Fixed validity duration options for cert-find.ticket-503

The cert-find command has been fixed to show better error messages on missing validity duration options. The validity duration unit has been changed to take "day", "week", "month", or "year" and convert it into milliseconds. Ticket #291, #500
author: Endi Sukma Dewata <edewata@redhat.com> 2013-02-06 20:04:06 -0500
committer: Endi Sukma Dewata <edewata@redhat.com> 2013-02-06 20:08:08 -0500
commit: b4530fdf0b7355a97c2131614810648276233a78 (patch)
tree: 171fda6bd03f969c32e363e80172f9f8135b482e
parent: 7de94ec405d633bc6bf9343ac18d86aba5da9ebe (diff)
download: pki-b4530fdf0b7355a97c2131614810648276233a78.tar.gz
pki-b4530fdf0b7355a97c2131614810648276233a78.tar.xz
pki-b4530fdf0b7355a97c2131614810648276233a78.zip
3 files changed, 66 insertions, 33 deletions
diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
index 21ceaeee0..7939a02b4 100644
--- a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
+++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
@@ -134,10 +134,10 @@ public class CertSearchRequest {
     protected String validityOperation;
 
     @XmlElement
-    protected String validityCount;
+    protected Integer validityCount;
 
     @XmlElement
-    protected String validityUnit;
+    protected Long validityUnit;
 
     // Cert Type
 
@@ -478,19 +478,19 @@ public class CertSearchRequest {
         this.validityOperation = validityOperation;
     }
 
-    public String getValidityUnit() {
+    public Long getValidityUnit() {
         return validityUnit;
     }
 
-    public void setValidityUnit(String validityUnit) {
+    public void setValidityUnit(Long validityUnit) {
         this.validityUnit = validityUnit;
     }
 
-    public String getValidityCount() {
+    public Integer getValidityCount() {
         return validityCount;
     }
 
-    public void setValidityCount(String validityCount) {
+    public void setValidityCount(Integer validityCount) {
         this.validityCount = validityCount;
     }
 
diff --git a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
index 86459a750..b8e32295a 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
@@ -22,6 +22,7 @@ import java.util.Calendar;
 import java.util.StringTokenizer;
 
 import com.netscape.certsrv.cert.CertSearchRequest;
+import com.netscape.certsrv.dbs.certdb.ICertRecord;
 import com.netscape.cmsutil.ldap.LDAPUtil;
 
 /**
@@ -105,7 +106,7 @@ public class FilterBuilder {
         buildAVAFilter(request.getCountry(), "C", lf, matchStr);
 
         if (lf.length() == 0) {
-            filter.append("(x509cert.subject=*)");
+            filter.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*)");
             return;
         }
         if (matchStr != null && matchStr.equals(MATCH_EXACTLY)) {
@@ -206,8 +207,8 @@ public class FilterBuilder {
         if (!request.getValidNotBeforeInUse()) {
             return;
         }
-        buildDateFilter(request.getValidNotBeforeFrom(), "x509cert.notBefore>=", 0, filter);
-        buildDateFilter(request.getValidNotBeforeTo(), "x509cert.notBefore<=", 86399999, filter);
+        buildDateFilter(request.getValidNotBeforeFrom(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+">=", 0, filter);
+        buildDateFilter(request.getValidNotBeforeTo(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+"<=", 86399999, filter);
 
     }
 
@@ -215,8 +216,8 @@ public class FilterBuilder {
         if (!request.getValidNotAfterInUse()) {
             return;
         }
-        buildDateFilter(request.getValidNotAfterFrom(), "x509cert.notAfter>=", 0, filter);
-        buildDateFilter(request.getValidNotAfterTo(), "x509cert.notAfter<=", 86399999, filter);
+        buildDateFilter(request.getValidNotAfterFrom(), ICertRecord.ATTR_X509CERT_NOT_AFTER+">=", 0, filter);
+        buildDateFilter(request.getValidNotAfterTo(), ICertRecord.ATTR_X509CERT_NOT_AFTER+"<=", 86399999, filter);
 
     }
 
@@ -224,21 +225,13 @@ public class FilterBuilder {
         if (!request.getValidityLengthInUse()) {
             return;
         }
+
         String op = request.getValidityOperation();
-        long count = 0;
-        try {
-            count = Long.parseLong(request.getValidityCount());
-        } catch (NumberFormatException e) {
-            // safely ignore
-        }
-        long unit = 0;
-        try {
-            unit = Long.parseLong(request.getValidityUnit());
-        } catch (NumberFormatException e) {
-            // safely ignore
-        }
+        Integer count = request.getValidityCount();
+        Long unit = request.getValidityUnit();
+
         filter.append("(");
-        filter.append("x509cert.duration");
+        filter.append(ICertRecord.ATTR_X509CERT_DURATION);
         filter.append(LDAPUtil.escapeFilter(op));
         filter.append(count * unit);
         filter.append(")");
@@ -302,19 +295,19 @@ public class FilterBuilder {
         if (param != null && !param.equals("")) {
             if (match != null && match.equals(MATCH_EXACTLY)) {
                 lf.append("(|");
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(",*)");
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(")");
                 lf.append(")");
             } else {
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append("*");
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
index 9107a574b..e4f741bcf 100644
--- a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
@@ -263,17 +263,36 @@ public class CertFindCLI extends CLI {
         options.addOption(option);
 
         //validityLengthinUse
-        option = new Option(null, "validityOperation", true, "Validity operation: \"<=\" or \">=\"");
+        option = new Option(null, "validityOperation", true, "Validity duration operation: \"<=\" or \">=\"");
         option.setArgName("operation");
         options.addOption(option);
-        option = new Option(null, "validityCount", true, "Validity count");
+        option = new Option(null, "validityCount", true, "Validity duration count");
         option.setArgName("count");
         options.addOption(option);
-        option = new Option(null, "validityUnit", true, "Validity unit");
-        option.setArgName("milliseconds");
+        option = new Option(null, "validityUnit", true, "Validity duration unit: day, week, month (default), year");
+        option.setArgName("day|week|month|year");
         options.addOption(option);
     }
 
+    public Long convertValidityDurationUnit(String unit) {
+
+        if (unit.equalsIgnoreCase("day")) {
+            return 86400000l;
+
+        } else if (unit.equalsIgnoreCase("week")) {
+            return 604800000l;
+
+        } else if (unit.equalsIgnoreCase("month")) {
+            return 2592000000l;
+
+        } else if (unit.equalsIgnoreCase("year")) {
+            return 31536000000l;
+
+        } else {
+            throw new Error("Invalid validity duration unit: "+unit);
+        }
+    }
+
     public void addSearchAttribute(CommandLine cmd, CertSearchRequest csd)
             throws java.text.ParseException {
 
@@ -392,18 +411,39 @@ public class CertFindCLI extends CLI {
             Date date = CertCLI.dateFormat.parse(cmd.getOptionValue("validNotAfterTo"));
             csd.setValidNotAfterTo(""+date.getTime());
         }
+
         if (cmd.hasOption("validityOperation")) {
             csd.setValidityLengthInUse(true);
             csd.setValidityOperation(cmd.getOptionValue("validityOperation"));
         }
+
         if (cmd.hasOption("validityCount")) {
             csd.setValidityLengthInUse(true);
-            csd.setValidityCount(cmd.getOptionValue("validityCount"));
+            String count = cmd.getOptionValue("validityCount");
+            csd.setValidityCount(Integer.parseInt(count));
         }
+
         if (cmd.hasOption("validityUnit")) {
             csd.setValidityLengthInUse(true);
-            csd.setValidityUnit(cmd.getOptionValue("validityUnit"));
+            String unit = cmd.getOptionValue("validityUnit");
+            Long value = convertValidityDurationUnit(unit);
+            csd.setValidityUnit(value);
         }
 
+        if (csd.getValidityLengthInUse()) {
+
+            if (csd.getValidityOperation() == null) {
+                throw new Error("Mising validity duration operation");
+            }
+
+            if (csd.getValidityCount() == null) {
+                throw new Error("Mising validity duration count");
+            }
+
+            if (csd.getValidityUnit() == null) {
+                Long value = convertValidityDurationUnit("month");
+                csd.setValidityUnit(value);
+            }
+        }
     }
 }
author	Endi Sukma Dewata <edewata@redhat.com>	2013-02-06 20:04:06 -0500
committer	Endi Sukma Dewata <edewata@redhat.com>	2013-02-06 20:08:08 -0500
commit	b4530fdf0b7355a97c2131614810648276233a78 (patch)
tree	171fda6bd03f969c32e363e80172f9f8135b482e
parent	7de94ec405d633bc6bf9343ac18d86aba5da9ebe (diff)
download	pki-b4530fdf0b7355a97c2131614810648276233a78.tar.gz pki-b4530fdf0b7355a97c2131614810648276233a78.tar.xz pki-b4530fdf0b7355a97c2131614810648276233a78.zip