.widget; + that.section_name = spec.section; + + that.post_load = function(data) { + + var value = data.result.result[that.value_name]; + var visible = !IPA.is_empty(value); + + var section = that.container.widgets.get_widget(that.section_name); + section.set_row_visible(that.widget_name, visible); + }; + + return that; +}; + //non-collabsible section IPA.details_table_section_nc = function(spec) { diff --git a/install/ui/test/data/cert_find.json b/install/ui/test/data/cert_find.json new file mode 100644 index 000000000..6c059bd7a --- /dev/null +++ b/install/ui/test/data/cert_find.json @@ -0,0 +1,71 @@ +{ + "error": null, + "id": null, + "result": { + "count": 10, + "result": [ + { + "serial_number": 1, + "serial_number_hex": "0x1", + "status": "VALID", + "subject": "CN=Certificate Authority,O=EXAMPLE.COM" + }, + { + "serial_number": 2, + "serial_number_hex": "0x2", + "status": "VALID", + "subject": "CN=OCSP Subsystem,O=EXAMPLE.COM" + }, + { + "serial_number": 3, + "serial_number_hex": "0x3", + "status": "VALID", + "subject": "CN=dev.example.com,O=EXAMPLE.COM" + }, + { + "serial_number": 4, + "serial_number_hex": "0x4", + "status": "VALID", + "subject": "CN=CA Subsystem,O=EXAMPLE.COM" + }, + { + "serial_number": 5, + "serial_number_hex": "0x5", + "status": "VALID", + "subject": "CN=CA Audit,O=EXAMPLE.COM" + }, + { + "serial_number": 6, + "serial_number_hex": "0x6", + "status": "VALID", + "subject": "CN=ipa-ca-agent,O=EXAMPLE.COM" + }, + { + "serial_number": 7, + "serial_number_hex": "0x7", + "status": "VALID", + "subject": "CN=IPA RA,O=EXAMPLE.COM" + }, + { + "serial_number": 8, + "serial_number_hex": "0x8", + "status": "VALID", + "subject": "CN=dev.example.com,O=EXAMPLE.COM" + }, + { + "serial_number": 9, + "serial_number_hex": "0x9", + "status": "VALID", + "subject": "CN=dev.example.com,O=EXAMPLE.COM" + }, + { + "serial_number": 10, + "serial_number_hex": "0xA", + "status": "VALID", + "subject": "CN=Object Signing Cert,O=EXAMPLE.COM" + } + ], + "summary": "10 certificates matched", + "truncated": false + } +}
\ No newline at end of file diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 73d54578b..685367473 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -176,6 +176,8 @@ "aa_compromise": "AA Compromise", "affiliation_changed": "Affiliation Changed", "ca_compromise": "CA Compromise", + "certificate": "Certificate", + "certificates": "Certificates", "certificate_hold": "Certificate Hold", "cessation_of_operation": "Cessation of Operation", "common_name": "Common Name", @@ -198,14 +200,18 @@ "request_message": "<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<hostname>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${hostname},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>", "requested": "Certificate requested", "restore_certificate": "Restore Certificate for ${entity} ${primary_key}", + "restore_certificate_simple": "Restore Certificate", "restore_confirmation": "To confirm your intention to restore this certificate, click the \"Restore\" button.", "restored": "Certificate restored", + "revocation_reason": "Revocation reason", "revoke_certificate": "Revoke Certificate for ${entity} ${primary_key}", + "revoke_certificate_simple": "Revoke Certificate", "revoke_confirmation": "To confirm your intention to revoke this certificate, select a reason from the pull-down list, and click the \"Revoke\" button.", "revoked": "Certificate Revoked", "serial_number": "Serial Number", "serial_number_hex": "Serial Number (hex)", "sha1_fingerprint": "SHA1 Fingerprint", + "status": "Status", "superseded": "Superseded", "unspecified": "Unspecified", "valid": "Valid Certificate Present", @@ -510,6 +516,7 @@ "audit": "Audit", "automember": "Automember", "automount": "Automount", + "cert": "Certificates", "dns": "DNS", "hbac": "Host Based Access Control", "identity": "Identity", diff --git a/install/ui/test/data/ipa_init_commands.json b/install/ui/test/data/ipa_init_commands.json index 2c128f73e..a7e00ba55 100644 --- a/install/ui/test/data/ipa_init_commands.json +++ b/install/ui/test/data/ipa_init_commands.json @@ -1825,6 +1825,153 @@ ], "takes_options": [] }, + "cert_find": { + "name": "cert_find", + "takes_args": [], + "takes_options": [ + { + "class": "Str", + "doc": "Subject", + "flags": [], + "label": "Subject", + "name": "subject", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Int", + "doc": "Reason for revoking the certificate (0-10)", + "flags": [], + "label": "Reason", + "maxvalue": 10, + "minvalue": 0, + "name": "revocation_reason", + "type": "int" + }, + { + "class": "Int", + "doc": "minimum serial number", + "flags": [], + "label": "<min_serial_number>", + "maxvalue": 2147483647, + "minvalue": 0, + "name": "min_serial_number", + "type": "int" + }, + { + "class": "Int", + "doc": "maximum serial number", + "flags": [], + "label": "<max_serial_number>", + "maxvalue": 2147483647, + "minvalue": -2147483648, + "name": "max_serial_number", + "type": "int" + }, + { + "class": "Flag", + "doc": "match the common name exactly", + "flags": [], + "label": "<exactly>", + "name": "exactly", + "type": "bool" + }, + { + "class": "Str", + "doc": "Valid not after from this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotafter_from>", + "name": "validnotafter_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Valid not after to this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotafter_to>", + "name": "validnotafter_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Valid not before from this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotbefore_from>", + "name": "validnotbefore_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Valid not before to this date (YYYY-mm-dd)", + "flags": [], + "label": "<validnotbefore_to>", + "name": "validnotbefore_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Issued on from this date (YYYY-mm-dd)", + "flags": [], + "label": "<issuedon_from>", + "name": "issuedon_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Issued on to this date (YYYY-mm-dd)", + "flags": [], + "label": "<issuedon_to>", + "name": "issuedon_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Revoked on from this date (YYYY-mm-dd)", + "flags": [], + "label": "<revokedon_from>", + "name": "revokedon_from", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Str", + "doc": "Revoked on to this date (YYYY-mm-dd)", + "flags": [], + "label": "<revokedon_to>", + "name": "revokedon_to", + "noextrawhitespace": true, + "type": "unicode" + }, + { + "class": "Int", + "default": 100, + "doc": "Maximum number of certs returned", + "flags": [ + "no_display" + ], + "label": "Size Limit", + "maxvalue": 2147483647, + "minvalue": 0, + "name": "sizelimit", + "type": "int" + }, + { + "name": "all" + }, + { + "name": "raw" + }, + { + "name": "version" + } + ] + }, "cert_remove_hold": { "name": "cert_remove_hold", "takes_args": { diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index 2ca112ee0..cc0bf99d5 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -312,6 +312,8 @@ class i18n_messages(Command): "aa_compromise": _("AA Compromise"), "affiliation_changed": _("Affiliation Changed"), "ca_compromise": _("CA Compromise"), + "certificate": _("Certificate"), + "certificates": _("Certificates"), "certificate_hold": _("Certificate Hold"), "cessation_of_operation": _("Cessation of Operation"), "common_name": _("Common Name"), @@ -334,14 +336,18 @@ class i18n_messages(Command): "request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<hostname>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${hostname},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"), "requested": _("Certificate requested"), "restore_certificate": _("Restore Certificate for ${entity} ${primary_key}"), + "restore_certificate_simple": _("Restore Certificate"), "restore_confirmation": _("To confirm your intention to restore this certificate, click the \"Restore\" button."), "restored": _("Certificate restored"), + "revocation_reason": _("Revocation reason"), "revoke_certificate": _("Revoke Certificate for ${entity} ${primary_key}"), + "revoke_certificate_simple": _("Revoke Certificate"), "revoke_confirmation": _("To confirm your intention to revoke this certificate, select a reason from the pull-down list, and click the \"Revoke\" button."), "revoked": _("Certificate Revoked"), "serial_number": _("Serial Number"), "serial_number_hex": _("Serial Number (hex)"), "sha1_fingerprint": _("SHA1 Fingerprint"), + "status": _("Status"), "superseded": _("Superseded"), "unspecified": _("Unspecified"), "valid": _("Valid Certificate Present"), @@ -649,6 +655,7 @@ class i18n_messages(Command): "audit": _("Audit"), "automember": _("Automember"), "automount": _("Automount"), + "cert": _("Certificates"), "dns": _("DNS"), "hbac": _("Host Based Access Control"), "identity": _("Identity"), |