summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xinstall/ui/certificate.js713
-rw-r--r--install/ui/host.js75
-rw-r--r--install/ui/service.js91
3 files changed, 452 insertions, 427 deletions
diff --git a/install/ui/certificate.js b/install/ui/certificate.js
index b5356224f..e94c81a03 100755
--- a/install/ui/certificate.js
+++ b/install/ui/certificate.js
@@ -2,6 +2,7 @@
/* Authors:
* Endi Sukma Dewata <edewata@redhat.com>
+ * Petr Vobornik <pvoborni@redhat.com>
*
* Copyright (C) 2010 Red Hat
* see file 'COPYING' for use and warranty information
@@ -220,7 +221,7 @@ IPA.cert.revoke_dialog = function(spec) {
label: IPA.messages.buttons.revoke,
click: function() {
var values = {};
- values['reason'] = that.select.val();
+ values.reason = that.select.val();
if (that.revoke) {
that.revoke(values);
}
@@ -284,9 +285,8 @@ IPA.cert.restore_dialog = function(spec) {
name: 'restore',
label: IPA.messages.buttons.restore,
click: function() {
- var values = {};
if (that.restore) {
- that.restore(values);
+ that.restore();
}
that.close();
}
@@ -317,14 +317,14 @@ IPA.cert.view_dialog = function(spec) {
that.width = spec.width || 600;
that.height = spec.height || 500;
- that.subject = IPA.cert.parse_dn(spec.subject);
- that.serial_number = spec.serial_number || '';
- that.serial_number_hex = spec.serial_number_hex || '';
- that.issuer = IPA.cert.parse_dn(spec.issuer);
- that.issued_on = spec.issued_on || '';
- that.expires_on = spec.expires_on || '';
- that.md5_fingerprint = spec.md5_fingerprint || '';
- that.sha1_fingerprint = spec.sha1_fingerprint || '';
+ that.subject = IPA.cert.parse_dn(spec.certificate.subject);
+ that.serial_number = spec.certificate.serial_number || '';
+ that.serial_number_hex = spec.certificate.serial_number_hex || '';
+ that.issuer = IPA.cert.parse_dn(spec.certificate.issuer);
+ that.issued_on = spec.certificate.valid_not_before || '';
+ that.expires_on = spec.certificate.valid_not_after || '';
+ that.md5_fingerprint = spec.certificate.md5_fingerprint || '';
+ that.sha1_fingerprint = spec.certificate.sha1_fingerprint || '';
that.create_button({
name: 'close',
@@ -456,8 +456,7 @@ IPA.cert.request_dialog = function(spec) {
click: function() {
var values = {};
var request = $.trim(that.textarea.val());
- request = IPA.cert.pem_csr_format(request);
- values['request'] = request;
+ values.request = IPA.cert.pem_csr_format(request);
if (that.request) {
that.request(values);
}
@@ -484,447 +483,464 @@ IPA.cert.request_dialog = function(spec) {
return that;
};
-IPA.cert.status_widget = function(spec) {
+IPA.cert.loader = function(spec) {
spec = spec || {};
- var that = IPA.input_widget(spec);
+ var that = {};
+ that.get_pkey = spec.get_pkey;
+ that.get_name = spec.get_name;
+ that.get_principal = spec.get_principal;
+ that.get_hostname = spec.get_hostname;
+
+ that.load = function (result) {
+
+ var certificate = {
+ issuer: result.issuer,
+ certificate: result.certificate,
+ md5_fingerprint: result.md5_fingerprint,
+ revocation_reason: result.revocation_reason,
+ serial_number: result.serial_number,
+ serial_number_hex: result.serial_number_hex,
+ sha1_fingerprint: result.sha1_fingerprint,
+ subject: result.subject,
+ valid_not_after: result.valid_not_after,
+ valid_not_before: result.valid_not_before
+ };
+
+ if (that.get_entity_certificate) {
+ certificate.certificate = that.get_entity_certificate(result);
+ } else if (!certificate.certificate && result.usercertificate) {
+ // default method of storing certificate for object commands
+ // which include certificate
+ certificate.certificate = result.usercertificate[0].__base64__;
+ }
- that.entity_label = spec.entity_label || that.entity.metadata.label_singular;
+ var info = {};
- that.result = spec.result;
+ if (that.get_pkey) info.pkey = that.get_pkey(result);
+ if (that.get_name) info.name = that.get_name(result);
+ if (that.get_principal) info.principal = that.get_principal(result);
+ if (that.get_hostname) info.hostname = that.get_hostname(result);
- that.get_entity_pkey = spec.get_entity_pkey;
- that.get_entity_name = spec.get_entity_name;
- that.get_entity_principal = spec.get_entity_principal;
- that.get_entity_certificate = spec.get_entity_certificate;
+ certificate.entity_info = info;
- that.is_selfsign = function() {
- return IPA.env.ra_plugin == 'selfsign';
+ return certificate;
};
- that.create = function(container) {
-
- that.widget_create(container);
-
- var div = $('<div/>', {
- name: 'certificate-valid',
- style: 'display: none;'
- }).appendTo(container);
+ return that;
+};
- $('<img/>', {
- src: 'images/check-icon.png',
- style: 'float: left;',
- 'class': 'status-icon'
- }).appendTo(div);
+IPA.cert.load_policy = function(spec) {
- var content_div = $('<div/>', {
- style: 'float: left;'
- }).appendTo(div);
+ spec = spec || {};
+ spec.loader = spec.loader || {
+ factory: IPA.cert.loader,
+ get_pkey: spec.get_pkey,
+ get_name: spec.get_name,
+ get_principal: spec.get_principal,
+ get_hostname: spec.get_hostname
+ };
- content_div.append('<b>'+IPA.messages.objects.cert.valid+':</b>');
+ var that = IPA.facet_policy();
+ that.loader = IPA.build(spec.loader);
- content_div.append(' ');
+ that.post_load = function(data) {
- $('<input/>', {
- 'type': 'button',
- 'name': 'get',
- 'value': IPA.messages.buttons.get
- }).appendTo(content_div);
+ // update cert info in facet (show at least something)
+ var certificate = that.loader.load(data.result.result);
- content_div.append(' ');
-
- if (!that.is_selfsign()) {
- $('<input/>', {
- 'type': 'button',
- 'name': 'revoke',
- 'value': IPA.messages.buttons.revoke
- }).appendTo(content_div);
+ //store cert directly to facet. FIXME: introduce concept of models
+ that.container.certificate = certificate;
+ that.notify_loaded();
- content_div.append(' ');
+ // initialize another load of certificate because current entity
+ // show commands don't contain revocation_reason so previous data
+ // might be slightly incorrect
+ if (certificate && certificate.certificate && !IPA.cert.is_selfsign()) {
+ that.load_revocation_reason(certificate.serial_number);
}
+ };
- $('<input/>', {
- 'type': 'button',
- 'name': 'view',
- 'value': IPA.messages.buttons.view
- }).appendTo(content_div);
-
- content_div.append(' ');
-
- $('<input/>', {
- 'type': 'button',
- 'name': 'create',
- 'value': IPA.messages.objects.cert.new_certificate
- }).appendTo(content_div);
-
- if (!that.is_selfsign()) {
- div = $('<div/>', {
- name: 'certificate-revoked',
- style: 'display: none;'
- }).appendTo(container);
-
- $('<img/>', {
- src: 'images/caution-icon.png',
- style: 'float: left;',
- 'class': 'status-icon'
- }).appendTo(div);
-
- content_div = $('<div/>', {
- style: 'float: left;'
- }).appendTo(div);
-
- content_div.append('<b>'+IPA.messages.objects.cert.revoked+':</b>');
-
- content_div.append(' ');
-
- content_div.append($('<span/>', {
- 'name': 'revocation_reason'
- }));
-
- content_div.append(' ');
-
- $('<input/>', {
- 'type': 'button',
- 'name': 'restore',
- 'value': IPA.messages.buttons.restore
- }).appendTo(content_div);
-
- content_div.append(' ');
+ that.load_revocation_reason = function(serial_number) {
+ IPA.command({
+ entity: 'cert',
+ method: 'show',
+ args: [serial_number],
+ on_success: function(data, text_status, xhr) {
+ var cert = that.container.certificate;
+ cert.revocation_reason = data.result.result.revocation_reason;
+ that.notify_loaded();
+ }
+ }).execute();
+ };
- $('<input/>', {
- 'type': 'button',
- 'name': 'create',
- 'value': IPA.messages.objects.cert.new_certificate
- }).appendTo(content_div);
+ that.notify_loaded = function() {
+ if (that.container.certificate_loaded) {
+ that.container.certificate_loaded.notify(
+ [that.container.certificate], that.container);
}
+ };
- div = $('<div/>', {
- name: 'certificate-missing',
- style: 'display: none;'
- }).appendTo(container);
-
- $('<img/>', {
- src: 'images/caution-icon.png',
- style: 'float: left;',
- 'class': 'status-icon'
- }).appendTo(div);
-
- content_div = $('<div/>', {
- style: 'float: left;'
- }).appendTo(div);
-
- content_div.append('<b>'+IPA.messages.objects.cert.missing+':</b>');
+ return that;
+};
- content_div.append(' ');
+IPA.cert.is_selfsign = function() {
+ return IPA.env.ra_plugin == 'selfsign';
+};
- $('<input/>', {
- 'type': 'button',
- 'name': 'create',
- 'value': IPA.messages.objects.cert.new_certificate
- }).appendTo(content_div);
+IPA.cert.view_action = function(spec) {
+ spec = spec || {};
+ spec.name = spec.name || 'view_cert';
+ spec.label = spec.label || IPA.messages.buttons.view;
+ spec.enable_cond = spec.enable_cond || ['has_certificate'];
- that.status_valid = $('div[name=certificate-valid]', that.container);
- that.status_revoked = $('div[name=certificate-revoked]', that.container);
- that.status_missing = $('div[name=certificate-missing]', that.container);
+ var that = IPA.action(spec);
+ that.entity_label = spec.entity_label;
- var button = $('input[name=get]', that.container);
- that.get_button = IPA.button({
- name: 'get',
- label: IPA.messages.buttons.get,
- click: function() {
- IPA.command({
- entity: that.entity.name,
- method: 'show',
- args: [that.pkey],
- on_success: function(data, text_status, xhr) {
- get_certificate(data.result.result);
- }
- }).execute();
- return false;
- }
- });
- button.replaceWith(that.get_button);
+ that.execute_action = function(facet) {
- button = $('input[name=revoke]', that.container);
- that.revoke_button = IPA.button({
- name: 'revoke',
- label: IPA.messages.buttons.revoke,
- click: function() {
- IPA.command({
- entity: that.entity.name,
- method: 'show',
- args: [that.pkey],
- on_success: function(data, text_status, xhr) {
- revoke_certificate(data.result.result);
- }
- }).execute();
- return false;
- }
- });
- button.replaceWith(that.revoke_button);
+ var certificate = facet.certificate;
+ if (!certificate) that.facet.refresh();
- button = $('input[name=view]', that.container);
- that.view_button = IPA.button({
- name: 'view',
- label: IPA.messages.buttons.view,
- click: function() {
- IPA.command({
- entity: that.entity.name,
- method: 'show',
- args: [that.pkey],
- on_success: function(data, text_status, xhr) {
- view_certificate(data.result.result);
- }
- }).execute();
- return false;
- }
- });
- button.replaceWith(that.view_button);
+ var entity_label = that.entity_label || facet.entity.metadata.label_singular;
+ var entity_name = certificate.entity_info.name;
- that.revocation_reason = $('span[name=revocation_reason]', that.container);
+ var title = IPA.messages.objects.cert.view_certificate;
+ title = title.replace('${entity}', entity_label);
+ title = title.replace('${primary_key}', entity_name);
- button = $('input[name=restore]', that.container);
- that.restore_button = IPA.button({
- name: 'restore',
- label: IPA.messages.buttons.restore,
- click: function() {
- IPA.command({
- entity: that.entity.name,
- method: 'show',
- args: [that.pkey],
- on_success: function(data, text_status, xhr) {
- restore_certificate(data.result.result);
- }
- }).execute();
- return false;
- }
- });
- button.replaceWith(that.restore_button);
-
- $('input[name=create]', that.container).each(function(index) {
- button = $(this);
- that.create_button = IPA.button({
- name: 'create',
- label: IPA.messages.objects.cert.new_certificate,
- click: function() {
- request_certificate(that.result);
- return false;
- }
- });
- button.replaceWith(that.create_button);
+ var dialog = IPA.cert.view_dialog({
+ title: title,
+ certificate: certificate
});
- };
-
- that.update = function() {
-
- that.pkey = that.get_entity_pkey(that.result);
-
- var entity_certificate = that.get_entity_certificate(that.result);
- if (entity_certificate) {
- check_status(that.result.serial_number);
- } else {
- set_status(IPA.cert.CERTIFICATE_STATUS_MISSING);
- }
- };
- that.clear = function() {
- that.status_valid.css('display', 'none');
- that.status_missing.css('display', 'none');
- that.status_revoked.css('display', 'none');
- that.revoke_button.css('display', 'none');
- that.restore_button.css('display', 'none');
- that.revocation_reason.text('');
+ dialog.open();
};
- function set_status(status, revocation_reason) {
- that.status_valid.css('display', status == IPA.cert.CERTIFICATE_STATUS_VALID ? '' : 'none');
- that.status_missing.css('display', status == IPA.cert.CERTIFICATE_STATUS_MISSING ? '' : 'none');
-
- if (!that.is_selfsign()) {
- that.status_revoked.css('display', status == IPA.cert.CERTIFICATE_STATUS_REVOKED ? '' : 'none');
- that.revoke_button.css('display', status == IPA.cert.CERTIFICATE_STATUS_VALID ? '' : 'none');
-
- var reason = IPA.cert.CRL_REASON[revocation_reason];
- that.revocation_reason.html(revocation_reason === undefined || reason === null ? '' : IPA.messages.objects.cert[reason]);
- that.restore_button.css('display', reason == 'certificate_hold' ? '' : 'none');
- }
- }
+ return that;
+};
- function check_status(serial_number) {
+IPA.cert.get_action = function(spec) {
- if (that.is_selfsign()) {
- set_status(IPA.cert.CERTIFICATE_STATUS_VALID);
- return;
- }
+ spec = spec || {};
+ spec.name = spec.name || 'get_cert';
+ spec.label = spec.label || IPA.messages.buttons.get;
+ spec.enable_cond = spec.enable_cond || ['has_certificate'];
- IPA.command({
- entity: 'cert',
- method: 'show',
- args: [serial_number],
- on_success: function(data, text_status, xhr) {
- var revocation_reason = data.result.result.revocation_reason;
- if (revocation_reason == undefined) {
- set_status(IPA.cert.CERTIFICATE_STATUS_VALID);
- } else {
- set_status(IPA.cert.CERTIFICATE_STATUS_REVOKED, revocation_reason);
- }
- }
- }).execute();
- }
+ var that = IPA.action(spec);
+ that.entity_label = spec.entity_label;
- function view_certificate(result) {
+ that.execute_action = function(facet) {
- var entity_certificate = that.get_entity_certificate(result);
- if (!entity_certificate) {
- set_status(IPA.cert.CERTIFICATE_STATUS_MISSING);
- return;
- }
+ var certificate = facet.certificate;
+ if (!certificate) that.facet.refresh();
- var entity_name = that.get_entity_name(result);
+ var entity_label = that.entity_label || facet.entity.metadata.label_singular;
+ var entity_name = certificate.entity_info.name;
var title = IPA.messages.objects.cert.view_certificate;
- title = title.replace('${entity}', that.entity_label);
+ title = title.replace('${entity}', entity_label);
title = title.replace('${primary_key}', entity_name);
- var dialog = IPA.cert.view_dialog({
- 'title': title,
- 'subject': result['subject'],
- 'serial_number': result['serial_number'],
- 'serial_number_hex': result['serial_number_hex'],
- 'issuer': result['issuer'],
- 'issued_on': result['valid_not_before'],
- 'expires_on': result['valid_not_after'],
- 'md5_fingerprint': result['md5_fingerprint'],
- 'sha1_fingerprint': result['sha1_fingerprint']
+ var dialog = IPA.cert.download_dialog({
+ title: title,
+ certificate: certificate.certificate
});
dialog.open();
- }
-
- function get_certificate(result) {
+ };
- var entity_certificate = that.get_entity_certificate(result);
- if (!entity_certificate) {
- set_status(IPA.cert.CERTIFICATE_STATUS_MISSING);
- return;
- }
+ return that;
+};
- var entity_name = that.get_entity_name(result);
+IPA.cert.request_action = function(spec) {
- var title = IPA.messages.objects.cert.view_certificate;
- title = title.replace('${entity}', that.entity_label);
- title = title.replace('${primary_key}', entity_name);
+ spec = spec || {};
+ spec.name = spec.name || 'request_cert';
+ spec.label = spec.label || IPA.messages.objects.cert.new_certificate;
- var dialog = IPA.cert.download_dialog({
- title: title,
- certificate: entity_certificate
- });
+ var that = IPA.action(spec);
+ that.entity_label = spec.entity_label;
- dialog.open();
- }
+ that.execute_action = function(facet) {
- function request_certificate(result) {
+ var certificate = facet.certificate;
+ if (!certificate) facet.refresh();
- var entity_name = that.get_entity_name(result);
- var entity_principal = that.get_entity_principal(result);
+ var entity_principal = certificate.entity_info.principal;
+ var entity_label = that.entity_label || facet.entity.metadata.label_singular;
+ var entity_name = certificate.entity_info.name;
+ var hostname = certificate.entity_info.hostname;
var title = IPA.messages.objects.cert.issue_certificate;
- title = title.replace('${entity}', that.entity_label);
+ title = title.replace('${entity}', entity_label);
title = title.replace('${primary_key}', entity_name);
+ var request_message = IPA.messages.objects.cert.request_message;
+ request_message = request_message.replace(/\$\{hostname\}/g, hostname);
+ request_message = request_message.replace(/\$\{realm\}/g, IPA.env.realm);
+
var dialog = IPA.cert.request_dialog({
title: title,
- message: that.request_message,
+ message: request_message,
request: function(values) {
- var request = values['request'];
IPA.command({
entity: 'cert',
method: 'request',
- args: [request],
+ args: [values.request],
options: {
'principal': entity_principal
},
on_success: function(data, text_status, xhr) {
- check_status(data.result.result.serial_number);
+ facet.refresh();
}
}).execute();
}
});
dialog.open();
- }
+ };
- function revoke_certificate(result) {
+ return that;
+};
- var entity_certificate = that.get_entity_certificate(result);
- if (!entity_certificate) {
- set_status(IPA.cert.CERTIFICATE_STATUS_MISSING);
- return;
- }
+IPA.cert.revoke_action = function(spec) {
+
+ spec = spec || {};
+ spec.name = spec.name || 'revoke_cert';
+ spec.label = spec.label || IPA.messages.buttons.revoke;
+ spec.enable_cond = spec.enable_cond || ['has_certificate'];
+ spec.disable_cond = spec.disable_cond || ['certificate_revoked'];
+ spec.hide_cond = spec.hide_cond || ['selfsign'];
+
+ var that = IPA.action(spec);
+ that.entity_label = spec.entity_label;
+ that.request_message = spec.request_message;
- var entity_name = that.get_entity_name(result);
- var serial_number = result['serial_number'];
+ that.execute_action = function(facet) {
+
+ var certificate = facet.certificate;
+ if (!certificate) facet.refresh();
+
+ var entity_label = that.entity_label || facet.entity.metadata.label_singular;
+ var entity_name = certificate.entity_info.name;
var title = IPA.messages.objects.cert.revoke_certificate;
- title = title.replace('${entity}', that.entity_label);
+ title = title.replace('${entity}', entity_label);
title = title.replace('${primary_key}', entity_name);
var dialog = IPA.cert.revoke_dialog({
- 'title': title,
- 'revoke': function(values) {
- var reason = values['reason'];
+ title: title,
+ message: that.request_message,
+ revoke: function(values) {
IPA.command({
entity: 'cert',
method: 'revoke',
- args: [serial_number],
+ args: [certificate.serial_number],
options: {
- 'revocation_reason': reason
+ 'revocation_reason': values.reason
},
on_success: function(data, text_status, xhr) {
- check_status(serial_number);
+ facet.refresh();
}
}).execute();
}
});
dialog.open();
- }
+ };
- function restore_certificate(result) {
+ return that;
+};
- var entity_certificate = that.get_entity_certificate(result);
- if (!entity_certificate) {
- set_status(IPA.cert.CERTIFICATE_STATUS_MISSING);
- return;
- }
+IPA.cert.restore_action = function(spec) {
- var entity_name = that.get_entity_name(result);
- var serial_number = result['serial_number'];
+ spec = spec || {};
+ spec.name = spec.name || 'restore_cert';
+ spec.label = spec.label || IPA.messages.buttons.restore;
+ spec.enable_cond = spec.enable_cond || ['has_certificate', 'certificate_hold'];
+ spec.hide_cond = spec.hide_cond || ['selfsign'];
+
+ var that = IPA.action(spec);
+ that.entity_label = spec.entity_label;
+ that.request_message = spec.request_message;
+
+ that.execute_action = function(facet) {
+
+ var certificate = facet.certificate;
+ if (!certificate) facet.refresh();
+
+ var entity_label = that.entity_label || facet.entity.metadata.label_singular;
+ var entity_name = certificate.entity_info.name;
var title = IPA.messages.objects.cert.restore_certificate;
- title = title.replace('${entity}', that.entity_label);
+ title = title.replace('${entity}', entity_label);
title = title.replace('${primary_key}', entity_name);
var dialog = IPA.cert.restore_dialog({
- 'title': title,
- 'restore': function(values) {
+ title: title,
+ message: that.request_message,
+ restore: function() {
+
IPA.command({
entity: 'cert',
method: 'remove_hold',
- args: [serial_number],
+ args: [certificate.serial_number],
on_success: function(data, text_status, xhr) {
- check_status(serial_number);
+ facet.refresh();
}
}).execute();
}
});
dialog.open();
- }
+ };
+
+ return that;
+};
+
+IPA.cert.certificate_evaluator = function(spec) {
+
+ spec.name = spec.name || 'has_certificate_evaluator';
+ spec.event = spec.event || 'certificate_loaded';
+
+ var that = IPA.state_evaluator(spec);
+
+ that.on_event = function(certificate) {
+
+ var old_state, record, state, value, loaded_value;
+
+ old_state = that.state;
+ that.state = [];
+
+ if (certificate && certificate.certificate) {
+ that.state.push('has_certificate');
+
+ if (certificate.revocation_reason !== undefined) {
+ that.state.push('certificate_revoked');
+
+ if (certificate.revocation_reason === 6) {
+ that.state.push('certificate_hold');
+ }
+ }
+ }
+
+ if (IPA.cert.is_selfsign()) {
+ that.state.push('selfsign');
+ }
+
+ that.notify_on_change(old_state);
+ };
+
+ return that;
+};
+
+
+IPA.cert.status_widget = function(spec) {
+
+ spec = spec || {};
+
+ var that = IPA.input_widget(spec);
+
+ that.create = function(container) {
+
+ that.widget_create(container);
+
+ that.status_valid = $('<div/>', {
+ name: 'certificate-valid',
+ style: 'display: none;'
+ }).appendTo(container);
+
+ $('<img/>', {
+ src: 'images/check-icon.png',
+ style: 'float: left;',
+ 'class': 'status-icon'
+ }).appendTo(that.status_valid);
+
+ var content_div = $('<div/>', {
+ style: 'float: left;'
+ }).appendTo(that.status_valid);
+
+ content_div.append('<b>'+IPA.messages.objects.cert.valid+'</b>');
+
+ that.status_revoked = $('<div/>', {
+ name: 'certificate-revoked',
+ style: 'display: none;'
+ }).appendTo(container);
+
+ $('<img/>', {
+ src: 'images/caution-icon.png',
+ style: 'float: left;',
+ 'class': 'status-icon'
+ }).appendTo(that.status_revoked);
+
+ content_div = $('<div/>', {
+ style: 'float: left;'
+ }).appendTo(that.status_revoked);
+
+ content_div.append('<b>'+IPA.messages.objects.cert.revoked+'</b>');
+ content_div.append(' ');
+ that.revocation_reason = $('<span/>', {
+ 'name': 'revocation_reason'
+ }).appendTo(content_div);
+
+ that.status_missing = $('<div/>', {
+ name: 'certificate-missing',
+ style: 'display: none;'
+ }).appendTo(container);
+
+ $('<img/>', {
+ src: 'images/caution-icon.png',
+ style: 'float: left;',
+ 'class': 'status-icon'
+ }).appendTo(that.status_missing);
+
+ content_div = $('<div/>', {
+ style: 'float: left;'
+ }).appendTo(that.status_missing);
+
+ content_div.append('<b>'+IPA.messages.objects.cert.missing+'</b>');
+ };
+
+ that.update = function(certificate) {
+
+ certificate = certificate || {};
+
+ var selfsign = IPA.cert.is_selfsign();
+ var has_certificate = certificate.certificate;
+ var revoked = certificate.revocation_reason !== undefined;
+ var status = IPA.cert.CERTIFICATE_STATUS_MISSING;
+
+ if (has_certificate && (selfsign || !revoked)) {
+ status = IPA.cert.CERTIFICATE_STATUS_VALID;
+ } else if (has_certificate) {
+ status = IPA.cert.CERTIFICATE_STATUS_REVOKED;
+ }
+ that.set_status(status, certificate.revocation_reason);
+ };
+
+ that.clear = function() {
+ that.status_valid.css('display', 'none');
+ that.status_missing.css('display', 'none');
+ that.status_revoked.css('display', 'none');
+ that.revocation_reason.text('');
+ };
+
+ that.set_status = function(status, revocation_reason) {
+ that.status_valid.css('display', status === IPA.cert.CERTIFICATE_STATUS_VALID ? '' : 'none');
+ that.status_missing.css('display', status === IPA.cert.CERTIFICATE_STATUS_MISSING ? '' : 'none');
+
+ if (!IPA.cert.is_selfsign()) {
+ that.status_revoked.css('display', status === IPA.cert.CERTIFICATE_STATUS_REVOKED ? '' : 'none');
+
+ var reason = IPA.cert.CRL_REASON[revocation_reason];
+ that.revocation_reason.html(revocation_reason === undefined || reason === null ? '' : IPA.messages.objects.cert[reason]);
+ }
+ };
return that;
};
@@ -934,12 +950,27 @@ IPA.cert.status_field = function(spec) {
spec = spec || {};
var that = IPA.field(spec);
+ that.registered = false;
that.load = function(result) {
+ that.register_listener();
+ that.reset();
+ };
- that.widget.result = result;
+ that.set_certificate = function(certificate) {
+ that.values = certificate;
that.reset();
};
+ that.register_listener = function() {
+ if (!that.registered) {
+ that.registered = true;
+ that.container.certificate_loaded.attach(that.set_certificate);
+ }
+ };
+
return that;
};
+
+IPA.widget_factories['certificate_status'] = IPA.cert.status_widget;
+IPA.field_factories['certificate_status'] = IPA.cert.status_field; \ No newline at end of file
diff --git a/install/ui/host.js b/install/ui/host.js
index e693f5f8e..c53ba0539 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -97,9 +97,17 @@ IPA.host.entity = function(spec) {
},
{
name: 'certificate',
+ action_panel: {
+ factory: IPA.action_panel,
+ name: 'cert_actions',
+ actions: [
+ 'request_cert', 'view_cert', 'get_cert',
+ 'revoke_cert', 'restore_cert'
+ ]
+ },
fields: [
{
- type: 'host_certificate_status',
+ type: 'certificate_status',
name: 'certificate_status',
label: IPA.messages.objects.host.status
}
@@ -121,18 +129,25 @@ IPA.host.entity = function(spec) {
label: IPA.messages.objects.host.password_reset_title,
status: 'present',
show_cond: ['has_password']
- }
+ },
+ IPA.cert.view_action,
+ IPA.cert.get_action,
+ IPA.cert.request_action,
+ IPA.cert.revoke_action,
+ IPA.cert.restore_action
],
state: {
evaluators: [
IPA.host.has_password_evaluator,
IPA.host.has_keytab_evaluator,
IPA.host.userpassword_acl_evaluator,
- IPA.host.krbprincipalkey_acl_evaluator
+ IPA.host.krbprincipalkey_acl_evaluator,
+ IPA.cert.certificate_evaluator
]
},
policies: [
- IPA.host_enrollment_policy()
+ IPA.host.enrollment_policy(),
+ IPA.host.certificate_policy()
]
}).
association_facet({
@@ -205,14 +220,17 @@ IPA.host.entity = function(spec) {
return that;
};
-IPA.host.details_facet = function(spec) {
+IPA.host.details_facet = function(spec, no_init) {
- var that = IPA.details_facet(spec);
+ var that = IPA.details_facet(spec, true);
+ that.certificate_loaded = IPA.observer();
that.get_refresh_command_name = function() {
return that.entity.name+'_show_'+that.pkey;
};
+ if (!no_init) that.init_details_facet();
+
return that;
};
@@ -498,7 +516,7 @@ IPA.force_host_add_checkbox_widget = function(spec) {
IPA.widget_factories['force_host_add_checkbox'] = IPA.force_host_add_checkbox_widget;
IPA.field_factories['force_host_add_checkbox'] = IPA.checkbox_field;
-IPA.host_enrollment_policy = function(spec) {
+IPA.host.enrollment_policy = function(spec) {
var that = IPA.facet_policy();
@@ -895,56 +913,29 @@ IPA.host.has_password_evaluator = function(spec) {
return that;
};
-IPA.host.certificate_status_field = function(spec) {
+IPA.host.certificate_policy = function(spec) {
spec = spec || {};
- var that = IPA.cert.status_field(spec);
-
- that.load = function(result) {
-
- that.widget.result = result;
-
- var message = IPA.messages.objects.cert.request_message;
- message = message.replace(/\$\{hostname\}/g, result.fqdn[0]);
- message = message.replace(/\$\{realm\}/g, IPA.env.realm);
- that.widget.request_message = message;
-
- that.reset();
- };
-
- return that;
-};
-
-IPA.host.certificate_status_widget = function(spec) {
-
- spec = spec || {};
-
- var that = IPA.cert.status_widget(spec);
-
- that.get_entity_pkey = function(result) {
+ spec.get_pkey = spec.get_pkey || function(result) {
var values = result.fqdn;
return values ? values[0] : null;
};
- that.get_entity_name = function(result) {
- return that.get_entity_pkey(result);
+ spec.get_name = spec.get_name || function(result) {
+ var values = result.fqdn;
+ return values ? values[0] : null;
};
- that.get_entity_principal = function(result) {
+ spec.get_principal = spec.get_principal || function(result) {
var values = result.krbprincipalname;
return values ? values[0] : null;
};
- that.get_entity_certificate = function(result) {
- var values = result.usercertificate;
- return values ? values[0].__base64__ : null;
- };
+ spec.get_hostname = spec.get_hostname || spec.get_name;
+ var that = IPA.cert.load_policy(spec);
return that;
};
-IPA.widget_factories['host_certificate_status'] = IPA.host.certificate_status_widget;
-IPA.field_factories['host_certificate_status'] = IPA.host.certificate_status_field;
-
IPA.register('host', IPA.host.entity);
diff --git a/install/ui/service.js b/install/ui/service.js
index f714e410e..413d2ee88 100644
--- a/install/ui/service.js
+++ b/install/ui/service.js
@@ -36,6 +36,7 @@ IPA.service.entity = function(spec) {
columns: [ 'krbprincipalname' ]
}).
details_facet({
+ factory: IPA.service.details_facet,
sections: [
{
name: 'details',
@@ -72,9 +73,17 @@ IPA.service.entity = function(spec) {
},
{
name: 'certificate',
+ action_panel: {
+ factory: IPA.action_panel,
+ name: 'cert_actions',
+ actions: [
+ 'request_cert', 'view_cert', 'get_cert',
+ 'revoke_cert', 'restore_cert'
+ ]
+ },
fields: [
{
- type: 'service_certificate_status',
+ type: 'certificate_status',
name: 'certificate_status',
label: IPA.messages.objects.service.status
}
@@ -82,14 +91,23 @@ IPA.service.entity = function(spec) {
}
],
actions: [
- IPA.service.unprovision_action
+ IPA.service.unprovision_action,
+ IPA.cert.view_action,
+ IPA.cert.get_action,
+ IPA.cert.request_action,
+ IPA.cert.revoke_action,
+ IPA.cert.restore_action
],
state: {
evaluators: [
IPA.service.has_keytab_evaluator,
- IPA.service.krbprincipalkey_acl_evaluator
+ IPA.service.krbprincipalkey_acl_evaluator,
+ IPA.cert.certificate_evaluator
]
- }
+ },
+ policies: [
+ IPA.service.certificate_policy()
+ ]
}).
association_facet({
name: 'managedby_host',
@@ -145,6 +163,16 @@ IPA.service.entity = function(spec) {
return that;
};
+IPA.service.details_facet = function(spec, no_init) {
+
+ var that = IPA.details_facet(spec, true);
+ that.certificate_loaded = IPA.observer();
+
+ if (!no_init) that.init_details_facet();
+
+ return that;
+};
+
IPA.service_adder_dialog = function(spec) {
spec = spec || {};
@@ -398,59 +426,34 @@ IPA.service.has_keytab_evaluator = function(spec) {
return that;
};
-IPA.service.certificate_status_field = function(spec) {
-
- spec = spec || {};
-
- var that = IPA.cert.status_field(spec);
-
- that.load = function(result) {
-
- that.widget.result = result;
-
- var krbprincipalname = result.krbprincipalname[0];
- var hostname = krbprincipalname.replace(/^.*\//, '').replace(/@.*$/, '');
-
- var message = IPA.messages.objects.cert.request_message;
- message = message.replace(/\$\{hostname\}/g, hostname);
- message = message.replace(/\$\{realm\}/g, IPA.env.realm);
- that.widget.request_message = message;
-
- that.reset();
- };
-
- return that;
-};
-
-IPA.service.certificate_status_widget = function(spec) {
+IPA.service.certificate_policy = function(spec) {
spec = spec || {};
- var that = IPA.cert.status_widget(spec);
-
- that.get_entity_pkey = function(result) {
+ function get_pkey(result) {
var values = result.krbprincipalname;
return values ? values[0] : null;
- };
+ }
+
+ spec.get_pkey = spec.get_pkey || get_pkey;
- that.get_entity_name = function(result) {
- var value = that.get_entity_pkey(result);
+ spec.get_name = spec.get_name || function(result) {
+ var value = get_pkey(result);
return value ? value.replace(/@.*$/, '') : null;
};
- that.get_entity_principal = function(result) {
- return that.get_entity_pkey(result);
- };
+ spec.get_principal = spec.get_principal || get_pkey;
- that.get_entity_certificate = function(result) {
- var values = result.usercertificate;
- return values ? values[0].__base64__ : null;
+ spec.get_hostname = spec.get_hostname || function(result) {
+ var value = get_pkey(result);
+ if (value) {
+ value = value.replace(/@.*$/, '').replace(/^.*\//, '');
+ }
+ return value;
};
+ var that = IPA.cert.load_policy(spec);
return that;
};
-IPA.widget_factories['service_certificate_status'] = IPA.service.certificate_status_widget;
-IPA.field_factories['service_certificate_status'] = IPA.service.certificate_status_field;
-
IPA.register('service', IPA.service.entity);
generated by cgit (git 2.34.1) at 2024-09-27 22:04:31 +0000