diff options
12 files changed, 160 insertions, 70 deletions
diff --git a/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java b/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java index 32a56b3d4..a62e71cf8 100644 --- a/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java +++ b/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java @@ -60,6 +60,11 @@ public class TokenClient extends Client { return client.getEntity(response, TokenData.class); } + public TokenData changeTokenStatus(String tokenID, TokenStatus tokenStatus) { + Response response = resource.changeTokenStatus(tokenID, tokenStatus); + return client.getEntity(response, TokenData.class); + } + public void removeToken(String tokenID) { Response response = resource.removeToken(tokenID); client.getEntity(response, Void.class); diff --git a/base/common/src/com/netscape/certsrv/tps/token/TokenData.java b/base/common/src/com/netscape/certsrv/tps/token/TokenData.java index 235e86fea..9947bf658 100644 --- a/base/common/src/com/netscape/certsrv/tps/token/TokenData.java +++ b/base/common/src/com/netscape/certsrv/tps/token/TokenData.java @@ -20,6 +20,7 @@ package com.netscape.certsrv.tps.token; import java.io.StringReader; import java.io.StringWriter; +import java.util.Collection; import java.util.Date; import javax.xml.bind.JAXBContext; @@ -54,7 +55,10 @@ public class TokenData { String tokenID; String userID; String type; + TokenStatus status; + Collection<TokenStatus> nextStates; + String appletID; String keyInfo; String policy; @@ -108,6 +112,15 @@ public class TokenData { this.status = status; } + @XmlElement(name="NextStates") + public Collection<TokenStatus> getNextStates() { + return nextStates; + } + + public void setNextStates(Collection<TokenStatus> nextStates) { + this.nextStates = nextStates; + } + @XmlElement(name="AppletID") public String getAppletID() { return appletID; @@ -172,6 +185,7 @@ public class TokenData { result = prime * result + ((keyInfo == null) ? 0 : keyInfo.hashCode()); result = prime * result + ((link == null) ? 0 : link.hashCode()); result = prime * result + ((modifyTimestamp == null) ? 0 : modifyTimestamp.hashCode()); + result = prime * result + ((nextStates == null) ? 0 : nextStates.hashCode()); result = prime * result + ((policy == null) ? 0 : policy.hashCode()); result = prime * result + ((status == null) ? 0 : status.hashCode()); result = prime * result + ((tokenID == null) ? 0 : tokenID.hashCode()); @@ -219,6 +233,11 @@ public class TokenData { return false; } else if (!modifyTimestamp.equals(other.modifyTimestamp)) return false; + if (nextStates == null) { + if (other.nextStates != null) + return false; + } else if (!nextStates.equals(other.nextStates)) + return false; if (policy == null) { if (other.policy != null) return false; diff --git a/base/java-tools/src/com/netscape/cmstools/tps/token/TokenCLI.java b/base/java-tools/src/com/netscape/cmstools/tps/token/TokenCLI.java index e7dd6a308..328490a49 100644 --- a/base/java-tools/src/com/netscape/cmstools/tps/token/TokenCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/tps/token/TokenCLI.java @@ -18,6 +18,7 @@ package com.netscape.cmstools.tps.token; +import org.apache.commons.lang.StringUtils; import org.jboss.resteasy.plugins.providers.atom.Link; import com.netscape.certsrv.tps.token.TokenClient; @@ -54,6 +55,7 @@ public class TokenCLI extends CLI { if (token.getUserID() != null) System.out.println(" User ID: " + token.getUserID()); if (token.getType() != null) System.out.println(" Type: " + token.getType()); if (token.getStatus() != null) System.out.println(" Status: " + token.getStatus()); + if (token.getNextStates() != null) System.out.println(" Next States: " + StringUtils.join(token.getNextStates(), ", ")); if (token.getAppletID() != null) System.out.println(" Applet ID: " + token.getAppletID()); if (token.getKeyInfo() != null) System.out.println(" Key Info: " + token.getKeyInfo()); if (token.getPolicy() != null) System.out.println(" Policy: " + token.getPolicy()); diff --git a/base/java-tools/src/com/netscape/cmstools/tps/token/TokenModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/tps/token/TokenModifyCLI.java index 38e9fb00d..071d15000 100644 --- a/base/java-tools/src/com/netscape/cmstools/tps/token/TokenModifyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/tps/token/TokenModifyCLI.java @@ -24,6 +24,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.tps.token.TokenData; +import com.netscape.certsrv.tps.token.TokenStatus; import com.netscape.cmstools.cli.CLI; import com.netscape.cmstools.cli.MainCLI; @@ -65,6 +66,10 @@ public class TokenModifyCLI extends CLI { option = new Option(null, "policy", true, "Policy"); option.setArgName("Policy"); options.addOption(option); + + option = new Option(null, "status", true, "Status"); + option.setArgName("Status"); + options.addOption(option); } public void execute(String[] args) throws Exception { @@ -94,17 +99,56 @@ public class TokenModifyCLI extends CLI { System.exit(-1); } - String tokenID = cmdArgs[0]; - TokenData tokenData = new TokenData(); + boolean modify = false; + + String tokenID = cmdArgs[0]; tokenData.setID(tokenID); - tokenData.setUserID(cmd.getOptionValue("user")); - tokenData.setType(cmd.getOptionValue("type")); - tokenData.setAppletID(cmd.getOptionValue("applet")); - tokenData.setKeyInfo(cmd.getOptionValue("key-info")); - tokenData.setPolicy(cmd.getOptionValue("policy")); - tokenData = tokenCLI.tokenClient.modifyToken(tokenID, tokenData); + String userID = cmd.getOptionValue("user"); + if (userID != null) { + tokenData.setUserID(userID); + modify = true; + } + + String type = cmd.getOptionValue("type"); + if (type != null) { + tokenData.setType(type); + modify = true; + } + + String appletID = cmd.getOptionValue("applet"); + if (appletID != null) { + tokenData.setAppletID(appletID); + modify = true; + } + + String keyInfo = cmd.getOptionValue("key-info"); + if (keyInfo != null) { + tokenData.setKeyInfo(keyInfo); + modify = true; + } + + String policy = cmd.getOptionValue("policy"); + if (policy != null) { + tokenData.setPolicy(policy); + modify = true; + } + + if (modify) { + tokenData = tokenCLI.tokenClient.modifyToken(tokenID, tokenData); + } + + String status = cmd.getOptionValue("status"); + if (status != null) { + tokenData = tokenCLI.tokenClient.changeTokenStatus(tokenID, TokenStatus.valueOf(status)); + } + + if (!modify && status == null) { + System.err.println("Error: No modifications specified."); + printHelp(); + System.exit(-1); + } MainCLI.printMessage("Modified token \"" + tokenID + "\""); diff --git a/base/tps-client/doc/CS.cfg.in b/base/tps-client/doc/CS.cfg.in index d5c0f312e..ddfab8824 100644 --- a/base/tps-client/doc/CS.cfg.in +++ b/base/tps-client/doc/CS.cfg.in @@ -1482,13 +1482,13 @@ tokendb._064=# is set to YES. Otherwise, re-enrollment is not tokendb._065=# allowed. tokendb._066=# tokendb.allowedTransitions: tokendb._067=# - has transitions between the following states -tokendb._068=# TOKEN_UNINITIALIZED = 0, -tokendb._069=# TOKEN_DAMAGED =1, -tokendb._070=# TOKEN_PERM_LOST=2, -tokendb._071=# TOKEN_TEMP_LOST=3, -tokendb._072=# TOKEN_FOUND =4, -tokendb._073=# TOKEN_TEMP_LOST_PERM_LOST =5, -tokendb._074=# TOKEN_TERMINATED = 6 +tokendb._068=# UNINITIALIZED = 0, +tokendb._069=# DAMAGED = 1, +tokendb._070=# PERM_LOST = 2, +tokendb._071=# TEMP_LOST = 3, +tokendb._072=# ACTIVE = 4, +tokendb._073=# TEMP_LOST_PERM_LOST = 5, +tokendb._074=# TERMINATED = 6 tokendb._075=######################################### tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT] @@ -1545,7 +1545,7 @@ tokendb.confirmDeleteConfigTemplate=confirmDeleteConfig.template log.instance.SignedAudit.selected.events=ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL log.instance.SignedAudit.selectable.events=ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE,PRIVATE_KEY_ARCHIVE_PROCESSED,KEY_RECOVERY_REQUEST,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_PROCESSED,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL log.instance.SignedAudit.nonselectable.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_PROCESSED,SERVER_SIDE_KEYGEN_REQUEST -tokendb.allowedTransitions=0:1,0:2,0:3,0:4,0:5,0:6,3:4,3:5,3:6,4:1,4:2,4:3,4:6 +tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:4,3:6,4:1,4:2,4:3,4:6 target._000=######################################### target._001=# entries to enable configuration of parameter sets through the TPS UI agent and admin tabs target._002=# @@ -1592,14 +1592,14 @@ tps._005=# tps.cert.subsystem.nickname=xxx tps._007=# tps.cert.audit_signing.nickname=xxx tps._008=# operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states -tps._010=# TOKEN_UNINITIALIZED = 0, -tps._011=# TOKEN_DAMAGED =1, -tps._012=# TOKEN_PERM_LOST=2, -tps._013=# TOKEN_TEMP_LOST=3, -tps._014=# TOKEN_FOUND =4, -tps._015=# TOKEN_TEMP_LOST_PERM_LOST =5, -tps._016=# TOKEN_TERMINATED = 6 -tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:6,6:0 +tps._010=# UNINITIALIZED = 0, +tps._011=# DAMAGED = 1, +tps._012=# PERM_LOST = 2, +tps._013=# TEMP_LOST =3 , +tps._014=# ACTIVE = 4, +tps._015=# TEMP_LOST_PERM_LOST = 5, +tps._016=# TERMINATED = 6 +tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:4,4:6,6:0 tps._018=######################################## tps.operations.allowedTransitions=0:0,0:4,4:0 tps.cert.list=sslserver,subsystem,audit_signing diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in index 48fd8fe43..82801f2fb 100644 --- a/base/tps/shared/conf/CS.cfg.in +++ b/base/tps/shared/conf/CS.cfg.in @@ -1954,20 +1954,20 @@ tokendb._064=# is set to YES. Otherwise, re-enrollment is not tokendb._065=# allowed. tokendb._066=# tokendb.allowedTransitions: tokendb._067=# - has transitions between the following states -tokendb._068=# TOKEN_UNINITIALIZED = 0, -tokendb._069=# TOKEN_DAMAGED =1, -tokendb._070=# TOKEN_PERM_LOST=2, -tokendb._071=# TOKEN_TEMP_LOST=3, -tokendb._072=# TOKEN_FOUND =4, -tokendb._073=# TOKEN_TEMP_LOST_PERM_LOST =5, -tokendb._074=# TOKEN_TERMINATED = 6 +tokendb._068=# UNINITIALIZED = 0, +tokendb._069=# DAMAGED = 1, +tokendb._070=# PERM_LOST = 2, +tokendb._071=# TEMP_LOST = 3, +tokendb._072=# ACTIVE = 4, +tokendb._073=# TEMP_LOST_PERM_LOST = 5, +tokendb._074=# TERMINATED = 6 tokendb._075=######################################### tokendb.activityBaseDN=ou=Activities,[TOKENDB_ROOT] tokendb.addConfigTemplate=addConfig.template tokendb.addResultTemplate=addResults.template tokendb.agentSelectConfigTemplate=agentSelectConfig.template tokendb.agentViewConfigTemplate=agentViewConfig.template -tokendb.allowedTransitions=0:1,0:2,0:3,0:4,0:5,0:6,3:4,3:5,3:6,4:1,4:2,4:3,4:6 +tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:4,3:6,4:1,4:2,4:3,4:6 tokendb.auditAdminTemplate=auditAdmin.template tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log tokendb.baseDN=ou=Tokens,[TOKENDB_ROOT] @@ -2023,14 +2023,14 @@ tps._005=# tps.cert.subsystem.nickname=xxx tps._007=# tps.cert.audit_signing.nickname=xxx tps._008=# operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states -tps._010=# TOKEN_UNINITIALIZED = 0, -tps._011=# TOKEN_DAMAGED =1, -tps._012=# TOKEN_PERM_LOST=2, -tps._013=# TOKEN_TEMP_LOST=3, -tps._014=# TOKEN_FOUND =4, -tps._015=# TOKEN_TEMP_LOST_PERM_LOST =5, -tps._016=# TOKEN_TERMINATED = 6 -tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:6,6:0 +tps._010=# UNINITIALIZED = 0, +tps._011=# DAMAGED = 1, +tps._012=# PERM_LOST = 2, +tps._013=# TEMP_LOST = 3, +tps._014=# ACTIVE = 4, +tps._015=# TEMP_LOST_PERM_LOST = 5, +tps._016=# TERMINATED = 6 +tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:4,4:6,6:0 tps._018=######################################## tps.cert.audit_signing.certusage=ObjectSigner tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME] diff --git a/base/tps/shared/webapps/tps/js/token.js b/base/tps/shared/webapps/tps/js/token.js index f4d2d8a78..1a4267f72 100644 --- a/base/tps/shared/webapps/tps/js/token.js +++ b/base/tps/shared/webapps/tps/js/token.js @@ -25,6 +25,7 @@ var TokenStatus = { TEMP_LOST: "Temporarily lost", PERM_LOST: "Permanently lost", DAMAGED: "Physically damaged", + TEMP_LOST_PERM_LOST: "Temporarily lost then permanently lost", TERMINATED: "Terminated" }; @@ -38,6 +39,7 @@ var TokenModel = Model.extend({ type: response.Type, status: response.Status, statusLabel: TokenStatus[response.Status], + nextStates: response.NextStates, appletID: response.AppletID, keyInfo: response.KeyInfo, policy: response.Policy, @@ -91,6 +93,7 @@ var TokenCollection = Collection.extend({ type: entry.Type, status: entry.Status, statusLabel: TokenStatus[entry.Status], + nextStates: entry.NextStates, appletID: entry.AppletID, keyInfo: entry.KeyInfo, policy: entry.Policy, @@ -100,6 +103,35 @@ var TokenCollection = Collection.extend({ } }); +var TokenDialog = Dialog.extend({ + loadField: function(input) { + var self = this; + + var name = input.attr("name"); + if (name != "status") { + TokenDialog.__super__.loadField.call(self, input); + return; + } + + var select = input.empty(); + var status = self.entry["status"]; + + $('<option/>', { + text: TokenStatus[status], + value: status, + selected: true + }).appendTo(select); + + var nextStates = self.entry["nextStates"]; + _.each(nextStates, function(nextState) { + $('<option/>', { + text: TokenStatus[nextState], + value: nextState + }).appendTo(select); + }); + } +}); + var TokenPage = EntryPage.extend({ initialize: function(options) { var self = this; @@ -116,7 +148,7 @@ var TokenPage = EntryPage.extend({ e.preventDefault(); - var dialog = new Dialog({ + var dialog = new TokenDialog({ el: $("#token-status-dialog"), title: "Change Token Status", readonly: ["tokenID"], @@ -198,7 +230,7 @@ var TokenTableItem = TableItem.extend({ var model = self.table.collection.get(self.entry.id); - var dialog = new Dialog({ + var dialog = new TokenDialog({ el: $("#token-status-dialog"), title: "Change Token Status", readonly: ["tokenID", "userID", "type", diff --git a/base/tps/shared/webapps/tps/ui/token.html b/base/tps/shared/webapps/tps/ui/token.html index ad681e9a0..90b9c72a5 100644 --- a/base/tps/shared/webapps/tps/ui/token.html +++ b/base/tps/shared/webapps/tps/ui/token.html @@ -79,12 +79,6 @@ <input name="tokenID" readonly="readonly"><br> <label>Status</label> <select name="status"> - <option value="UNINITIALIZED">Uninitialized</option> - <option value="ACTIVE">Active</option> - <option value="TEMP_LOST">Temporarily lost</option> - <option value="PERM_LOST">Permanently lost</option> - <option value="DAMAGED">Physically damaged</option> - <option value="TERMINATED">Terminated</option> </select><br> </fieldset> </div> diff --git a/base/tps/shared/webapps/tps/ui/tokens.html b/base/tps/shared/webapps/tps/ui/tokens.html index 06d4fdf2a..42a93cd93 100644 --- a/base/tps/shared/webapps/tps/ui/tokens.html +++ b/base/tps/shared/webapps/tps/ui/tokens.html @@ -107,12 +107,6 @@ <input name="type" readonly="readonly"><br> <label>Status</label> <select name="status"> - <option value="UNINITIALIZED">Uninitialized</option> - <option value="ACTIVE">Active</option> - <option value="TEMP_LOST">Temporarily lost</option> - <option value="PERM_LOST">Permanently lost</option> - <option value="DAMAGED">Physically damaged</option> - <option value="TERMINATED">Terminated</option> </select><br> <label>Applet ID</label> <input name="appletID" readonly="readonly"><br> diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java index 980fe2d01..5a53ff7a5 100644 --- a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java +++ b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java @@ -26,13 +26,12 @@ import java.util.HashSet; import java.util.Iterator; import java.util.Map; -import netscape.security.x509.RevocationReason; - import org.dogtagpki.server.tps.cms.CARemoteRequestHandler; import org.dogtagpki.server.tps.cms.CARevokeCertResponse; import org.dogtagpki.server.tps.dbs.ActivityDatabase; import org.dogtagpki.server.tps.dbs.TPSCertRecord; import org.dogtagpki.server.tps.dbs.TokenRecord; +import org.dogtagpki.server.tps.engine.TPSEngine; import org.dogtagpki.server.tps.main.ExternalRegAttrs; import org.dogtagpki.server.tps.main.ExternalRegCertToRecover; import org.dogtagpki.tps.main.TPSException; @@ -43,6 +42,8 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.tps.token.TokenStatus; +import netscape.security.x509.RevocationReason; + /* * TPSTokendb class offers a collection of tokendb management convenience routines */ @@ -73,7 +74,7 @@ public class TPSTokendb { // load allowed token state transitions CMS.debug("TPSTokendbs: allowed transitions:"); - for (String transition : configStore.getString("tokendb.allowedTransitions").split(",")) { + for (String transition : configStore.getString(TPSEngine.CFG_TOKENDB_ALLOWED_TRANSITIONS).split(",")) { String states[] = transition.split(":"); TokenStatus fromState = TokenStatus.fromInt(Integer.valueOf(states[0])); TokenStatus toState = TokenStatus.fromInt(Integer.valueOf(states[1])); diff --git a/base/tps/src/org/dogtagpki/server/tps/engine/TPSEngine.java b/base/tps/src/org/dogtagpki/server/tps/engine/TPSEngine.java index a218a7b4f..32dd7a200 100644 --- a/base/tps/src/org/dogtagpki/server/tps/engine/TPSEngine.java +++ b/base/tps/src/org/dogtagpki/server/tps/engine/TPSEngine.java @@ -194,7 +194,6 @@ public class TPSEngine { public static final String ENROLL_MODE_ENROLLMENT = ENROLL_OP; public static final String ENROLL_MODE_RECOVERY = RECOVERY_OP; public static final String ERNOLL_MODE_RENEWAL = RENEWAL_OP; - private static final String CFG_OPERATIONS_TRANSITIONS = "tps.operations.allowedTransitions"; private static String transitionList; @@ -598,7 +597,7 @@ public class TPSEngine { IConfigStore configStore = CMS.getConfigStore(); - String transConfig = CFG_OPERATIONS_TRANSITIONS; + String transConfig = CFG_OPERATIONS_ALLOWED_TRANSITIONS; CMS.debug("TPSEngine.isOperationTransistionAllowed: getting config: " + transConfig); try { diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java index b67922e48..a504d3c33 100644 --- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java +++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java @@ -38,6 +38,7 @@ import org.dogtagpki.server.tps.TPSSubsystem; import org.dogtagpki.server.tps.dbs.ActivityDatabase; import org.dogtagpki.server.tps.dbs.TokenDatabase; import org.dogtagpki.server.tps.dbs.TokenRecord; +import org.dogtagpki.server.tps.engine.TPSEngine; import org.jboss.resteasy.plugins.providers.atom.Link; import com.netscape.certsrv.apps.CMS; @@ -76,7 +77,7 @@ public class TokenService extends PKIService implements TokenResource { // load allowed token state transitions CMS.debug("TokenService: allowed transitions:"); - for (String transition : configStore.getString("tokendb.allowedTransitions").split(",")) { + for (String transition : configStore.getString(TPSEngine.CFG_TOKENDB_ALLOWED_TRANSITIONS).split(",")) { String states[] = transition.split(":"); TokenStatus fromState = TokenStatus.fromInt(Integer.valueOf(states[0])); TokenStatus toState = TokenStatus.fromInt(Integer.valueOf(states[1])); @@ -193,7 +194,11 @@ public class TokenService extends PKIService implements TokenResource { tokenData.setTokenID(tokenRecord.getId()); tokenData.setUserID(tokenRecord.getUserID()); tokenData.setType(tokenRecord.getType()); - tokenData.setStatus(getTokenStatus(tokenRecord)); + + TokenStatus currentState = getTokenStatus(tokenRecord); + tokenData.setStatus(currentState); + tokenData.setNextStates(transitions.get(currentState)); + tokenData.setAppletID(tokenRecord.getAppletID()); tokenData.setKeyInfo(tokenRecord.getKeyInfo()); tokenData.setPolicy(tokenRecord.getPolicy()); @@ -484,26 +489,21 @@ public class TokenService extends PKIService implements TokenResource { TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID); TokenRecord tokenRecord = null; - String msg = ""; + String msg = "change token status"; try { TokenDatabase database = subsystem.getTokenDatabase(); tokenRecord = database.getRecord(tokenID); TokenStatus currentTokenStatus = getTokenStatus(tokenRecord); CMS.debug("TokenService.changeTokenStatus(): current status: " + currentTokenStatus); - msg = "change token status from " + currentTokenStatus + " to " + tokenStatus; + msg = msg + " from " + currentTokenStatus + " to " + tokenStatus; // make sure transition is allowed Collection<TokenStatus> nextStatuses = transitions.get(currentTokenStatus); CMS.debug("TokenService.changeTokenStatus(): allowed next statuses: " + nextStatuses); if (nextStatuses == null || !nextStatuses.contains(tokenStatus)) { CMS.debug("TokenService.changeTokenStatus(): next status not allowed: " + tokenStatus); - msg = msg + ": Invalid token status transition"; - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, - ipAddress, msg, - "failure", - remoteUser); - throw new BadRequestException(msg); + throw new BadRequestException("Invalid token status transition"); } CMS.debug("TokenService.changeTokenStatus(): next status allowed: " + tokenStatus); @@ -519,7 +519,7 @@ public class TokenService extends PKIService implements TokenResource { } catch (Exception e) { e.printStackTrace(); - msg = msg + e; + msg = msg + ": " + e; subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, ipAddress, msg, "failure", remoteUser); |