A new token status UNFORMATTED has been added for new tokens added via UI/CLI and for TERMINATED tokens that are to be reused.
The token status READY has been renamed to FORMATTED for clarity. -- Endi S. Dewata
>From ed68e77505b58a72c98de3ada7ea69aa003c877a Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <[email protected]> Date: Tue, 10 May 2016 05:30:34 +0200 Subject: [PATCH] Renamed token status READY to FORMATTED. The token status READY has been renamed to FORMATTED for clarity. https://fedorahosted.org/pki/ticket/2288 --- .../netscape/certsrv/tps/token/TokenStatus.java | 10 +++++----- base/tps-client/doc/CS.cfg | 4 ++-- base/tps/shared/conf/CS.cfg | 4 ++-- base/tps/shared/conf/token-states.properties | 22 +++++++++++----------- base/tps/shared/webapps/tps/js/token.js | 4 ++-- .../src/org/dogtagpki/server/tps/TPSSubsystem.java | 8 ++++---- .../src/org/dogtagpki/server/tps/TPSTokendb.java | 2 +- .../server/tps/processor/TPSEnrollProcessor.java | 6 +++--- .../server/tps/processor/TPSProcessor.java | 6 +++--- .../dogtagpki/server/tps/rest/TokenService.java | 8 ++++---- 10 files changed, 37 insertions(+), 37 deletions(-) diff --git a/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java b/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java index f570c125d81b0729f17287f3635b8976d4f34436..ada2729b735fc03b1039da59f6e96c0983290bf5 100644 --- a/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java +++ b/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java @@ -48,7 +48,7 @@ public class TokenStatus { static Map<String, TokenStatus> instancesByName = new HashMap<String, TokenStatus>(); static Map<Integer, TokenStatus> instancesByValue = new HashMap<Integer, TokenStatus>(); - public final static int TOKEN_READY = 0; + public final static int TOKEN_FORMATTED = 0; public final static int TOKEN_DAMAGED = 1; public final static int TOKEN_PERM_LOST = 2; public final static int TOKEN_SUSPENDED = 3; @@ -56,7 +56,7 @@ public class TokenStatus { public final static int TOKEN_TEMP_LOST_PERM_LOST = 5; public final static int TOKEN_TERMINATED = 6; - public final static TokenStatus READY = new TokenStatus("READY", TOKEN_READY); + public final static TokenStatus FORMATTED = new TokenStatus("FORMATTED", TOKEN_FORMATTED); public final static TokenStatus DAMAGED = new TokenStatus("DAMAGED", TOKEN_DAMAGED); public final static TokenStatus PERM_LOST = new TokenStatus("PERM_LOST", TOKEN_PERM_LOST); public final static TokenStatus SUSPENDED = new TokenStatus("SUSPENDED", TOKEN_SUSPENDED); @@ -137,12 +137,12 @@ public class TokenStatus { public static TokenStatus valueOf(String name) { if ("UNINITIALIZED".equals(name)) { - System.err.println("WARNING: The token status " + name + " has been deprecated. Please use READY instead."); - return READY; + System.err.println("WARNING: The token status " + name + " has been deprecated. Please use " + FORMATTED + " instead."); + return FORMATTED; } if ("TEMP_LOST".equals(name)) { - System.err.println("WARNING: The token status " + name + " has been deprecated. Please use SUSPENDED instead."); + System.err.println("WARNING: The token status " + name + " has been deprecated. Please use " + SUSPENDED + " instead."); return SUSPENDED; } diff --git a/base/tps-client/doc/CS.cfg b/base/tps-client/doc/CS.cfg index f4bed51cb548f4d2db980c1325160a8ffaca7ede..c3f44e35014b5570a58ceddb3861dea3010824a7 100644 --- a/base/tps-client/doc/CS.cfg +++ b/base/tps-client/doc/CS.cfg @@ -1482,7 +1482,7 @@ tokendb._064=# is set to YES. Otherwise, re-enrollment is not tokendb._065=# allowed. tokendb._066=# tokendb.allowedTransitions: tokendb._067=# - has transitions between the following states -tokendb._068=# READY = 0, +tokendb._068=# FORMATTED = 0, tokendb._069=# DAMAGED = 1, tokendb._070=# PERM_LOST = 2, tokendb._071=# SUSPENDED = 3, @@ -1593,7 +1593,7 @@ tps._005=# tps.cert.subsystem.nickname=xxx tps._007=# tps.cert.audit_signing.nickname=xxx tps._008=# tps.operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states -tps._010=# READY = 0, +tps._010=# FORMATTED = 0, tps._011=# ACTIVE = 4 tps._012=# Note: Default transitions can be removed from the list if necessary. tps._013=# Do not add other transitions since they may not be supported. diff --git a/base/tps/shared/conf/CS.cfg b/base/tps/shared/conf/CS.cfg index c2b5265047ce225e23f9090706b1725dd2902f2b..fef2e55f444a6d3f9c076977ae82cb43197150cb 100644 --- a/base/tps/shared/conf/CS.cfg +++ b/base/tps/shared/conf/CS.cfg @@ -1954,7 +1954,7 @@ tokendb._064=# is set to YES. Otherwise, re-enrollment is not tokendb._065=# allowed. tokendb._066=# tokendb.allowedTransitions: tokendb._067=# - has transitions between the following states -tokendb._068=# READY = 0, +tokendb._068=# FORMATTED = 0, tokendb._069=# DAMAGED = 1, tokendb._070=# PERM_LOST = 2, tokendb._071=# SUSPENDED = 3, @@ -2024,7 +2024,7 @@ tps._005=# tps.cert.subsystem.nickname=xxx tps._007=# tps.cert.audit_signing.nickname=xxx tps._008=# tps.operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states -tps._010=# READY = 0, +tps._010=# FORMATTED = 0, tps._011=# ACTIVE = 4 tps._012=# Note: Default transitions can be removed from the list if necessary. tps._013=# Do not add other transitions since they may not be supported. diff --git a/base/tps/shared/conf/token-states.properties b/base/tps/shared/conf/token-states.properties index e6366286ff551425d91a49c4221284dfb303dc06..c4bdb56e70abc7cde410a9688d7bc9a03367414c 100644 --- a/base/tps/shared/conf/token-states.properties +++ b/base/tps/shared/conf/token-states.properties @@ -1,22 +1,22 @@ # Token states -READY = Uninitialized/ready +FORMATTED = Formatted (uninitialized) ACTIVE = Active -SUSPENDED = Temporarily lost/suspended +SUSPENDED = Suspended (temporarily lost) PERM_LOST = Permanently lost DAMAGED = Physically damaged TEMP_LOST_PERM_LOST = Temporarily lost then permanently lost TERMINATED = Terminated # Token state transitions -READY.DAMAGED = This token has been physically damaged. -READY.PERM_LOST = This token has been permanently lost. -READY.SUSPENDED = This token has been temporarily lost/suspended. -READY.TERMINATED = This token has been terminated. -SUSPENDED.ACTIVE = This temporarily lost/suspended token has been found. -SUSPENDED.PERM_LOST = This temporarily lost/suspended token has become permanently lost. -SUSPENDED.TERMINATED = This temporarily lost/suspended token has been terminated. -SUSPENDED.READY = This temporarily lost/suspended token has been found. +FORMATTED.DAMAGED = This token has been physically damaged. +FORMATTED.PERM_LOST = This token has been permanently lost. +FORMATTED.SUSPENDED = This token has been suspended (temporarily lost). +FORMATTED.TERMINATED = This token has been terminated. +SUSPENDED.ACTIVE = This suspended (temporarily lost) token has been found. +SUSPENDED.PERM_LOST = This suspended (temporarily lost) token has become permanently lost. +SUSPENDED.TERMINATED = This suspended (temporarily lost) token has been terminated. +SUSPENDED.FORMATTED = This suspended (temporarily lost) token has been found. ACTIVE.DAMAGED = This token has been physically damaged. ACTIVE.PERM_LOST = This token has been permanently lost. -ACTIVE.SUSPENDED = This token has been temporarily lost/suspended. +ACTIVE.SUSPENDED = This token has been suspended (temporarily lost). ACTIVE.TERMINATED = This token has been terminated. diff --git a/base/tps/shared/webapps/tps/js/token.js b/base/tps/shared/webapps/tps/js/token.js index 2bcf9e11ef0f533347768feba55a310cc844af85..be5ef7bdfdcf2e4e046fbbc7f84e989ab50df1b3 100644 --- a/base/tps/shared/webapps/tps/js/token.js +++ b/base/tps/shared/webapps/tps/js/token.js @@ -21,9 +21,9 @@ // TODO: load labels from server var TokenStatus = { - READY : "Uninitialized/ready", + FORMATTED : "Formatted (uninitialized)", ACTIVE : "Active", - SUSPENDED : "Temporarily lost/suspended", + SUSPENDED : "Suspended (temporarily lost)", PERM_LOST : "Permanently lost", DAMAGED : "Physically damaged", TEMP_LOST_PERM_LOST : "Temporarily lost then permanently lost", diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSSubsystem.java b/base/tps/src/org/dogtagpki/server/tps/TPSSubsystem.java index 7e4a92be005c2f22d425bd761ea616248dbf1902..2d415c16c7da0b4ad19ecc7d4b2ac3e2d329aa70 100644 --- a/base/tps/src/org/dogtagpki/server/tps/TPSSubsystem.java +++ b/base/tps/src/org/dogtagpki/server/tps/TPSSubsystem.java @@ -146,7 +146,7 @@ public class TPSSubsystem implements IAuthority, ISubsystem { * Return the allowed next states for a given token based on TPS configuration. * * If the current state is SUSPENDED, token will be allowed transition to either - * READY or ACTIVE depending on whether the token has certificates. + * FORMATTED or ACTIVE depending on whether the token has certificates. * * @param tokenRecord * @return A non-null collection of allowed next token states. @@ -163,11 +163,11 @@ public class TPSSubsystem implements IAuthority, ISubsystem { // check token certificates Collection<TPSCertRecord> certRecords = tdb.tdbGetCertRecordsByCUID(tokenRecord.getId()); - // if token has no certificates, allow token to become ready again + // if token has no certificates, allow token to become FORMATTED again if (certRecords.isEmpty()) { - ns.add(TokenStatus.READY); + ns.add(TokenStatus.FORMATTED); - } else { // otherwise, allow token to become active again + } else { // otherwise, allow token to become ACTIVE again ns.add(TokenStatus.ACTIVE); } diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java index 523ac2f56888402511e7893dd5cf3c788bc300ee..52eadd35f4fb4829c9c3e1889516e813647d38e7 100644 --- a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java +++ b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java @@ -186,7 +186,7 @@ public class TPSTokendb { } catch (Exception e) { CMS.debug("TPSTokendb.tdbUpdateTokenEntry: token entry not found; Adding"); // add and exit - tdbAddTokenEntry(tokenRecord, TokenStatus.READY); + tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED); return; } // token found; modify diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java index 25e016b6400f3667cfc6eb22b04666a4f5af05c6..bbdc15b86456077a5ff7c64c0b8d79b281fa098c 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java @@ -319,7 +319,7 @@ public class TPSEnrollProcessor extends TPSProcessor { } } else { CMS.debug(method + " token does not exist"); - tokenRecord.setTokenStatus(TokenStatus.READY); + tokenRecord.setTokenStatus(TokenStatus.FORMATTED); checkAllowUnknownToken(TPSEngine.OP_FORMAT_PREFIX); } @@ -368,7 +368,7 @@ public class TPSEnrollProcessor extends TPSProcessor { if (!isTokenPresent) { try { - tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.READY); + tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED); } catch (Exception e) { String failMsg = "add token failure"; logMsg = failMsg + ":" + e.toString(); @@ -1032,7 +1032,7 @@ public class TPSEnrollProcessor extends TPSProcessor { logMsg = "found current token entry"; CMS.debug(method + ":" + logMsg); - if (tokenRecord.getTokenStatus() == TokenStatus.READY) { + if (tokenRecord.getTokenStatus() == TokenStatus.FORMATTED) { // this is the current token if (tokenRecords.size() == 1) { // the current token is the only token owned by the user diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java index 023f75479b3a36b1e30fff2d04613384a40fb901..334a31bde68d2d3f14498580864f89c1e7c9b4c8 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java @@ -2055,8 +2055,8 @@ public class TPSProcessor { if (isTokenPresent) { CMS.debug("TPSProcessor.format: token exists"); - TokenStatus newState = TokenStatus.READY; - // Check for transition to 0/READY status. + TokenStatus newState = TokenStatus.FORMATTED; + // Check for transition to FORMATTED status. if (!tps.engine.isOperationTransitionAllowed(tokenRecord.getTokenStatus(), newState)) { String info = " illegal transition attempted: " + tokenRecord.getTokenStatus() + @@ -2151,7 +2151,7 @@ public class TPSProcessor { } // Update Token DB - tokenRecord.setTokenStatus(TokenStatus.READY); + tokenRecord.setTokenStatus(TokenStatus.FORMATTED); try { tps.tdb.tdbUpdateTokenEntry(tokenRecord); } catch (Exception e) { diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java index fd897ccfbd437dc2221961fdce62cde045cfefc9..7d78b7166af53592756c190877bcaf8db22f283a 100644 --- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java +++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java @@ -91,7 +91,7 @@ public class TokenService extends PKIService implements TokenResource { auditModParams.put("UserID", tokenRecord.getUserID()); switch (tokenState.getValue()) { - case TokenStatus.TOKEN_READY: + case TokenStatus.TOKEN_FORMATTED: tokenRecord.setTokenStatus(tokenState); tokenRecord.setReason(null); break; @@ -368,9 +368,9 @@ public class TokenService extends PKIService implements TokenResource { auditModParams.put("Policy", policy); } - // new tokens are ready when created - tokenRecord.setTokenStatus(TokenStatus.READY); - auditModParams.put("Status", TokenStatus.READY.toString()); + // new tokens are FORMATTED when added via UI/CLI + tokenRecord.setTokenStatus(TokenStatus.FORMATTED); + auditModParams.put("Status", TokenStatus.FORMATTED.toString()); database.addRecord(tokenID, tokenRecord); subsystem.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, -- 2.4.11
>From 756e6dece7fb5043ac7ec8e11f4d6d2f014af4d3 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <[email protected]> Date: Tue, 10 May 2016 05:55:05 +0200 Subject: [PATCH] Added token status UNFORMATTED. A new token status UNFORMATTED has been added for new tokens added via UI/CLI and for TERMINATED tokens that are to be reused. https://fedorahosted.org/pki/ticket/2287 --- .../netscape/certsrv/tps/token/TokenStatus.java | 2 ++ base/tps-client/doc/CS.cfg | 22 ++++++++++++---------- base/tps/shared/conf/CS.cfg | 22 ++++++++++++---------- base/tps/shared/conf/token-states.properties | 2 ++ base/tps/shared/webapps/tps/js/token.js | 1 + .../src/org/dogtagpki/server/tps/TPSTokendb.java | 6 ++++-- .../dogtagpki/server/tps/rest/TokenService.java | 16 +++++++++++++--- 7 files changed, 46 insertions(+), 25 deletions(-) diff --git a/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java b/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java index ada2729b735fc03b1039da59f6e96c0983290bf5..76a4cf05b2ab38a3f1de9a479e1f785452a24519 100644 --- a/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java +++ b/base/common/src/com/netscape/certsrv/tps/token/TokenStatus.java @@ -55,6 +55,7 @@ public class TokenStatus { public final static int TOKEN_ACTIVE = 4; public final static int TOKEN_TEMP_LOST_PERM_LOST = 5; public final static int TOKEN_TERMINATED = 6; + public final static int TOKEN_UNFORMATTED = 7; public final static TokenStatus FORMATTED = new TokenStatus("FORMATTED", TOKEN_FORMATTED); public final static TokenStatus DAMAGED = new TokenStatus("DAMAGED", TOKEN_DAMAGED); @@ -63,6 +64,7 @@ public class TokenStatus { public final static TokenStatus ACTIVE = new TokenStatus("ACTIVE", TOKEN_ACTIVE); public final static TokenStatus TEMP_LOST_PERM_LOST = new TokenStatus("TEMP_LOST_PERM_LOST", TOKEN_TEMP_LOST_PERM_LOST); public final static TokenStatus TERMINATED = new TokenStatus("TERMINATED", TOKEN_TERMINATED); + public final static TokenStatus UNFORMATTED = new TokenStatus("UNFORMATTED", TOKEN_UNFORMATTED); String name; Integer value; diff --git a/base/tps-client/doc/CS.cfg b/base/tps-client/doc/CS.cfg index c3f44e35014b5570a58ceddb3861dea3010824a7..6903a4bd541ad7a31339ca3ad9cec61856114f53 100644 --- a/base/tps-client/doc/CS.cfg +++ b/base/tps-client/doc/CS.cfg @@ -1487,10 +1487,11 @@ tokendb._069=# DAMAGED = 1, tokendb._070=# PERM_LOST = 2, tokendb._071=# SUSPENDED = 3, tokendb._072=# ACTIVE = 4, -tokendb._073=# TERMINATED = 6 -tokendb._074=# Note: Default transitions can be removed from the list if necessary. -tokendb._075=# Do not add other transitions since they may not be supported. -tokendb._076=######################################### +tokendb._073=# TERMINATED = 6, +tokendb._074=# UNFORMATTED = 7 +tokendb._075=# Note: Default transitions can be removed from the list if necessary. +tokendb._076=# Do not add other transitions since they may not be supported. +tokendb._077=######################################### tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT] tokendb.ssl=false @@ -1546,7 +1547,7 @@ tokendb.confirmDeleteConfigTemplate=confirmDeleteConfig.template log.instance.SignedAudit.selected.events=ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL log.instance.SignedAudit.selectable.events=ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE,PRIVATE_KEY_ARCHIVE_PROCESSED,KEY_RECOVERY_REQUEST,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_PROCESSED,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL log.instance.SignedAudit.nonselectable.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_PROCESSED,SERVER_SIDE_KEYGEN_REQUEST -tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:6,4:1,4:2,4:3,4:6 +tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:6,4:1,4:2,4:3,4:6,6:7 target._000=######################################### target._001=# entries to enable configuration of parameter sets through the TPS UI agent and admin tabs target._002=# @@ -1594,11 +1595,12 @@ tps._007=# tps.cert.audit_signing.nickname=xxx tps._008=# tps.operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states tps._010=# FORMATTED = 0, -tps._011=# ACTIVE = 4 -tps._012=# Note: Default transitions can be removed from the list if necessary. -tps._013=# Do not add other transitions since they may not be supported. -tps._014=######################################## -tps.operations.allowedTransitions=0:0,0:4,4:4,4:0 +tps._011=# ACTIVE = 4, +tps._012=# UNFORMATTED = 7 +tps._013=# Note: Default transitions can be removed from the list if necessary. +tps._014=# Do not add other transitions since they may not be supported. +tps._015=######################################## +tps.operations.allowedTransitions=0:0,0:4,4:4,4:0,7:0 tps.cert.list=sslserver,subsystem,audit_signing tps.cert.sslserver.nickname=[HSM_LABEL][NICKNAME] tps.cert.subsystem.nickname=[HSM_LABEL][NICKNAME] diff --git a/base/tps/shared/conf/CS.cfg b/base/tps/shared/conf/CS.cfg index fef2e55f444a6d3f9c076977ae82cb43197150cb..638787d225ca819f051ad999ca92c75c9d51cb88 100644 --- a/base/tps/shared/conf/CS.cfg +++ b/base/tps/shared/conf/CS.cfg @@ -1959,16 +1959,17 @@ tokendb._069=# DAMAGED = 1, tokendb._070=# PERM_LOST = 2, tokendb._071=# SUSPENDED = 3, tokendb._072=# ACTIVE = 4, -tokendb._073=# TERMINATED = 6 -tokendb._074=# Note: Default transitions can be removed from the list if necessary. -tokendb._075=# Do not add other transitions since they may not be supported. -tokendb._076=######################################### +tokendb._073=# TERMINATED = 6, +tokendb._074=# UNFORMATTED = 7 +tokendb._075=# Note: Default transitions can be removed from the list if necessary. +tokendb._076=# Do not add other transitions since they may not be supported. +tokendb._077=######################################### tokendb.activityBaseDN=ou=Activities,[TOKENDB_ROOT] tokendb.addConfigTemplate=addConfig.template tokendb.addResultTemplate=addResults.template tokendb.agentSelectConfigTemplate=agentSelectConfig.template tokendb.agentViewConfigTemplate=agentViewConfig.template -tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:6,4:1,4:2,4:3,4:6 +tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:6,4:1,4:2,4:3,4:6,6:7 tokendb.auditAdminTemplate=auditAdmin.template tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log tokendb.baseDN=ou=Tokens,[TOKENDB_ROOT] @@ -2025,16 +2026,17 @@ tps._007=# tps.cert.audit_signing.nickname=xxx tps._008=# tps.operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states tps._010=# FORMATTED = 0, -tps._011=# ACTIVE = 4 -tps._012=# Note: Default transitions can be removed from the list if necessary. -tps._013=# Do not add other transitions since they may not be supported. -tps._014=######################################## +tps._011=# ACTIVE = 4, +tps._012=# UNFORMATTED = 7 +tps._013=# Note: Default transitions can be removed from the list if necessary. +tps._014=# Do not add other transitions since they may not be supported. +tps._015=######################################## tps.cert.audit_signing.certusage=ObjectSigner tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME] tps.cert.list=sslserver,subsystem,audit_signing tps.cert.sslserver.certusage=SSLServer tps.cert.subsystem.certusage=SSLClient -tps.operations.allowedTransitions=0:0,0:4,4:4,4:0 +tps.operations.allowedTransitions=0:0,0:4,4:4,4:0,7:0 usrgrp._000=## usrgrp._001=## User/Group usrgrp._002=## diff --git a/base/tps/shared/conf/token-states.properties b/base/tps/shared/conf/token-states.properties index c4bdb56e70abc7cde410a9688d7bc9a03367414c..4c972f3b107d7d573a8ea0ac952ddda02f585372 100644 --- a/base/tps/shared/conf/token-states.properties +++ b/base/tps/shared/conf/token-states.properties @@ -1,4 +1,5 @@ # Token states +UNFORMATTED = Unformatted FORMATTED = Formatted (uninitialized) ACTIVE = Active SUSPENDED = Suspended (temporarily lost) @@ -20,3 +21,4 @@ ACTIVE.DAMAGED = This token has been physically damaged. ACTIVE.PERM_LOST = This token has been permanently lost. ACTIVE.SUSPENDED = This token has been suspended (temporarily lost). ACTIVE.TERMINATED = This token has been terminated. +TERMINATED.UNFORMATTED = Reuse this token. diff --git a/base/tps/shared/webapps/tps/js/token.js b/base/tps/shared/webapps/tps/js/token.js index be5ef7bdfdcf2e4e046fbbc7f84e989ab50df1b3..b5c3e9544d89c59dbf76671a2640f47eceb1cb60 100644 --- a/base/tps/shared/webapps/tps/js/token.js +++ b/base/tps/shared/webapps/tps/js/token.js @@ -21,6 +21,7 @@ // TODO: load labels from server var TokenStatus = { + UNFORMATTED : "Unformatted", FORMATTED : "Formatted (uninitialized)", ACTIVE : "Active", SUSPENDED : "Suspended (temporarily lost)", diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java index 52eadd35f4fb4829c9c3e1889516e813647d38e7..2e46b037c73a09719d39168041ad649919cc0819 100644 --- a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java +++ b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java @@ -38,6 +38,7 @@ import org.dogtagpki.tps.msg.EndOpMsg.TPSStatus; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.dbs.EDBRecordNotFoundException; import com.netscape.certsrv.tps.token.TokenStatus; import netscape.security.x509.RevocationReason; @@ -183,8 +184,9 @@ public class TPSTokendb { TokenRecord existingTokenRecord; try { existingTokenRecord = tps.tokenDatabase.getRecord(id); - } catch (Exception e) { - CMS.debug("TPSTokendb.tdbUpdateTokenEntry: token entry not found; Adding"); + } catch (EDBRecordNotFoundException e) { + CMS.debug("TPSTokendb.tdbUpdateTokenEntry: " + e); + CMS.debug("TPSTokendb.tdbUpdateTokenEntry: Adding token " + id); // add and exit tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED); return; diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java index 7d78b7166af53592756c190877bcaf8db22f283a..2104f292b66d76ac166df0a4da67d2fc2091a388 100644 --- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java +++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java @@ -91,6 +91,16 @@ public class TokenService extends PKIService implements TokenResource { auditModParams.put("UserID", tokenRecord.getUserID()); switch (tokenState.getValue()) { + case TokenStatus.TOKEN_UNFORMATTED: + tokenRecord.setUserID(null); + tokenRecord.setType(null); + tokenRecord.setAppletID(null); + tokenRecord.setKeyInfo(null); + tokenRecord.setPolicy(null); + tokenRecord.setTokenStatus(tokenState); + tokenRecord.setReason(null); + break; + case TokenStatus.TOKEN_FORMATTED: tokenRecord.setTokenStatus(tokenState); tokenRecord.setReason(null); @@ -368,9 +378,9 @@ public class TokenService extends PKIService implements TokenResource { auditModParams.put("Policy", policy); } - // new tokens are FORMATTED when added via UI/CLI - tokenRecord.setTokenStatus(TokenStatus.FORMATTED); - auditModParams.put("Status", TokenStatus.FORMATTED.toString()); + // new tokens are UNFORMATTED when added via UI/CLI + tokenRecord.setTokenStatus(TokenStatus.UNFORMATTED); + auditModParams.put("Status", TokenStatus.UNFORMATTED.toString()); database.addRecord(tokenID, tokenRecord); subsystem.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, -- 2.4.11
>From 8e5a0419321c6b4647a0c488985a81348ec0da6b Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <[email protected]> Date: Tue, 10 May 2016 19:23:15 +0200 Subject: [PATCH] Added warning message for token reuse. The TPS UI has been modified to show a warning message about removing the certificates and keys from the token when marking it for reuse. https://fedorahosted.org/pki/ticket/2287 --- base/tps/shared/webapps/tps/js/token.js | 30 ++++++++++++++++++++++++++++++ base/tps/shared/webapps/tps/ui/token.html | 1 + base/tps/shared/webapps/tps/ui/tokens.html | 1 + dogtag/common-ui/shared/css/pki-ui.css | 5 +++++ 4 files changed, 37 insertions(+) diff --git a/base/tps/shared/webapps/tps/js/token.js b/base/tps/shared/webapps/tps/js/token.js index b5c3e9544d89c59dbf76671a2640f47eceb1cb60..5c7bc0ca7931a393ef200508e9ddb66d802b08db 100644 --- a/base/tps/shared/webapps/tps/js/token.js +++ b/base/tps/shared/webapps/tps/js/token.js @@ -31,6 +31,10 @@ var TokenStatus = { TERMINATED : "Terminated" }; +var TOKEN_REUSE_MESSAGE = "When reusing a token that was previously " + + "enrolled, out of security concerns, make sure the certificate and " + + "key objects are removed from the token."; + var TokenModel = Model.extend({ urlRoot: "/tps/rest/tokens", parseResponse: function(response) { @@ -210,6 +214,19 @@ var TokenPage = EntryPage.extend({ dialog.close(); }); + var orig_status = dialog.entry["status"].name; + var status_field = dialog.$("select[name=status]"); + var warning_area = dialog.$(".pki-warning"); + + status_field.change(function() { + var status = status_field.val(); + if (orig_status == "TERMINATED" && status == "UNFORMATTED") { + warning_area.text(TOKEN_REUSE_MESSAGE); + } else { + warning_area.empty(); + } + }); + dialog.open(); }); @@ -333,6 +350,19 @@ var TokenTableItem = TableItem.extend({ dialog.close(); }); + var orig_status = dialog.entry["status"].name; + var status_field = dialog.$("select[name=status]"); + var warning_area = dialog.$(".pki-warning"); + + status_field.change(function() { + var status = status_field.val(); + if (orig_status == "TERMINATED" && status == "UNFORMATTED") { + warning_area.text(TOKEN_REUSE_MESSAGE); + } else { + warning_area.empty(); + } + }); + dialog.open(); } }); diff --git a/base/tps/shared/webapps/tps/ui/token.html b/base/tps/shared/webapps/tps/ui/token.html index bc4b01d22caa137587e30c5aba10c22cbd67daa4..458fb724be5029502487310d21f95a21313c7877 100644 --- a/base/tps/shared/webapps/tps/ui/token.html +++ b/base/tps/shared/webapps/tps/ui/token.html @@ -81,6 +81,7 @@ <select name="status"> </select><br> </fieldset> + <span class="pki-warning"></span> </div> <div class="modal-footer"> <button name="save" class="btn btn-primary">Save</button> diff --git a/base/tps/shared/webapps/tps/ui/tokens.html b/base/tps/shared/webapps/tps/ui/tokens.html index b085c0b06d8e35239c281167757ba5c9a61221a0..c2f62270c086e556db276e26e4d59feb313d0b30 100644 --- a/base/tps/shared/webapps/tps/ui/tokens.html +++ b/base/tps/shared/webapps/tps/ui/tokens.html @@ -120,6 +120,7 @@ <select name="status"> </select><br> </fieldset> + <span class="pki-warning"></span> </div> <div class="modal-footer"> <button name="save" class="btn btn-primary">Save</button> diff --git a/dogtag/common-ui/shared/css/pki-ui.css b/dogtag/common-ui/shared/css/pki-ui.css index 6042dc3ee97af8e52048a7f14ab8dd2b2a1d1c31..dcf9595a6f8b6873f1407093cf0af920ff040adc 100644 --- a/dogtag/common-ui/shared/css/pki-ui.css +++ b/dogtag/common-ui/shared/css/pki-ui.css @@ -99,6 +99,11 @@ textarea[readonly="readonly"] { background-color: #F8F8F8; } +.pki-warning { + width: 100%; + color: red; +} + table tfoot tr th { padding: 6px 15px; font-size: 11.5px; -- 2.4.11
_______________________________________________ Pki-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-devel
