diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2010-10-15 12:22:01 -0500 |
|---|---|---|
| committer | Adam Young <ayoung@redhat.com> | 2010-10-15 14:26:07 -0400 |
| commit | 4c24581b5cffaffbb200152e1d43931c0d674102 (patch) | |
| tree | 2f9aa6c8b7a2875804e1af834c7fc8e02d0a7973 /install/static/service.js | |
| parent | acf5f9cad7438268148dff6c6b74d8c63048409a (diff) | |
| download | freeipa-4c24581b5cffaffbb200152e1d43931c0d674102.tar.gz freeipa-4c24581b5cffaffbb200152e1d43931c0d674102.tar.xz freeipa-4c24581b5cffaffbb200152e1d43931c0d674102.zip | |
Service certificate UI.
The service.py has been modified to include certificate info in
the service-show result if the service contains usercertificate.
A new file certificate.js has been added to store codes related
to certificates (e.g. revocation reasons, dialog boxes). The
service.js has been modified to provide the UI for certificate
management. The certificate.js can also be used for host
certificate management.
The Makefile.am and index.xhtml has been modified to include
certificate.js. New test data files have been added for certificate
operations.
To test revoke and restore operations the server needs to be
installed with dogtag CA instead of self-signed CA.
The certificate status and revocation reason in the details page
will be implemented in subsequent patches. Unit tests will also
be added in subsequent patches.
Diffstat (limited to 'install/static/service.js')
| -rw-r--r-- | install/static/service.js | 250 |
1 files changed, 221 insertions, 29 deletions
diff --git a/install/static/service.js b/install/static/service.js index 7b81c4d2..d688b9ad 100644 --- a/install/static/service.js +++ b/install/static/service.js @@ -34,16 +34,19 @@ ipa_entity_set_add_definition('service', [ ]); ipa_entity_set_details_definition('service', [ - ipa_stanza({name:'identity', label:'Service Details'}). + ipa_stanza({name:'details', label:'Service Details'}). input({name:'krbprincipalname', label:'Principal', setup:service_krbprincipalname_setup, load:service_krbprincipalname_load}). input({name:'service', label:'Service', load:service_service_load}). - input({name:'host', label:'Host Name', load:service_host_load}). - input({name:'usercertificate', label:'Certificate', - load:service_usercertificate_load, - save:service_usercertificate_save}) + input({name:'host', label:'Host Name', load:service_host_load}), + ipa_stanza({name:'provisioning', label:'Provisioning'}). + input({name:'provisioning_status', label:'Status', + load:service_provisioning_status_load}), + ipa_stanza({name:'certificate', label:'Service Certificate'}). + input({name:'certificate_status', label:'Status', + load:service_usercertificate_load}) ]); function service_add_krbprincipalname(add_dialog, mode) { @@ -76,45 +79,234 @@ function service_service_load(container, dt, result) { function service_host_load(container, dt, result) { var krbprincipalname = result['krbprincipalname'][0]; - var host = krbprincipalname.replace(/^.*\//, ''); + var host = krbprincipalname.replace(/^.*\//, '').replace(/@.*$/, ''); var dd = ipa_create_first_dd(this.name, host); dt.after(dd); } -function service_usercertificate_load(container, dt, result) { - var textarea = $("<textarea/>", { - title: 'usercertificate', - style: 'width: 300px; height: 200px;' +function service_provisioning_status_load(container, dt, result) { + // skip provisioning_status +} + +function service_usercertificate_get(result) { + + var usercertificate = result['usercertificate']; + if (!usercertificate) { + alert('Service has no usercertificate.'); + return; + } + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_get_dialog({ + 'title': 'Certificate for Service '+service_name, + 'usercertificate': usercertificate[0].__base64__ }); - var dd = ipa_create_first_dd(this.name, textarea); - dt.after(dd); + dialog.open(); +} + +function service_usercertificate_view(result) { var usercertificate = result['usercertificate']; - if (!usercertificate) return; + if (!usercertificate) { + alert('Service has no usercertificate.'); + return; + } + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_view_dialog({ + 'title': 'Certificate for Service '+service_name, + 'subject': result['subject'], + 'serial_number': result['serial_number'], + 'issuer': result['issuer'], + 'issued_on': result['valid_not_before'], + 'expires_on': result['valid_not_after'], + 'md5_fingerprint': result['md5_fingerprint'], + 'sha1_fingerprint': result['sha1_fingerprint'] + }); - var value = usercertificate[0].__base64__; - textarea.val(value); + dialog.open(); } -function service_usercertificate_save(container) { - var field = this; - var values = []; +function service_usercertificate_revoke(result) { - var dd = $('dd[title='+field.name+']', container); - dd.each(function () { - var textarea = $('textarea', dd); - if (!textarea.length) return; + var usercertificate = result['usercertificate']; + if (!usercertificate) { + alert('Service has no usercertificate.'); + return; + } + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var serial_number = result['serial_number']; - var value = $.trim(textarea.val()); - if (value) { - value = {'__base64__': value}; - } else { - value = ''; + var dialog = certificate_revoke_dialog({ + 'title': 'Revoke Certificate for Service '+service_name, + 'revoke': function(values) { + var reason = values['reason']; + + ipa_cmd( + 'cert_revoke', + [serial_number], + { + 'revocation_reason': reason + }, + function(data, text_status, xhr) { + var dialog = certificate_confirmation_dialog({ + title: 'Success', + message: 'Certificate has been revoked successfully.' + }); + dialog.open(); + } + ); } + }); + + dialog.open(); +} - values.push(value); +function service_usercertificate_restore(result) { + + var usercertificate = result['usercertificate']; + if (!usercertificate) { + alert('Service has no usercertificate.'); + return; + } + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var serial_number = result['serial_number']; + + var dialog = certificate_restore_dialog({ + 'title': 'Restore Certificate for Service '+service_name, + 'restore': function(values) { + ipa_cmd( + 'cert_remove_hold', + [serial_number], + { }, + function(data, text_status, xhr) { + var dialog = certificate_confirmation_dialog({ + title: 'Success', + message: 'Certificate has been restored successfully.' + }); + dialog.open(); + } + ); + } }); - return values; + dialog.open(); +} + +function service_usercertificate_request(result) { + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_request_dialog({ + 'title': 'Issue New Certificate for Service '+service_name, + 'request': function(values) { + var request = values['request']; + + ipa_cmd( + 'cert_request', + [request], + { + 'principal': krbprincipalname + } + ); + } + }); + + dialog.open(); +} + +function service_usercertificate_load(container, dt, result) { + + var krbprincipalname = result['krbprincipalname'][0]; + + var table = $('<table/>'); + + var tr = $('<tr/>').appendTo(table); + + var td = $('<td/>').appendTo(tr); + td.append('Valid Certificate Present:'); + + td = $('<td/>').appendTo(tr); + $('<input/>', { + type: 'button', + value: 'Get', + click: function() { + ipa_cmd('service_show', [krbprincipalname], {}, + function(data, text_status, xhr) { + service_usercertificate_get(data.result.result); + } + ); + } + }).appendTo(td); + + $('<input/>', { + type: 'button', + value: 'Revoke', + click: function() { + ipa_cmd('service_show', [krbprincipalname], {}, + function(data, text_status, xhr) { + service_usercertificate_revoke(data.result.result); + } + ); + } + }).appendTo(td); + + $('<input/>', { + type: 'button', + value: 'View', + click: function() { + ipa_cmd('service_show', [krbprincipalname], {}, + function(data, text_status, xhr) { + service_usercertificate_view(data.result.result); + } + ); + } + }).appendTo(td); + + tr = $('<tr/>').appendTo(table); + + td = $('<td/>').appendTo(tr); + td.append('Certificate Revoked:'); + + td = $('<td/>').appendTo(tr); + $('<input/>', { + type: 'button', + value: 'Restore', + click: function() { + ipa_cmd('service_show', [krbprincipalname], {}, + function(data, text_status, xhr) { + service_usercertificate_restore(data.result.result); + } + ); + } + }).appendTo(td); + + tr = $('<tr/>').appendTo(table); + + td = $('<td/>').appendTo(tr); + td.append('No Valid Certificate:'); + + td = $('<td/>').appendTo(tr); + $('<input/>', { + type: 'button', + value: 'New Certificate', + click: function() { + service_usercertificate_request(result); + } + }).appendTo(td); + + var dd = ipa_create_first_dd(this.name, table); + dt.after(dd); } |