pvoborni's pull request #65: "#6216 - webui: cert_revoke should use --cacn to 
set correct CA when revoking certificate" was opened

PR body:
"""
This is Pavel's patch with changes mentioned in pull request #31 comment 1
"""

See the full pull-request at https://github.com/freeipa/freeipa/pull/65
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/65/head:pr65
git checkout pr65
From 75b7e9a0f491b148844a8aa49453cd8f542e7fa0 Mon Sep 17 00:00:00 2001
From: Pavel Vomacka <pvoma...@redhat.com>
Date: Fri, 26 Aug 2016 12:50:00 +0200
Subject: [PATCH 1/3] Add support for additional options taken from table facet

Sometimes the entity_show command must be called with options which are gathered
from result of entity_find command. These options needs to be passed as
arguments in URL which points to details page.

This functionality is implemented to table facet. There is new property
'additional_navigation_arguments' which is prepared for array of attributes
which will be passed to URL.

Part of: https://fedorahosted.org/freeipa/ticket/6238
---
 install/ui/src/freeipa/facet.js | 49 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 48 insertions(+), 1 deletion(-)

diff --git a/install/ui/src/freeipa/facet.js b/install/ui/src/freeipa/facet.js
index 4553c5c..06eca18 100644
--- a/install/ui/src/freeipa/facet.js
+++ b/install/ui/src/freeipa/facet.js
@@ -1819,6 +1819,15 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) {
     var that = IPA.facet(spec, no_init);
 
     /**
+     * Names of additional row attributes which will be send to another facet
+     * during navigation as URL parameters.
+     *
+     * @property {Array<string>}
+     */
+    that.additional_navigation_arguments = spec.additional_navigation_arguments;
+
+
+    /**
      * Entity of data displayed in the table
      * @property {entity.entity}
      */
@@ -2268,6 +2277,38 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) {
 
 
     /**
+     * Extract data from command response and return them.
+     *
+     * @param pkey {string} primary key of row which is chosen
+     * @param attrs {Array} names of attributes which will be extracted
+     */
+    that.get_row_attribute_values = function(key, attrs) {
+        var result = that.data.result.result;
+        var options = {};
+        var row;
+
+        if (result) {
+            for (var i=0, l=result.length; i<l; i++) {
+                row = result[i];
+
+                var pkey = row[that.table.name];
+                if (pkey == key) break;
+            }
+
+            if (row) {
+                for (var j=0, le=attrs.length; j<le; j++) {
+                    var attr = attrs[j];
+                    var new_attr = {};
+                    new_attr[attr] = row[attr];
+                    $.extend(options, new_attr);
+                }
+            }
+        }
+
+        return options;
+    };
+
+    /**
      *
      * Method which will be called after clicking on pkey in table.
      *
@@ -2279,6 +2320,12 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) {
      */
     that.on_column_link_click = function(value, entity) {
         var pkeys = [value];
+        var args;
+
+        var attributes = that.additional_navigation_arguments;
+        if (lang.isArray(attributes)) {
+            args = that.get_row_attribute_values(value, attributes);
+        }
 
         // for nested entities
         var containing_entity = entity.get_containing_entity();
@@ -2287,7 +2334,7 @@ exp.table_facet = IPA.table_facet = function(spec, no_init) {
             pkeys.push(value);
         }
 
-        navigation.show_entity(entity.name, that.details_facet_name, pkeys);
+        navigation.show_entity(entity.name, that.details_facet_name, pkeys, args);
         return false;
     };
 

From 394fe75faccf732c20118de4d351b99e6aa98089 Mon Sep 17 00:00:00 2001
From: Pavel Vomacka <pvoma...@redhat.com>
Date: Fri, 26 Aug 2016 13:03:58 +0200
Subject: [PATCH 2/3] WebUI: Fix showing certificates issued by sub-CA

The cert-show command needs to be called with cacn option. Cacn option is
passed using URL attribute.

https://fedorahosted.org/freeipa/ticket/6238
---
 install/ui/src/freeipa/certificate.js | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index 232bdbf..e67c348 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -1543,6 +1543,7 @@ return {
             row_enabled_attribute: 'status',
             facet_groups: [exp.facet_group],
             facet_group: 'certificates',
+            additional_navigation_arguments: [ 'cacn' ],
             pagination: false,
             no_update: true,
             columns: [
@@ -1552,6 +1553,7 @@ return {
                     width: '90px'
                 },
                 'subject',
+                'cacn',
                 {
                     name: 'status',
                     width: '120px'
@@ -1645,6 +1647,7 @@ return {
                     fields: [
                         'serial_number',
                         'serial_number_hex',
+                        'cacn',
                         'subject',
                         {
                             name: 'issuer',
@@ -1772,6 +1775,10 @@ IPA.cert.details_facet = function(spec, no_init) {
         var command = that.details_facet_create_refresh_command();
         delete command.options.all;
         delete command.options.rights;
+
+        command.options = command.options || {};
+        $.extend(command.options, { cacn: that.state.cacn });
+
         return command;
     };
 

From 89a049c9a626cb121498b44f134c54e10c470a5a Mon Sep 17 00:00:00 2001
From: Pavel Vomacka <pvoma...@redhat.com>
Date: Fri, 26 Aug 2016 13:11:22 +0200
Subject: [PATCH 3/3] WebUI add support for sub-CAs while revoking certificates

Also the same for removing certificate hold.

https://fedorahosted.org/freeipa/ticket/6216
---
 install/ui/src/freeipa/certificate.js | 129 ++++++++++++++++++++++++++--------
 install/ui/src/freeipa/widget.js      |   1 +
 2 files changed, 100 insertions(+), 30 deletions(-)

diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index e67c348..9ab4002 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -244,44 +244,104 @@ IPA.cert.download_dialog = function(spec) {
     return that;
 };
 
-IPA.cert.revoke_dialog = function(spec) {
+IPA.cert.revocation_reason_select_widget = function(spec) {
+    spec = spec || {};
+
+    var that = IPA.select_widget(spec);
+
+    that.create_options = function() {
+        for (var i=0; i<IPA.cert.CRL_REASON.length; i++) {
+            var reason = IPA.cert.CRL_REASON[i];
+            if (!reason) continue;
+            var label = text.get('@i18n:objects.cert.'+reason);
+            that.options.push({ label: label, value: i});
+        }
+
+        that.select_create_options();
+    };
+
+    return that;
+};
+
+IPA.cert.revoke_dialog = function(spec, no_init) {
 
     spec = spec || {};
+
     spec.width = spec.width || 500;
     spec.ok_label = spec.ok_label || '@i18n:buttons.revoke';
+    spec.sections = [
+        {
+            name: 'note',
+            show_header: false,
+            fields: [
+                {
+                    field: false,
+                    $type: 'html',
+                    name: 'note',
+                    html: ''
+                }
+            ],
+            layout:
+            {
+                $factory: widget_mod.fluid_layout,
+                widget_cls: "col-sm-12 controls",
+                label_cls: "hide"
+            }
+        },
+        {
+            name: 'revocation',
+            show_header: false,
+            fields: [
+                {
+                    $type: 'revocation_reason_select',
+                    name: 'revocation_reason',
+                    label: '@i18n:objects.cert.find_revocation_reason'
+                },
+                {
+                    $type: 'entity_select',
+                    label: '@i18n:objects.cert.ca',
+                    name: 'cacn',
+                    empty_option: false,
+                    other_entity: 'ca',
+                    other_field: 'cn'
+                }
+            ]
+        }
+    ];
 
     var that = IPA.confirm_dialog(spec);
-    IPA.table_mixin().apply(that);
+
+    that.open = function() {
+
+        that.confirmed = false;
+        that.dialog_open();
+        that.set_cacn(that.facet.state.cacn);
+    };
 
     that.get_reason = function() {
-        return that.select.val();
+        return that.get_field('revocation_reason').value[0];
     };
 
-    that.create_content = function() {
+    that.set_cacn = function(cacn) {
+        that.get_field('cacn').set_value([cacn]);
+    };
 
-        var table = that.create_layout().appendTo(that.container);
+    that.get_cacn = function() {
+        return that.get_field('cacn').value[0];
+    };
 
-        var tr = that.create_row().appendTo(table);
-        var td = that.create_cell('@i18n:objects.cert.note', ':').appendTo(tr);
-        td = that.create_cell('@i18n:objects.cert.revoke_confirmation')
-            .appendTo(tr);
+    that.create_content = function() {
+        that.dialog_create_content();
 
-        tr = that.create_row().appendTo(table);
-        td = that.create_header_cell('@i18n:objects.cert.reason', ':')
-            .appendTo(tr);
-        td = that.create_cell().appendTo(tr);
+    };
 
-        that.select = $('<select/>').appendTo(td);
-        for (var i=0; i<IPA.cert.CRL_REASON.length; i++) {
-            var reason = IPA.cert.CRL_REASON[i];
-            if (!reason) continue;
-            $('<option/>', {
-                'value': i,
-                'html': text.get('@i18n:objects.cert.'+reason)
-            }).appendTo(that.select);
-        }
+    that.init = function() {
+        var note = text.get('@i18n:objects.cert.revoke_confirmation');
+        that.widgets.get_widget('note.note').html = note;
     };
 
+    if (!no_init) that.init();
+
     return that;
 };
 
@@ -718,7 +778,7 @@ IPA.cert.request_action = function(spec) {
     return that;
 };
 
-IPA.cert.perform_revoke = function(spec, sn, revocation_reason) {
+IPA.cert.perform_revoke = function(spec, sn, revocation_reason, cacn) {
 
     spec.hide_activity_icon = spec.hide_activity_icon || false;
 
@@ -728,7 +788,8 @@ IPA.cert.perform_revoke = function(spec, sn, revocation_reason) {
         hide_activity_icon: spec.hide_activity_icon,
         args: [ sn ],
         options: {
-            'revocation_reason': revocation_reason
+            revocation_reason: revocation_reason,
+            cacn: cacn
         },
         notify_activity_start: spec.notify_activity_start,
         notify_activity_end: spec.notify_activity_end,
@@ -782,7 +843,8 @@ IPA.cert.revoke_action = function(spec) {
 
         var sn = facet.certificate.serial_number;
         var revocation_reason = that.dialog.get_reason();
-        IPA.cert.perform_revoke(spec, sn, revocation_reason);
+        var cacn = that.dialog.get_cacn();
+        IPA.cert.perform_revoke(spec, sn, revocation_reason, cacn);
     };
 
     return that;
@@ -835,19 +897,22 @@ IPA.cert.remove_hold_action = function(spec) {
             }
         };
 
-        IPA.cert.perform_remove_hold(spec, facet.certificate.serial_number);
-
+        IPA.cert.perform_remove_hold(spec, facet.certificate.serial_number,
+                            facet.state.cacn);
     };
 
     return that;
 };
 
-IPA.cert.perform_remove_hold = function(spec, sn) {
+IPA.cert.perform_remove_hold = function(spec, sn, cacn) {
 
     rpc.command({
         entity: 'cert',
         method: 'remove_hold',
         args: [sn],
+        options: {
+            cacn: cacn
+        },
         on_success: spec.on_success
     }).execute();
 };
@@ -1360,13 +1425,15 @@ IPA.cert.cert_widget = function(spec) {
                 };
 
                 var sn = that.certificate.serial_number;
+                var cacn = dialog.get_cacn();
                 var revocation_reason = dialog.get_reason();
-                IPA.cert.perform_revoke(command_spec, sn, revocation_reason);
+                IPA.cert.perform_revoke(command_spec, sn, revocation_reason, cacn);
             }
         };
 
         var dialog = IPA.cert.revoke_dialog(spec);
         dialog.open();
+        dialog.set_cacn(that.certificate.cacn);
     };
 
     that.perform_remove_hold = function() {
@@ -1392,7 +1459,8 @@ IPA.cert.cert_widget = function(spec) {
                 };
 
                 var sn =  that.certificate.serial_number;
-                IPA.cert.perform_remove_hold(command_spec, sn);
+                var cacn = that.certificate.cacn;
+                IPA.cert.perform_remove_hold(command_spec, sn, cacn);
             }
         };
 
@@ -1834,6 +1902,7 @@ exp.register = function() {
     f.register('certificate_status', IPA.cert.status_field);
     f.register('revocation_reason', IPA.revocation_reason_field);
     w.register('revocation_reason', IPA.text_widget);
+    w.register('revocation_reason_select', IPA.cert.revocation_reason_select_widget);
 
     a.register('cert_request', IPA.cert.request_action);
     a.register('download_cert', IPA.cert.download_action);
diff --git a/install/ui/src/freeipa/widget.js b/install/ui/src/freeipa/widget.js
index 9151eba..4769ca6 100644
--- a/install/ui/src/freeipa/widget.js
+++ b/install/ui/src/freeipa/widget.js
@@ -2878,6 +2878,7 @@ IPA.select_widget = function(spec) {
     // methods that should be invoked by subclasses
     that.select_save = that.save;
     that.select_update = that.update;
+    that.select_create_options = that.create_options;
 
     return that;
 };
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to