pvoborni's pull request #65: "#6216 - webui: cert_revoke should use --cacn to set correct CA when revoking certificate" was opened
PR body: """ This is Pavel's patch with changes mentioned in pull request #31 comment 1 """ See the full pull-request at https://github.com/freeipa/freeipa/pull/65 ... or pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/65/head:pr65 git checkout pr65
From 75b7e9a0f491b148844a8aa49453cd8f542e7fa0 Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Fri, 26 Aug 2016 12:50:00 +0200 Subject: [PATCH 1/3] Add support for additional options taken from table facet Sometimes the entity_show command must be called with options which are gathered from result of entity_find command. These options needs to be passed as arguments in URL which points to details page. This functionality is implemented to table facet. There is new property 'additional_navigation_arguments' which is prepared for array of attributes which will be passed to URL. Part of: https://fedorahosted.org/freeipa/ticket/6238 --- install/ui/src/freeipa/facet.js | 49 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/install/ui/src/freeipa/facet.js b/install/ui/src/freeipa/facet.js index 4553c5c..06eca18 100644 --- a/install/ui/src/freeipa/facet.js +++ b/install/ui/src/freeipa/facet.js @@ -1819,6 +1819,15 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) { var that = IPA.facet(spec, no_init); /** + * Names of additional row attributes which will be send to another facet + * during navigation as URL parameters. + * + * @property {Array<string>} + */ + that.additional_navigation_arguments = spec.additional_navigation_arguments; + + + /** * Entity of data displayed in the table * @property {entity.entity} */ @@ -2268,6 +2277,38 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) { /** + * Extract data from command response and return them. + * + * @param pkey {string} primary key of row which is chosen + * @param attrs {Array} names of attributes which will be extracted + */ + that.get_row_attribute_values = function(key, attrs) { + var result = that.data.result.result; + var options = {}; + var row; + + if (result) { + for (var i=0, l=result.length; i<l; i++) { + row = result[i]; + + var pkey = row[that.table.name]; + if (pkey == key) break; + } + + if (row) { + for (var j=0, le=attrs.length; j<le; j++) { + var attr = attrs[j]; + var new_attr = {}; + new_attr[attr] = row[attr]; + $.extend(options, new_attr); + } + } + } + + return options; + }; + + /** * * Method which will be called after clicking on pkey in table. * @@ -2279,6 +2320,12 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) { */ that.on_column_link_click = function(value, entity) { var pkeys = [value]; + var args; + + var attributes = that.additional_navigation_arguments; + if (lang.isArray(attributes)) { + args = that.get_row_attribute_values(value, attributes); + } // for nested entities var containing_entity = entity.get_containing_entity(); @@ -2287,7 +2334,7 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) { pkeys.push(value); } - navigation.show_entity(entity.name, that.details_facet_name, pkeys); + navigation.show_entity(entity.name, that.details_facet_name, pkeys, args); return false; }; From 394fe75faccf732c20118de4d351b99e6aa98089 Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Fri, 26 Aug 2016 13:03:58 +0200 Subject: [PATCH 2/3] WebUI: Fix showing certificates issued by sub-CA The cert-show command needs to be called with cacn option. Cacn option is passed using URL attribute. https://fedorahosted.org/freeipa/ticket/6238 --- install/ui/src/freeipa/certificate.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js index 232bdbf..e67c348 100755 --- a/install/ui/src/freeipa/certificate.js +++ b/install/ui/src/freeipa/certificate.js @@ -1543,6 +1543,7 @@ return { row_enabled_attribute: 'status', facet_groups: [exp.facet_group], facet_group: 'certificates', + additional_navigation_arguments: [ 'cacn' ], pagination: false, no_update: true, columns: [ @@ -1552,6 +1553,7 @@ return { width: '90px' }, 'subject', + 'cacn', { name: 'status', width: '120px' @@ -1645,6 +1647,7 @@ return { fields: [ 'serial_number', 'serial_number_hex', + 'cacn', 'subject', { name: 'issuer', @@ -1772,6 +1775,10 @@ IPA.cert.details_facet = function(spec, no_init) { var command = that.details_facet_create_refresh_command(); delete command.options.all; delete command.options.rights; + + command.options = command.options || {}; + $.extend(command.options, { cacn: that.state.cacn }); + return command; }; From 89a049c9a626cb121498b44f134c54e10c470a5a Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Fri, 26 Aug 2016 13:11:22 +0200 Subject: [PATCH 3/3] WebUI add support for sub-CAs while revoking certificates Also the same for removing certificate hold. https://fedorahosted.org/freeipa/ticket/6216 --- install/ui/src/freeipa/certificate.js | 129 ++++++++++++++++++++++++++-------- install/ui/src/freeipa/widget.js | 1 + 2 files changed, 100 insertions(+), 30 deletions(-) diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js index e67c348..9ab4002 100755 --- a/install/ui/src/freeipa/certificate.js +++ b/install/ui/src/freeipa/certificate.js @@ -244,44 +244,104 @@ IPA.cert.download_dialog = function(spec) { return that; }; -IPA.cert.revoke_dialog = function(spec) { +IPA.cert.revocation_reason_select_widget = function(spec) { + spec = spec || {}; + + var that = IPA.select_widget(spec); + + that.create_options = function() { + for (var i=0; i<IPA.cert.CRL_REASON.length; i++) { + var reason = IPA.cert.CRL_REASON[i]; + if (!reason) continue; + var label = text.get('@i18n:objects.cert.'+reason); + that.options.push({ label: label, value: i}); + } + + that.select_create_options(); + }; + + return that; +}; + +IPA.cert.revoke_dialog = function(spec, no_init) { spec = spec || {}; + spec.width = spec.width || 500; spec.ok_label = spec.ok_label || '@i18n:buttons.revoke'; + spec.sections = [ + { + name: 'note', + show_header: false, + fields: [ + { + field: false, + $type: 'html', + name: 'note', + html: '' + } + ], + layout: + { + $factory: widget_mod.fluid_layout, + widget_cls: "col-sm-12 controls", + label_cls: "hide" + } + }, + { + name: 'revocation', + show_header: false, + fields: [ + { + $type: 'revocation_reason_select', + name: 'revocation_reason', + label: '@i18n:objects.cert.find_revocation_reason' + }, + { + $type: 'entity_select', + label: '@i18n:objects.cert.ca', + name: 'cacn', + empty_option: false, + other_entity: 'ca', + other_field: 'cn' + } + ] + } + ]; var that = IPA.confirm_dialog(spec); - IPA.table_mixin().apply(that); + + that.open = function() { + + that.confirmed = false; + that.dialog_open(); + that.set_cacn(that.facet.state.cacn); + }; that.get_reason = function() { - return that.select.val(); + return that.get_field('revocation_reason').value[0]; }; - that.create_content = function() { + that.set_cacn = function(cacn) { + that.get_field('cacn').set_value([cacn]); + }; - var table = that.create_layout().appendTo(that.container); + that.get_cacn = function() { + return that.get_field('cacn').value[0]; + }; - var tr = that.create_row().appendTo(table); - var td = that.create_cell('@i18n:objects.cert.note', ':').appendTo(tr); - td = that.create_cell('@i18n:objects.cert.revoke_confirmation') - .appendTo(tr); + that.create_content = function() { + that.dialog_create_content(); - tr = that.create_row().appendTo(table); - td = that.create_header_cell('@i18n:objects.cert.reason', ':') - .appendTo(tr); - td = that.create_cell().appendTo(tr); + }; - that.select = $('<select/>').appendTo(td); - for (var i=0; i<IPA.cert.CRL_REASON.length; i++) { - var reason = IPA.cert.CRL_REASON[i]; - if (!reason) continue; - $('<option/>', { - 'value': i, - 'html': text.get('@i18n:objects.cert.'+reason) - }).appendTo(that.select); - } + that.init = function() { + var note = text.get('@i18n:objects.cert.revoke_confirmation'); + that.widgets.get_widget('note.note').html = note; }; + if (!no_init) that.init(); + return that; }; @@ -718,7 +778,7 @@ IPA.cert.request_action = function(spec) { return that; }; -IPA.cert.perform_revoke = function(spec, sn, revocation_reason) { +IPA.cert.perform_revoke = function(spec, sn, revocation_reason, cacn) { spec.hide_activity_icon = spec.hide_activity_icon || false; @@ -728,7 +788,8 @@ IPA.cert.perform_revoke = function(spec, sn, revocation_reason) { hide_activity_icon: spec.hide_activity_icon, args: [ sn ], options: { - 'revocation_reason': revocation_reason + revocation_reason: revocation_reason, + cacn: cacn }, notify_activity_start: spec.notify_activity_start, notify_activity_end: spec.notify_activity_end, @@ -782,7 +843,8 @@ IPA.cert.revoke_action = function(spec) { var sn = facet.certificate.serial_number; var revocation_reason = that.dialog.get_reason(); - IPA.cert.perform_revoke(spec, sn, revocation_reason); + var cacn = that.dialog.get_cacn(); + IPA.cert.perform_revoke(spec, sn, revocation_reason, cacn); }; return that; @@ -835,19 +897,22 @@ IPA.cert.remove_hold_action = function(spec) { } }; - IPA.cert.perform_remove_hold(spec, facet.certificate.serial_number); - + IPA.cert.perform_remove_hold(spec, facet.certificate.serial_number, + facet.state.cacn); }; return that; }; -IPA.cert.perform_remove_hold = function(spec, sn) { +IPA.cert.perform_remove_hold = function(spec, sn, cacn) { rpc.command({ entity: 'cert', method: 'remove_hold', args: [sn], + options: { + cacn: cacn + }, on_success: spec.on_success }).execute(); }; @@ -1360,13 +1425,15 @@ IPA.cert.cert_widget = function(spec) { }; var sn = that.certificate.serial_number; + var cacn = dialog.get_cacn(); var revocation_reason = dialog.get_reason(); - IPA.cert.perform_revoke(command_spec, sn, revocation_reason); + IPA.cert.perform_revoke(command_spec, sn, revocation_reason, cacn); } }; var dialog = IPA.cert.revoke_dialog(spec); dialog.open(); + dialog.set_cacn(that.certificate.cacn); }; that.perform_remove_hold = function() { @@ -1392,7 +1459,8 @@ IPA.cert.cert_widget = function(spec) { }; var sn = that.certificate.serial_number; - IPA.cert.perform_remove_hold(command_spec, sn); + var cacn = that.certificate.cacn; + IPA.cert.perform_remove_hold(command_spec, sn, cacn); } }; @@ -1834,6 +1902,7 @@ exp.register = function() { f.register('certificate_status', IPA.cert.status_field); f.register('revocation_reason', IPA.revocation_reason_field); w.register('revocation_reason', IPA.text_widget); + w.register('revocation_reason_select', IPA.cert.revocation_reason_select_widget); a.register('cert_request', IPA.cert.request_action); a.register('download_cert', IPA.cert.download_action); diff --git a/install/ui/src/freeipa/widget.js b/install/ui/src/freeipa/widget.js index 9151eba..4769ca6 100644 --- a/install/ui/src/freeipa/widget.js +++ b/install/ui/src/freeipa/widget.js @@ -2878,6 +2878,7 @@ IPA.select_widget = function(spec) { // methods that should be invoked by subclasses that.select_save = that.save; that.select_update = that.update; + that.select_create_options = that.create_options; return that; };
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
