Added method to modify connector

Also changed permissions to allow admin users to delete a connector
and its associated shared secret.

3 files changed, 58 insertions, 3 deletions

diff --git a/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java b/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java
index fa5ae4f2d..d2009d6cf 100644
--- a/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java
+++ b/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java
@@ -44,6 +44,13 @@ public class TPSConnectorClient extends Client {
         return client.getEntity(response);
     }
 
+    public TPSConnectorData modifyConnector(String id, TPSConnectorData data) {
+        @SuppressWarnings("unchecked")
+        ClientResponse<TPSConnectorData> response = (ClientResponse<TPSConnectorData>)
+                tpsConnectorClient.modifyConnector(id, data);
+        return client.getEntity(response);
+    }
+
     public void deleteConnector(String id) {
         tpsConnectorClient.deleteConnector(id);
     }
diff --git a/base/common/src/com/netscape/certsrv/system/TPSConnectorResource.java b/base/common/src/com/netscape/certsrv/system/TPSConnectorResource.java
index 54519f0ff..e10e132da 100644
--- a/base/common/src/com/netscape/certsrv/system/TPSConnectorResource.java
+++ b/base/common/src/com/netscape/certsrv/system/TPSConnectorResource.java
@@ -17,6 +17,7 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.system;
 
+import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
@@ -61,6 +62,13 @@ public interface TPSConnectorResource {
     public Response createConnector(@QueryParam("host") String host,
             @QueryParam("port") String port);
 
+    @POST
+    @Path("{id}")
+    @ClientResponseType(entityType=TPSConnectorData.class)
+    @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    public Response modifyConnector(@PathParam("id") String id, TPSConnectorData data);
+
     @DELETE
     @Path("{id}")
     public void deleteConnector(@PathParam("id") String id);
diff --git a/base/common/src/com/netscape/cms/servlet/tks/TPSConnectorService.java b/base/common/src/com/netscape/cms/servlet/tks/TPSConnectorService.java
index 765973e3f..ad00b050a 100644
--- a/base/common/src/com/netscape/cms/servlet/tks/TPSConnectorService.java
+++ b/base/common/src/com/netscape/cms/servlet/tks/TPSConnectorService.java
@@ -137,8 +137,45 @@ public class TPSConnectorService implements TPSConnectorResource {
                     .build();
 
         } catch (EBaseException e) {
+            CMS.debug("Unable to create new TPS Connector: " + e);
             e.printStackTrace();
-            throw new PKIException("Unable to create  new TPS connection data" + e);
+            throw new PKIException("Unable to create  new TPS connector: " + e);
+        }
+    }
+
+    @Override
+    public Response modifyConnector(String id, TPSConnectorData data) {
+        try {
+            if (id == null) {
+                throw new BadRequestException("Invalid connector ID");
+            }
+
+            if (!connectorExists(id)) {
+                throw new ResourceNotFoundException("TPS connection does not exist");
+            }
+
+            // Note: we are deliberately NOT allowing the userid to be modified by the
+            // admin here, because this is what maps to a user cert to retrieve the shared
+            // secret
+            if ((data.getUserID() != null) || (data.getNickname() != null)) {
+                throw new UnauthorizedException("Cannot change userid or nickname using this interface");
+            }
+            TPSConnectorData curData = getConnector(id);
+            curData.setHost(data.getHost());
+            curData.setPort(data.getPort());
+
+            saveClientData(curData);
+            cs.commit(true);
+
+            return Response
+                    .ok(curData.getLink().getHref())
+                    .entity(curData)
+                    .type(MediaType.APPLICATION_XML)
+                    .build();
+        } catch (EBaseException e) {
+            CMS.debug("Unable to modify TPS Connector: " + e);
+            e.printStackTrace();
+            throw new PKIException("Unable to modify TPS Connector: " + e);
         }
     }
 
@@ -287,8 +324,11 @@ public class TPSConnectorService implements TPSConnectorResource {
                 return;
             }
 
-            // get and validate user
-            String userid = validateUser(id);
+            // get user
+            String userid = cs.getString("tps." + id + ".userid", "");
+            if (userid.isEmpty()) {
+                throw new PKIException("Bad TPS connection configuration: userid not defined");
+            }
 
             String nickname = userid + " sharedSecret";
             if (!CryptoUtil.sharedSecretExists(nickname)) {