diff options
| author | Endi Sukma Dewata <edewata@redhat.com> | 2010-10-15 20:51:52 -0400 |
|---|---|---|
| committer | Adam Young <ayoung@redhat.com> | 2010-10-18 14:22:07 -0400 |
| commit | 267e803cdfdb410cd00ba1e8435379b7112c057f (patch) | |
| tree | 4d6c860b584bec5635d6f44e0295e4d4aa789e5d /install/static/service.js | |
| parent | c2a2ffbe69c395724506f4dec7c1cdca94d8d735 (diff) | |
| download | freeipa.git-267e803cdfdb410cd00ba1e8435379b7112c057f.tar.gz freeipa.git-267e803cdfdb410cd00ba1e8435379b7112c057f.tar.xz freeipa.git-267e803cdfdb410cd00ba1e8435379b7112c057f.zip | |
Service certificate status.
The service details page has been modified to show certificate
status using bullets. It will also show the revocation reason,
and display the restore button only if the certificate is on
hold. The buttons action handlers have been moved into
service_usercertificate_load() so they can update the bullets.
A test data file for cert-show operation has been added. Other
test data files containing certificate info has been updated for
consistency.
The certificate_confirmation_dialog() has been removed because
it's no longer used.
Diffstat (limited to 'install/static/service.js')
| -rw-r--r-- | install/static/service.js | 326 |
1 files changed, 190 insertions, 136 deletions
diff --git a/install/static/service.js b/install/static/service.js index d688b9ad..5e37f6a7 100644 --- a/install/static/service.js +++ b/install/static/service.js @@ -20,6 +20,10 @@ /* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */ +var SERVICE_CERTIFICATE_VALID = 1; +var SERVICE_CERTIFICATE_REVOKED = 2; +var SERVICE_CERTIFICATE_MISSING = 3; + ipa_entity_set_search_definition('service', [ ['krbprincipalname', 'Principal', null], ['quick_links', 'Quick Links', ipa_entity_quick_links] @@ -88,146 +92,168 @@ function service_provisioning_status_load(container, dt, result) { // skip provisioning_status } -function service_usercertificate_get(result) { - - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; - } +function service_usercertificate_load(container, dt, result) { - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); + var li1, li2, li3; - var dialog = certificate_get_dialog({ - 'title': 'Certificate for Service '+service_name, - 'usercertificate': usercertificate[0].__base64__ - }); + function set_status(status, revocation_reason) { + li1.css('list-style-type', status == SERVICE_CERTIFICATE_VALID ? 'disc' : 'circle'); + li2.css('list-style-type', status == SERVICE_CERTIFICATE_REVOKED ? 'disc' : 'circle'); + li3.css('list-style-type', status == SERVICE_CERTIFICATE_MISSING ? 'disc' : 'circle'); - dialog.open(); -} - -function service_usercertificate_view(result) { + $('#revocation_reason').html(revocation_reason ? CRL_REASON[revocation_reason] : ''); + $('#restore_button').css('visibility', revocation_reason == 6 ? 'visible' : 'hidden') + } - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; + function check_status(serial_number) { + ipa_cmd( + 'cert_show', + [serial_number], + { }, + function(data, text_status, xhr) { + var revocation_reason = data.result.result.revocation_reason; + if (revocation_reason) { + set_status(SERVICE_CERTIFICATE_REVOKED, revocation_reason); + } else { + set_status(SERVICE_CERTIFICATE_VALID); + } + } + ); } - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); - - var dialog = certificate_view_dialog({ - 'title': 'Certificate for Service '+service_name, - 'subject': result['subject'], - 'serial_number': result['serial_number'], - 'issuer': result['issuer'], - 'issued_on': result['valid_not_before'], - 'expires_on': result['valid_not_after'], - 'md5_fingerprint': result['md5_fingerprint'], - 'sha1_fingerprint': result['sha1_fingerprint'] - }); - - dialog.open(); -} + function get_certificate(result) { -function service_usercertificate_revoke(result) { + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; + } - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; - } + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); + var dialog = certificate_get_dialog({ + 'title': 'Certificate for Service '+service_name, + 'usercertificate': usercertificate[0].__base64__ + }); - var serial_number = result['serial_number']; + dialog.open(); + } - var dialog = certificate_revoke_dialog({ - 'title': 'Revoke Certificate for Service '+service_name, - 'revoke': function(values) { - var reason = values['reason']; + function view_certificate(result) { - ipa_cmd( - 'cert_revoke', - [serial_number], - { - 'revocation_reason': reason - }, - function(data, text_status, xhr) { - var dialog = certificate_confirmation_dialog({ - title: 'Success', - message: 'Certificate has been revoked successfully.' - }); - dialog.open(); - } - ); + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; } - }); - - dialog.open(); -} -function service_usercertificate_restore(result) { - - var usercertificate = result['usercertificate']; - if (!usercertificate) { - alert('Service has no usercertificate.'); - return; + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_view_dialog({ + 'title': 'Certificate for Service '+service_name, + 'subject': result['subject'], + 'serial_number': result['serial_number'], + 'issuer': result['issuer'], + 'issued_on': result['valid_not_before'], + 'expires_on': result['valid_not_after'], + 'md5_fingerprint': result['md5_fingerprint'], + 'sha1_fingerprint': result['sha1_fingerprint'] + }); + + dialog.open(); } - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); - - var serial_number = result['serial_number']; + function revoke_certificate(result) { - var dialog = certificate_restore_dialog({ - 'title': 'Restore Certificate for Service '+service_name, - 'restore': function(values) { - ipa_cmd( - 'cert_remove_hold', - [serial_number], - { }, - function(data, text_status, xhr) { - var dialog = certificate_confirmation_dialog({ - title: 'Success', - message: 'Certificate has been restored successfully.' - }); - dialog.open(); - } - ); + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; } - }); - dialog.open(); -} + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var serial_number = result['serial_number']; + + var dialog = certificate_revoke_dialog({ + 'title': 'Revoke Certificate for Service '+service_name, + 'revoke': function(values) { + var reason = values['reason']; + + ipa_cmd( + 'cert_revoke', + [serial_number], + { + 'revocation_reason': reason + }, + function(data, text_status, xhr) { + check_status(serial_number); + } + ); + } + }); + + dialog.open(); + } -function service_usercertificate_request(result) { + function restore_certificate(result) { - var krbprincipalname = result['krbprincipalname'][0]; - var service_name = krbprincipalname.replace(/@.*$/, ''); - - var dialog = certificate_request_dialog({ - 'title': 'Issue New Certificate for Service '+service_name, - 'request': function(values) { - var request = values['request']; - - ipa_cmd( - 'cert_request', - [request], - { - 'principal': krbprincipalname - } - ); + var usercertificate = result['usercertificate']; + if (!usercertificate) { + set_status(SERVICE_CERTIFICATE_MISSING); + return; } - }); - dialog.open(); -} + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var serial_number = result['serial_number']; + + var dialog = certificate_restore_dialog({ + 'title': 'Restore Certificate for Service '+service_name, + 'restore': function(values) { + ipa_cmd( + 'cert_remove_hold', + [serial_number], + { }, + function(data, text_status, xhr) { + check_status(serial_number); + } + ); + } + }); + + dialog.open(); + } -function service_usercertificate_load(container, dt, result) { + function request_certificate(result) { + + var krbprincipalname = result['krbprincipalname'][0]; + var service_name = krbprincipalname.replace(/@.*$/, ''); + + var dialog = certificate_request_dialog({ + 'title': 'Issue New Certificate for Service '+service_name, + 'request': function(values) { + var request = values['request']; + + ipa_cmd( + 'cert_request', + [request], + { + 'principal': krbprincipalname + }, + function(data, text_status, xhr) { + check_status(data.result.result.serial_number); + } + ); + } + }); + + dialog.open(); + } var krbprincipalname = result['krbprincipalname'][0]; @@ -236,40 +262,45 @@ function service_usercertificate_load(container, dt, result) { var tr = $('<tr/>').appendTo(table); var td = $('<td/>').appendTo(tr); + li1 = $('<li/>', { + style: 'color: green;' + }).appendTo(td); + + td = $('<td/>').appendTo(tr); td.append('Valid Certificate Present:'); td = $('<td/>').appendTo(tr); $('<input/>', { - type: 'button', - value: 'Get', - click: function() { + 'type': 'button', + 'value': 'Get', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_get(data.result.result); + get_certificate(data.result.result); } ); } }).appendTo(td); $('<input/>', { - type: 'button', - value: 'Revoke', - click: function() { + 'type': 'button', + 'value': 'Revoke', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_revoke(data.result.result); + revoke_certificate(data.result.result); } ); } }).appendTo(td); $('<input/>', { - type: 'button', - value: 'View', - click: function() { + 'type': 'button', + 'value': 'View', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_view(data.result.result); + view_certificate(data.result.result); } ); } @@ -278,16 +309,27 @@ function service_usercertificate_load(container, dt, result) { tr = $('<tr/>').appendTo(table); td = $('<td/>').appendTo(tr); + li2 = $('<li/>', { + 'style': 'color: red;' + }).appendTo(td); + + td = $('<td/>').appendTo(tr); td.append('Certificate Revoked:'); td = $('<td/>').appendTo(tr); + td.append($('<span/>', { + 'id': 'revocation_reason' + })); + td.append(' '); + $('<input/>', { - type: 'button', - value: 'Restore', - click: function() { + 'id': 'restore_button', + 'type': 'button', + 'value': 'Restore', + 'click': function() { ipa_cmd('service_show', [krbprincipalname], {}, function(data, text_status, xhr) { - service_usercertificate_restore(data.result.result); + restore_certificate(data.result.result); } ); } @@ -296,17 +338,29 @@ function service_usercertificate_load(container, dt, result) { tr = $('<tr/>').appendTo(table); td = $('<td/>').appendTo(tr); + li3 = $('<li/>', { + 'style': 'color: goldenrod;' + }).appendTo(td); + + td = $('<td/>').appendTo(tr); td.append('No Valid Certificate:'); td = $('<td/>').appendTo(tr); $('<input/>', { - type: 'button', - value: 'New Certificate', - click: function() { - service_usercertificate_request(result); + 'type': 'button', + 'value': 'New Certificate', + 'click': function() { + request_certificate(result); } }).appendTo(td); var dd = ipa_create_first_dd(this.name, table); dt.after(dd); + + var usercertificate = result['usercertificate']; + if (usercertificate) { + check_status(result.serial_number); + } else { + set_status(SERVICE_CERTIFICATE_MISSING); + } } |