Fixed validity duration options for cert-find.

The cert-find command has been fixed to show better error messages on missing validity duration options. The validity duration unit has been changed to take "day", "week", "month", or "year" and convert it into milliseconds. Ticket #291, #500
author: Endi Sukma Dewata <edewata@redhat.com> 2013-02-06 20:04:06 -0500
committer: Endi Sukma Dewata <edewata@redhat.com> 2013-02-07 10:42:25 -0500
commit: e4c376b34bae5692a5aebe2c80a38c858d7f5a31 (patch)
tree: cfb0a4c0569ff1046c18a1a203febf218e03eada
parent: c232ca016f042b46ecd60449207a8109b6c71a44 (diff)
download: pki-e4c376b34bae5692a5aebe2c80a38c858d7f5a31.tar.gz
pki-e4c376b34bae5692a5aebe2c80a38c858d7f5a31.tar.xz
pki-e4c376b34bae5692a5aebe2c80a38c858d7f5a31.zip
3 files changed, 66 insertions, 33 deletions
diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
index 21ceaeee0..7939a02b4 100644
--- a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
+++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
@@ -134,10 +134,10 @@ public class CertSearchRequest {
     protected String validityOperation;
 
     @XmlElement
-    protected String validityCount;
+    protected Integer validityCount;
 
     @XmlElement
-    protected String validityUnit;
+    protected Long validityUnit;
 
     // Cert Type
 
@@ -478,19 +478,19 @@ public class CertSearchRequest {
         this.validityOperation = validityOperation;
     }
 
-    public String getValidityUnit() {
+    public Long getValidityUnit() {
         return validityUnit;
     }
 
-    public void setValidityUnit(String validityUnit) {
+    public void setValidityUnit(Long validityUnit) {
         this.validityUnit = validityUnit;
     }
 
-    public String getValidityCount() {
+    public Integer getValidityCount() {
         return validityCount;
     }
 
-    public void setValidityCount(String validityCount) {
+    public void setValidityCount(Integer validityCount) {
         this.validityCount = validityCount;
     }
 
diff --git a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
index 86459a750..b8e32295a 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
@@ -22,6 +22,7 @@ import java.util.Calendar;
 import java.util.StringTokenizer;
 
 import com.netscape.certsrv.cert.CertSearchRequest;
+import com.netscape.certsrv.dbs.certdb.ICertRecord;
 import com.netscape.cmsutil.ldap.LDAPUtil;
 
 /**
@@ -105,7 +106,7 @@ public class FilterBuilder {
         buildAVAFilter(request.getCountry(), "C", lf, matchStr);
 
         if (lf.length() == 0) {
-            filter.append("(x509cert.subject=*)");
+            filter.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*)");
             return;
         }
         if (matchStr != null && matchStr.equals(MATCH_EXACTLY)) {
@@ -206,8 +207,8 @@ public class FilterBuilder {
         if (!request.getValidNotBeforeInUse()) {
             return;
         }
-        buildDateFilter(request.getValidNotBeforeFrom(), "x509cert.notBefore>=", 0, filter);
-        buildDateFilter(request.getValidNotBeforeTo(), "x509cert.notBefore<=", 86399999, filter);
+        buildDateFilter(request.getValidNotBeforeFrom(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+">=", 0, filter);
+        buildDateFilter(request.getValidNotBeforeTo(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+"<=", 86399999, filter);
 
     }
 
@@ -215,8 +216,8 @@ public class FilterBuilder {
         if (!request.getValidNotAfterInUse()) {
             return;
         }
-        buildDateFilter(request.getValidNotAfterFrom(), "x509cert.notAfter>=", 0, filter);
-        buildDateFilter(request.getValidNotAfterTo(), "x509cert.notAfter<=", 86399999, filter);
+        buildDateFilter(request.getValidNotAfterFrom(), ICertRecord.ATTR_X509CERT_NOT_AFTER+">=", 0, filter);
+        buildDateFilter(request.getValidNotAfterTo(), ICertRecord.ATTR_X509CERT_NOT_AFTER+"<=", 86399999, filter);
 
     }
 
@@ -224,21 +225,13 @@ public class FilterBuilder {
         if (!request.getValidityLengthInUse()) {
             return;
         }
+
         String op = request.getValidityOperation();
-        long count = 0;
-        try {
-            count = Long.parseLong(request.getValidityCount());
-        } catch (NumberFormatException e) {
-            // safely ignore
-        }
-        long unit = 0;
-        try {
-            unit = Long.parseLong(request.getValidityUnit());
-        } catch (NumberFormatException e) {
-            // safely ignore
-        }
+        Integer count = request.getValidityCount();
+        Long unit = request.getValidityUnit();
+
         filter.append("(");
-        filter.append("x509cert.duration");
+        filter.append(ICertRecord.ATTR_X509CERT_DURATION);
         filter.append(LDAPUtil.escapeFilter(op));
         filter.append(count * unit);
         filter.append(")");
@@ -302,19 +295,19 @@ public class FilterBuilder {
         if (param != null && !param.equals("")) {
             if (match != null && match.equals(MATCH_EXACTLY)) {
                 lf.append("(|");
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(",*)");
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(")");
                 lf.append(")");
             } else {
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append("*");
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
index 0b8d298ff..466a8412a 100644
--- a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
@@ -265,17 +265,36 @@ public class CertFindCLI extends CLI {
         options.addOption(option);
 
         //validityLengthinUse
-        option = new Option(null, "validityOperation", true, "Validity operation: \"<=\" or \">=\"");
+        option = new Option(null, "validityOperation", true, "Validity duration operation: \"<=\" or \">=\"");
         option.setArgName("operation");
         options.addOption(option);
-        option = new Option(null, "validityCount", true, "Validity count");
+        option = new Option(null, "validityCount", true, "Validity duration count");
         option.setArgName("count");
         options.addOption(option);
-        option = new Option(null, "validityUnit", true, "Validity unit");
-        option.setArgName("milliseconds");
+        option = new Option(null, "validityUnit", true, "Validity duration unit: day, week, month (default), year");
+        option.setArgName("day|week|month|year");
         options.addOption(option);
     }
 
+    public Long convertValidityDurationUnit(String unit) {
+
+        if (unit.equalsIgnoreCase("day")) {
+            return 86400000l;
+
+        } else if (unit.equalsIgnoreCase("week")) {
+            return 604800000l;
+
+        } else if (unit.equalsIgnoreCase("month")) {
+            return 2592000000l;
+
+        } else if (unit.equalsIgnoreCase("year")) {
+            return 31536000000l;
+
+        } else {
+            throw new Error("Invalid validity duration unit: "+unit);
+        }
+    }
+
     public void addSearchAttribute(CommandLine cmd, CertSearchRequest csd)
             throws java.text.ParseException {
 
@@ -394,18 +413,39 @@ public class CertFindCLI extends CLI {
             Date date = dateFormat.parse(cmd.getOptionValue("validNotAfterTo"));
             csd.setValidNotAfterTo(""+date.getTime());
         }
+
         if (cmd.hasOption("validityOperation")) {
             csd.setValidityLengthInUse(true);
             csd.setValidityOperation(cmd.getOptionValue("validityOperation"));
         }
+
         if (cmd.hasOption("validityCount")) {
             csd.setValidityLengthInUse(true);
-            csd.setValidityCount(cmd.getOptionValue("validityCount"));
+            String count = cmd.getOptionValue("validityCount");
+            csd.setValidityCount(Integer.parseInt(count));
         }
+
         if (cmd.hasOption("validityUnit")) {
             csd.setValidityLengthInUse(true);
-            csd.setValidityUnit(cmd.getOptionValue("validityUnit"));
+            String unit = cmd.getOptionValue("validityUnit");
+            Long value = convertValidityDurationUnit(unit);
+            csd.setValidityUnit(value);
         }
 
+        if (csd.getValidityLengthInUse()) {
+
+            if (csd.getValidityOperation() == null) {
+                throw new Error("Mising validity duration operation");
+            }
+
+            if (csd.getValidityCount() == null) {
+                throw new Error("Mising validity duration count");
+            }
+
+            if (csd.getValidityUnit() == null) {
+                Long value = convertValidityDurationUnit("month");
+                csd.setValidityUnit(value);
+            }
+        }
     }
 }
author	Endi Sukma Dewata <edewata@redhat.com>	2013-02-06 20:04:06 -0500
committer	Endi Sukma Dewata <edewata@redhat.com>	2013-02-07 10:42:25 -0500
commit	e4c376b34bae5692a5aebe2c80a38c858d7f5a31 (patch)
tree	cfb0a4c0569ff1046c18a1a203febf218e03eada
parent	c232ca016f042b46ecd60449207a8109b6c71a44 (diff)
download	pki-e4c376b34bae5692a5aebe2c80a38c858d7f5a31.tar.gz pki-e4c376b34bae5692a5aebe2c80a38c858d7f5a31.tar.xz pki-e4c376b34bae5692a5aebe2c80a38c858d7f5a31.zip