Fixed validity duration options for cert-find.ticket-503

The cert-find command has been fixed to show better error messages on missing validity duration options. The validity duration unit has been changed to take "day", "week", "month", or "year" and convert it into milliseconds. Ticket #291, #500
author: Endi Sukma Dewata <edewata@redhat.com> 2013-02-06 20:04:06 -0500
committer: Endi Sukma Dewata <edewata@redhat.com> 2013-02-06 20:08:08 -0500
commit: b4530fdf0b7355a97c2131614810648276233a78 (patch)
tree: 171fda6bd03f969c32e363e80172f9f8135b482e /base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
parent: 7de94ec405d633bc6bf9343ac18d86aba5da9ebe (diff)
download: pki-ticket-503.tar.gz
pki-ticket-503.tar.xz
pki-ticket-503.zip
1 files changed, 14 insertions, 21 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
index 86459a750..b8e32295a 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
@@ -22,6 +22,7 @@ import java.util.Calendar;
 import java.util.StringTokenizer;
 
 import com.netscape.certsrv.cert.CertSearchRequest;
+import com.netscape.certsrv.dbs.certdb.ICertRecord;
 import com.netscape.cmsutil.ldap.LDAPUtil;
 
 /**
@@ -105,7 +106,7 @@ public class FilterBuilder {
         buildAVAFilter(request.getCountry(), "C", lf, matchStr);
 
         if (lf.length() == 0) {
-            filter.append("(x509cert.subject=*)");
+            filter.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*)");
             return;
         }
         if (matchStr != null && matchStr.equals(MATCH_EXACTLY)) {
@@ -206,8 +207,8 @@ public class FilterBuilder {
         if (!request.getValidNotBeforeInUse()) {
             return;
         }
-        buildDateFilter(request.getValidNotBeforeFrom(), "x509cert.notBefore>=", 0, filter);
-        buildDateFilter(request.getValidNotBeforeTo(), "x509cert.notBefore<=", 86399999, filter);
+        buildDateFilter(request.getValidNotBeforeFrom(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+">=", 0, filter);
+        buildDateFilter(request.getValidNotBeforeTo(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+"<=", 86399999, filter);
 
     }
 
@@ -215,8 +216,8 @@ public class FilterBuilder {
         if (!request.getValidNotAfterInUse()) {
             return;
         }
-        buildDateFilter(request.getValidNotAfterFrom(), "x509cert.notAfter>=", 0, filter);
-        buildDateFilter(request.getValidNotAfterTo(), "x509cert.notAfter<=", 86399999, filter);
+        buildDateFilter(request.getValidNotAfterFrom(), ICertRecord.ATTR_X509CERT_NOT_AFTER+">=", 0, filter);
+        buildDateFilter(request.getValidNotAfterTo(), ICertRecord.ATTR_X509CERT_NOT_AFTER+"<=", 86399999, filter);
 
     }
 
@@ -224,21 +225,13 @@ public class FilterBuilder {
         if (!request.getValidityLengthInUse()) {
             return;
         }
+
         String op = request.getValidityOperation();
-        long count = 0;
-        try {
-            count = Long.parseLong(request.getValidityCount());
-        } catch (NumberFormatException e) {
-            // safely ignore
-        }
-        long unit = 0;
-        try {
-            unit = Long.parseLong(request.getValidityUnit());
-        } catch (NumberFormatException e) {
-            // safely ignore
-        }
+        Integer count = request.getValidityCount();
+        Long unit = request.getValidityUnit();
+
         filter.append("(");
-        filter.append("x509cert.duration");
+        filter.append(ICertRecord.ATTR_X509CERT_DURATION);
         filter.append(LDAPUtil.escapeFilter(op));
         filter.append(count * unit);
         filter.append(")");
@@ -302,19 +295,19 @@ public class FilterBuilder {
         if (param != null && !param.equals("")) {
             if (match != null && match.equals(MATCH_EXACTLY)) {
                 lf.append("(|");
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(",*)");
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(")");
                 lf.append(")");
             } else {
-                lf.append("(x509cert.subject=*");
+                lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*");
                 lf.append(avaName);
                 lf.append("=");
                 lf.append("*");
author	Endi Sukma Dewata <edewata@redhat.com>	2013-02-06 20:04:06 -0500
committer	Endi Sukma Dewata <edewata@redhat.com>	2013-02-06 20:08:08 -0500
commit	b4530fdf0b7355a97c2131614810648276233a78 (patch)
tree	171fda6bd03f969c32e363e80172f9f8135b482e /base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java
parent	7de94ec405d633bc6bf9343ac18d86aba5da9ebe (diff)
download	pki-ticket-503.tar.gz pki-ticket-503.tar.xz pki-ticket-503.zip