diff options
Diffstat (limited to 'install/static/service.js')
-rw-r--r-- | install/static/service.js | 326 |
1 files changed, 190 insertions, 136 deletions
diff --git a/install/static/service.js b/install/static/service.js index d688b9ad3..5e37f6a71 100644 --- a/install/static/service.js +++ b/install/static/service.js @@ -20,6 +20,10 @@ /* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */ +var SERVICE_CERTIFICATE_VALID = 1; +var SERVICE_CERTIFICATE_REVOKED = 2; +var SERVICE_CERTIFICATE_MISSING = 3; + ipa_entity_set_search_definition('service', [ ['krbprincipalname', 'Principal', null], ['quick_links', 'Quick Links', ipa_entity_quick_links] @@ -88,146 +92,168 @@ function service_provisioning_status_load(container, dt, result) { // skip provisioning_status } -function service_usercertificate_get(result) { - - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; - } +function service_usercertificate_load(container, dt, result) { - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); + var li1, li2, li3; - var dialog = certificate_get_dialog({ - 'title': 'Certificate for Service '+service_name, - 'usercertificate': usercertificate[0].__base64__ - }); + function set_status(status, revocation_reason) { + li1.css('list-style-type', status == SERVICE_CERTIFICATE_VALID ? 'disc' : 'circle'); + li2.css('list-style-type', status == SERVICE_CERTIFICATE_REVOKED ? 'disc' : 'circle'); + li3.css('list-style-type', status == SERVICE_CERTIFICATE_MISSING ? 'disc' : 'circle'); - dialog.open(); -} - -function service_usercertificate_view(result) { + $('#revocation_reason').html(revocation_reason ? CRL_REASON[revocation_reason] : ''); + $('#restore_button').css('visibility', revocation_reason == 6 ? 'visible' : 'hidden') + } - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; + function check_status(serial_number) { + ipa_cmd( + 'cert_show', + [serial_number], + { }, + function(data, text_status, xhr) { + var revocation_reason = data.result.result.revocation_reason; + if (revocation_reason) { + set_status(SERVICE_CERTIFICATE_REVOKED, revocation_reason); + } else { + set_status(SERVICE_CERTIFICATE_VALID); + } + } + ); } - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); - - var dialog = certificate_view_dialog({ - 'title': 'Certificate for Service '+service_name, - 'subject': result['subject'], - 'serial_number': result['serial_number'], - 'issuer': result['issuer'], - 'issued_on': result['valid_not_before'], - 'expires_on': result['valid_not_after'], - 'md5_fingerprint': result['md5_fingerprint'], - 'sha1_fingerprint': result['sha1_fingerprint'] - }); - - dialog.open(); -} + function get_certificate(result) { -function service_usercertificate_revoke(result) { + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; + } - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; - } + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); + var dialog = certificate_get_dialog({ + 'title': 'Certificate for Service '+service_name, + 'usercertificate': usercertificate[0].__base64__ + }); - var serial_number = result['serial_number']; + dialog.open(); + } - var dialog = certificate_revoke_dialog({ - 'title': 'Revoke Certificate for Service '+service_name, - 'revoke': function(values) { - var reason = values['reason']; + function view_certificate(result) { - ipa_cmd( - 'cert_revoke', - [serial_number], - { - 'revocation_reason': reason - }, - function(data, text_status, xhr) { - var dialog = certificate_confirmation_dialog({ - title: 'Success', - message: 'Certificate has been revoked successfully.' - }); - dialog.open(); - } - ); + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; } - }); - - dialog.open(); -} -function service_usercertificate_restore(result) { - - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_view_dialog({ + 'title': 'Certificate for Service '+service_name, + 'subject': result['subject'], + 'serial_number': result['serial_number'], + 'issuer': result['issuer'], + 'issued_on': result['valid_not_before'], + 'expires_on': result['valid_not_after'], + 'md5_fingerprint': result['md5_fingerprint'], + 'sha1_fingerprint': result['sha1_fingerprint'] + }); + + dialog.open(); } - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); - - var serial_number = result['serial_number']; + function revoke_certificate(result) { - var dialog = certificate_restore_dialog({ - 'title': 'Restore Certificate for Service '+service_name, - 'restore': function(values) { - ipa_cmd( - 'cert_remove_hold', - [serial_number], - { }, - function(data, text_status, xhr) { - var dialog = certificate_confirmation_dialog({ - title: 'Success', - message: 'Certificate has been restored successfully.' - }); - dialog.open(); - } - ); + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; } - }); - dialog.open(); -} + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var serial_number = result['serial_number']; + + var dialog = certificate_revoke_dialog({ + 'title': 'Revoke Certificate for Service '+service_name, + 'revoke': function(values) { + var reason = values['reason']; + + ipa_cmd( + 'cert_revoke', + [serial_number], + { + 'revocation_reason': reason + }, + function(data, text_status, xhr) { + check_status(serial_number); + } + ); + } + }); + + dialog.open(); + } -function service_usercertificate_request(result) { + function restore_certificate(result) { - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); - - var dialog = certificate_request_dialog({ - 'title': 'Issue New Certificate for Service '+service_name, - 'request': function(values) { - var request = values['request']; - - ipa_cmd( - 'cert_request', - [request], - { - 'principal': krbprincipalname - } - ); + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; } - }); - dialog.open(); -} + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var serial_number = result['serial_number']; + + var dialog = certificate_restore_dialog({ + 'title': 'Restore Certificate for Service '+service_name, + 'restore': function(values) { + ipa_cmd( + 'cert_remove_hold', + [serial_number], + { }, + function(data, text_status, xhr) { + check_status(serial_number); + } + ); + } + }); + + dialog.open(); + } -function service_usercertificate_load(container, dt, result) { + function request_certificate(result) { + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_request_dialog({ + 'title': 'Issue New Certificate for Service '+service_name, + 'request': function(values) { + var request = values['request']; + + ipa_cmd( + 'cert_request', + [request], + { + 'principal': krbprincipalname + }, + function(data, text_status, xhr) { + check_status(data.result.result.serial_number); + } + ); + } + }); + + dialog.open(); + } var krbprincipalname = result['krbprincipalname'][0]; @@ -236,40 +262,45 @@ function service_usercertificate_load(container, dt, result) { var tr = $('<tr/>').appendTo(table); var td = $('<td/>').appendTo(tr); + li1 = $('<li/>', { + style: 'color: green;' + }).appendTo(td); + + td = $('<td/>').appendTo(tr); td.append('Valid Certificate Present:'); td = $('<td/>').appendTo(tr); $('<input/>', { - type: 'button', - value: 'Get', - click: function() { + 'type': 'button', + 'value': 'Get', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_get(data.result.result); + get_certificate(data.result.result); } ); } }).appendTo(td); $('<input/>', { - type: 'button', - value: 'Revoke', - click: function() { + 'type': 'button', + 'value': 'Revoke', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_revoke(data.result.result); + revoke_certificate(data.result.result); } ); } }).appendTo(td); $('<input/>', { - type: 'button', - value: 'View', - click: function() { + 'type': 'button', + 'value': 'View', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_view(data.result.result); + view_certificate(data.result.result); } ); } @@ -278,16 +309,27 @@ function service_usercertificate_load(container, dt, result) { tr = $('<tr/>').appendTo(table); td = $('<td/>').appendTo(tr); + li2 = $('<li/>', { + 'style': 'color: red;' + }).appendTo(td); + + td = $('<td/>').appendTo(tr); td.append('Certificate Revoked:'); td = $('<td/>').appendTo(tr); + td.append($('<span/>', { + 'id': 'revocation_reason' + })); + td.append(' '); + $('<input/>', { - type: 'button', - value: 'Restore', - click: function() { + 'id': 'restore_button', + 'type': 'button', + 'value': 'Restore', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_restore(data.result.result); + restore_certificate(data.result.result); } ); } @@ -296,17 +338,29 @@ function service_usercertificate_load(container, dt, result) { tr = $('<tr/>').appendTo(table); td = $('<td/>').appendTo(tr); + li3 = $('<li/>', { + 'style': 'color: goldenrod;' + }).appendTo(td); + + td = $('<td/>').appendTo(tr); td.append('No Valid Certificate:'); td = $('<td/>').appendTo(tr); $('<input/>', { - type: 'button', - value: 'New Certificate', - click: function() { - service_usercertificate_request(result); + 'type': 'button', + 'value': 'New Certificate', + 'click': function() { + request_certificate(result); } }).appendTo(td); var dd = ipa_create_first_dd(this.name, table); dt.after(dd); + + var usercertificate = result['usercertificate']; + if (usercertificate) { + check_status(result.serial_number); + } else { + set_status(SERVICE_CERTIFICATE_MISSING); + } } |