Added realm to methods for listing requests and keys

1. Added query parameters for the realm. If a realm is specified, then only the key requests and keys associated with the realm are returned. If no realm is specified, then only those requests and keys without a realm are returned. 2. Added parameters to keyClient and the CLI Part of Trac Ticket #2041
author: Ade Lee <alee@redhat.com> 2016-04-16 14:19:50 -0400
committer: Ade Lee <alee@redhat.com> 2016-04-20 17:30:11 -0400
commit: 2f730b62e589cd829c5fcb021a2a92d436073eac (patch)
tree: b878387788d7d6a8484021c9ffe10395da575e28
parent: 90f5798079ffe46502552daaddd1b6366eafac62 (diff)
download: pki-2f730b62e589cd829c5fcb021a2a92d436073eac.tar.gz
pki-2f730b62e589cd829c5fcb021a2a92d436073eac.tar.xz
pki-2f730b62e589cd829c5fcb021a2a92d436073eac.zip
8 files changed, 85 insertions, 20 deletions
diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java
index 04eb6539f..1c8a76bfe 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyClient.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java
@@ -86,11 +86,19 @@ public class KeyClient extends Client {
      * @param maxTime -- Maximum time for the operation to take
      * @param start -- Start index of list
      * @param size -- Size of the list to be returned.
+     * @param realm - authz realm
      * @return a KeyInfoCollection object.
      */
     public KeyInfoCollection listKeys(String clientKeyID, String status, Integer maxSize, Integer maxTime,
+            Integer start, Integer size, String realm) {
+        Response response = keyClient.listKeys(clientKeyID, status, maxSize, maxTime, start, size, realm);
+        return client.getEntity(response, KeyInfoCollection.class);
+    }
+
+    /* for backward compatibility */
+    public KeyInfoCollection listKeys(String clientKeyID, String status, Integer maxSize, Integer maxTime,
             Integer start, Integer size) {
-        Response response = keyClient.listKeys(clientKeyID, status, maxSize, maxTime, start, size);
+        Response response = keyClient.listKeys(clientKeyID, status, maxSize, maxTime, start, size, null);
         return client.getEntity(response, KeyInfoCollection.class);
     }
 
@@ -99,8 +107,22 @@ public class KeyClient extends Client {
      *
      * @param requestState -- State of the requests to be queried.
      * @param requestType -- Type of the requests to be queried.
+     * @param realm   -- Authz Realm
      * @return a KeyRequestCollection object.
      */
+    public KeyRequestInfoCollection listRequests(String requestState, String requestType, String realm) {
+        return listRequests(
+                requestState,
+                requestType,
+                null,
+                new RequestId(0),
+                100,
+                100,
+                10,
+                realm);
+    }
+
+    /* method for backwards compatibility */
     public KeyRequestInfoCollection listRequests(String requestState, String requestType) {
         return listRequests(
                 requestState,
@@ -109,7 +131,8 @@ public class KeyClient extends Client {
                 new RequestId(0),
                 100,
                 100,
-                10);
+                10,
+                null);
     }
 
     /**
@@ -122,6 +145,7 @@ public class KeyClient extends Client {
      * @param pageSize -- Size of the list to be returned.
      * @param maxResults -- Maximum number of requests to be fetched
      * @param maxTime -- Maximum time for the operation to take
+     * @param realm -- Authz Realm
      * @return a KeyRequestInfoCollection object.
      */
     public KeyRequestInfoCollection listRequests(
@@ -131,7 +155,8 @@ public class KeyClient extends Client {
             RequestId start,
             Integer pageSize,
             Integer maxResults,
-            Integer maxTime) {
+            Integer maxTime,
+            String realm) {
         Response response = keyRequestClient.listRequests(
                 requestState,
                 requestType,
@@ -139,7 +164,8 @@ public class KeyClient extends Client {
                 start,
                 pageSize,
                 maxResults,
-                maxTime);
+                maxTime,
+                realm);
         return client.getEntity(response, KeyRequestInfoCollection.class);
     }
 
diff --git a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
index 768127e42..26ab9908f 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
@@ -51,7 +51,8 @@ public interface KeyRequestResource {
                                             @QueryParam("start") RequestId start,
                                             @QueryParam("pageSize") Integer pageSize,
                                             @QueryParam("maxResults") Integer maxResults,
-                                            @QueryParam("maxTime") Integer maxTime);
+                                            @QueryParam("maxTime") Integer maxTime,
+                                            @QueryParam("realm") String realm);
 
     @POST
     @ClientResponseType(entityType=KeyRequestResponse.class)
diff --git a/base/common/src/com/netscape/certsrv/key/KeyResource.java b/base/common/src/com/netscape/certsrv/key/KeyResource.java
index 77c9a587e..71a355673 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyResource.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyResource.java
@@ -32,7 +32,8 @@ public interface KeyResource {
                                  @QueryParam("maxResults") Integer maxResults,
                                  @QueryParam("maxTime") Integer maxTime,
                                  @QueryParam("start") Integer start,
-                                 @QueryParam("size") Integer size);
+                                 @QueryParam("size") Integer size,
+                                 @QueryParam("realm") String realm);
 
     @GET
     @Path("active/{clientKeyID}")
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java
index 8ec7db4d9..954246f7e 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java
@@ -72,6 +72,10 @@ public class KeyFindCLI extends CLI {
         option = new Option(null, "size", true, "Page size");
         option.setArgName("size");
         options.addOption(option);
+
+        option = new Option(null, "realm", true, "Realm");
+        option.setArgName("realm");
+        options.addOption(option);
     }
 
     public void execute(String[] args) {
@@ -103,6 +107,7 @@ public class KeyFindCLI extends CLI {
 
         String clientKeyID = cmd.getOptionValue("clientKeyID");
         String status = cmd.getOptionValue("status");
+        String realm = cmd.getOptionValue("realm");
 
         String s = cmd.getOptionValue("maxResults");
         Integer maxResults = s == null ? null : Integer.valueOf(s);
@@ -116,7 +121,7 @@ public class KeyFindCLI extends CLI {
         s = cmd.getOptionValue("size");
         Integer size = s == null ? null : Integer.valueOf(s);
 
-        KeyInfoCollection keys = keyCLI.keyClient.listKeys(clientKeyID, status, maxResults, maxTime, start, size);
+        KeyInfoCollection keys = keyCLI.keyClient.listKeys(clientKeyID, status, maxResults, maxTime, start, size, realm);
 
         Collection<KeyInfo> entries = keys.getEntries();
 
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java
index 92c98f042..de061d630 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java
@@ -77,6 +77,10 @@ public class KeyRequestFindCLI extends CLI {
         option = new Option(null, "pageSize", true, "Page size");
         option.setArgName("page size");
         options.addOption(option);
+
+        option = new Option(null, "realm", true, "Authorization Realm");
+        option.setArgName("realm");
+        options.addOption(option);
     }
 
     public void execute(String[] args) {
@@ -109,6 +113,7 @@ public class KeyRequestFindCLI extends CLI {
         String status = cmd.getOptionValue("status");
         String type = cmd.getOptionValue("type");
         String clientKeyID = cmd.getOptionValue("client");
+        String realm = cmd.getOptionValue("realm");
 
         String s = cmd.getOptionValue("start");
         RequestId start = s == null ? null : new RequestId(s);
@@ -123,7 +128,7 @@ public class KeyRequestFindCLI extends CLI {
         Integer maxTime = s == null ? null : Integer.valueOf(s);
 
         KeyRequestInfoCollection keys = keyCLI.keyClient.listRequests(
-                status, type, clientKeyID, start, pageSize, maxResults, maxTime);
+                status, type, clientKeyID, start, pageSize, maxResults, maxTime, realm);
 
         MainCLI.printMessage(keys.getTotal() + " entries matched");
         if (keys.getTotal() == 0) return;
diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KeyRequestService.java b/base/kra/src/org/dogtagpki/server/kra/rest/KeyRequestService.java
index a67ce08a5..81ebe3e88 100644
--- a/base/kra/src/org/dogtagpki/server/kra/rest/KeyRequestService.java
+++ b/base/kra/src/org/dogtagpki/server/kra/rest/KeyRequestService.java
@@ -34,8 +34,6 @@ import javax.ws.rs.core.Request;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;
 
-import netscape.security.x509.X509CertImpl;
-
 import org.mozilla.jss.crypto.SymmetricKey;
 
 import com.netscape.certsrv.apps.CMS;
@@ -65,6 +63,8 @@ import com.netscape.cms.servlet.key.KeyRequestDAO;
 import com.netscape.cmsutil.ldap.LDAPUtil;
 import com.netscape.cmsutil.util.Utils;
 
+import netscape.security.x509.X509CertImpl;
+
 /**
  * @author alee
  *
@@ -321,11 +321,11 @@ public class KeyRequestService extends PKIService implements KeyRequestResource
      */
     @Override
     public Response listRequests(String requestState, String requestType, String clientKeyID,
-            RequestId start, Integer pageSize, Integer maxResults, Integer maxTime) {
+            RequestId start, Integer pageSize, Integer maxResults, Integer maxTime, String realm) {
         // auth and authz
 
         // get ldap filter
-        String filter = createSearchFilter(requestState, requestType, clientKeyID);
+        String filter = createSearchFilter(requestState, requestType, clientKeyID, realm);
         CMS.debug("listRequests: filter is " + filter);
 
         start = start == null ? new RequestId(KeyRequestService.DEFAULT_START) : start;
@@ -345,13 +345,13 @@ public class KeyRequestService extends PKIService implements KeyRequestResource
         return createOKResponse(requests);
     }
 
-    private String createSearchFilter(String requestState, String requestType, String clientKeyID) {
+    private String createSearchFilter(String requestState, String requestType, String clientKeyID, String realm) {
         String filter = "";
         int matches = 0;
 
         if ((requestState == null) && (requestType == null) && (clientKeyID == null)) {
             filter = "(requeststate=*)";
-            return filter;
+            matches ++;
         }
 
         if (requestState != null) {
@@ -369,6 +369,14 @@ public class KeyRequestService extends PKIService implements KeyRequestResource
             matches ++;
         }
 
+        if (realm != null) {
+            filter += "(realm=" + LDAPUtil.escapeFilter(realm) + ")";
+            matches++;
+        } else {
+            filter += "(!(realm=*))";
+            matches++;
+        }
+
         if (matches > 1) {
             filter = "(&" + filter + ")";
         }
diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java b/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
index f4445bb65..43a5f540a 100644
--- a/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
+++ b/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
@@ -399,15 +399,15 @@ public class KeyService extends PKIService implements KeyResource {
      */
     @Override
     public Response listKeys(String clientKeyID, String status, Integer maxResults, Integer maxTime,
-            Integer start, Integer size) {
+            Integer start, Integer size, String realm) {
         String method = "KeyService.listKeys: ";
         CMS.debug(method + "begins.");
 
-        return createOKResponse(listKeyInfos(clientKeyID, status, maxResults, maxTime, start, size));
+        return createOKResponse(listKeyInfos(clientKeyID, status, maxResults, maxTime, start, size, realm));
     }
 
     public KeyInfoCollection listKeyInfos(String clientKeyID, String status, Integer maxResults, Integer maxTime,
-            Integer start, Integer size) {
+            Integer start, Integer size, String realm) {
         String method = "KeyService.listKeyInfos: ";
         String auditInfo = "KeyService.listKeyInfos; status =" + status;
         CMS.debug(method + "begins.");
@@ -416,7 +416,7 @@ public class KeyService extends PKIService implements KeyResource {
         size = size == null ? DEFAULT_SIZE : size;
 
         // get ldap filter
-        String filter = createSearchFilter(status, clientKeyID);
+        String filter = createSearchFilter(status, clientKeyID, realm);
         CMS.debug("listKeys: filter is " + filter);
 
         maxResults = maxResults == null ? DEFAULT_MAXRESULTS : maxResults;
@@ -479,6 +479,7 @@ public class KeyService extends PKIService implements KeyResource {
                 null,
                 null,
                 null,
+                null,
                 null
         );
 
@@ -513,6 +514,10 @@ public class KeyService extends PKIService implements KeyResource {
         if (rec.getPublicKeyData() != null && getPublicKey) {
             ret.setPublicKey(rec.getPublicKeyData());
         }
+        String realm = rec.getRealm();
+        if (realm != null) {
+            ret.setRealm(realm);
+        }
 
         Path keyPath = KeyResource.class.getAnnotation(Path.class);
         BigInteger serial = rec.getSerialNumber();
@@ -524,13 +529,13 @@ public class KeyService extends PKIService implements KeyResource {
         return ret;
     }
 
-    private String createSearchFilter(String status, String clientKeyID) {
+    private String createSearchFilter(String status, String clientKeyID, String realm) {
         String filter = "";
         int matches = 0;
 
         if ((status == null) && (clientKeyID == null)) {
             filter = "(serialno=*)";
-            return filter;
+            matches ++;
         }
 
         if (status != null) {
@@ -543,6 +548,14 @@ public class KeyService extends PKIService implements KeyResource {
             matches ++;
         }
 
+        if (realm != null) {
+            filter += "(realm=" + LDAPUtil.escapeFilter(realm) + ")";
+            matches ++;
+        } else {
+            filter += "(!(realm=*))";
+            matches ++;
+        }
+
         if (matches > 1) {
             filter = "(&" + filter + ")";
         }
diff --git a/base/server/cms/src/com/netscape/cms/servlet/request/CMSRequestDAO.java b/base/server/cms/src/com/netscape/cms/servlet/request/CMSRequestDAO.java
index 931ade159..ccf84cafa 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/request/CMSRequestDAO.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/request/CMSRequestDAO.java
@@ -27,6 +27,7 @@ import org.jboss.resteasy.plugins.providers.atom.Link;
 
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.authority.IAuthority;
+import com.netscape.certsrv.authorization.IAuthzSubsystem;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.request.CMSRequestInfo;
 import com.netscape.certsrv.request.CMSRequestInfos;
@@ -44,6 +45,7 @@ import com.netscape.certsrv.request.RequestId;
 public abstract class CMSRequestDAO {
     protected IRequestQueue queue;
     protected IAuthority authority;
+    protected IAuthzSubsystem authz = (IAuthzSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_AUTHZ);
 
     private String[] vlvFilters = {
             "(requeststate=*)", "(requesttype=enrollment)",
@@ -78,6 +80,7 @@ public abstract class CMSRequestDAO {
      * @param maxResults - max results to be returned in normal search
      * @param maxTime - max time for normal search
      * @param uriInfo - uri context of request
+     * @param authToken - auth token for the request
      * @return collection of key request info
      * @throws EBaseException
      */
@@ -130,6 +133,9 @@ public abstract class CMSRequestDAO {
         if (params.containsKey("requestType")) {
             builder.queryParam("requestType", params.getFirst("requestType"));
         }
+        if (params.containsKey("realm")) {
+            builder.queryParam("realm", params.getFirst("realm"));
+        }
         builder.queryParam("start", "{start}");
         builder.queryParam("pageSize", "{pageSize}");
author	Ade Lee <alee@redhat.com>	2016-04-16 14:19:50 -0400
committer	Ade Lee <alee@redhat.com>	2016-04-20 17:30:11 -0400
commit	2f730b62e589cd829c5fcb021a2a92d436073eac (patch)
tree	b878387788d7d6a8484021c9ffe10395da575e28
parent	90f5798079ffe46502552daaddd1b6366eafac62 (diff)
download	pki-2f730b62e589cd829c5fcb021a2a92d436073eac.tar.gz pki-2f730b62e589cd829c5fcb021a2a92d436073eac.tar.xz pki-2f730b62e589cd829c5fcb021a2a92d436073eac.zip