254 duplication certificate name (#319)

This commit is contained in:
kevgliss 2016-05-16 15:59:40 -07:00
parent 62b61ed980
commit 1763a1a717
11 changed files with 22 additions and 20 deletions

View File

@ -53,8 +53,6 @@ def create_name(issuer, not_before, not_after, subject, san):
not_after=not_after.strftime('%Y%m%d') not_after=not_after.strftime('%Y%m%d')
) )
# NOTE we may want to give more control over naming
# aws doesn't allow special chars except '-'
disallowed_chars = ''.join(c for c in map(chr, range(256)) if not c.isalnum()) disallowed_chars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
disallowed_chars = disallowed_chars.replace("-", "") disallowed_chars = disallowed_chars.replace("-", "")
disallowed_chars = disallowed_chars.replace(".", "") disallowed_chars = disallowed_chars.replace(".", "")
@ -64,7 +62,13 @@ def create_name(issuer, not_before, not_after, subject, san):
temp = temp.replace(c, "") temp = temp.replace(c, "")
# white space is silly too # white space is silly too
return temp.replace(" ", "-") final = temp.replace(" ", "-")
# we don't want any overlapping certificate names
if Certificate.query.filter(Certificate.name == final).all():
final += '-1'
return final
def get_signing_algorithm(cert): def get_signing_algorithm(cert):

View File

@ -129,7 +129,7 @@ class CertificateUploadInputSchema(LemurInputSchema):
class CertificateExportInputSchema(LemurInputSchema): class CertificateExportInputSchema(LemurInputSchema):
export = fields.Nested(PluginInputSchema) plugin = fields.Nested(PluginInputSchema)
certificate_input_schema = CertificateInputSchema() certificate_input_schema = CertificateInputSchema()

View File

@ -675,7 +675,7 @@ class CertificateExport(AuthenticatedResource):
self.reqparse = reqparse.RequestParser() self.reqparse = reqparse.RequestParser()
super(CertificateExport, self).__init__() super(CertificateExport, self).__init__()
@validate_schema(None, certificate_export_input_schema) @validate_schema(certificate_export_input_schema, None)
def post(self, certificate_id, data=None): def post(self, certificate_id, data=None):
""" """
.. http:post:: /certificates/1/export .. http:post:: /certificates/1/export
@ -743,11 +743,10 @@ class CertificateExport(AuthenticatedResource):
""" """
cert = service.get(certificate_id) cert = service.get(certificate_id)
role = role_service.get_by_name(cert.owner) role = role_service.get_by_name(cert.owner)
permission = UpdateCertificatePermission(certificate_id, getattr(role, 'name', None)) permission = UpdateCertificatePermission(certificate_id, getattr(role, 'name', None))
options = data['export']['plugin']['plugin_options'] options = data['plugin']['plugin_options']
plugin = data['export']['plugin'] plugin = data['plugin']['plugin_object']
if plugin.requires_key: if plugin.requires_key:
if permission.can(): if permission.can():

View File

@ -134,6 +134,9 @@ def validate_schema(input_schema, output_schema):
resp = f(*args, **kwargs) resp = f(*args, **kwargs)
if isinstance(resp, tuple):
return resp[0], resp[1]
if not resp: if not resp:
return dict(message="No data found"), 404 return dict(message="No data found"), 404

View File

@ -223,7 +223,7 @@ class Roles(AuthenticatedResource):
if not g.current_user.is_admin: if not g.current_user.is_admin:
user_role_ids = set([r.id for r in g.current_user.roles]) user_role_ids = set([r.id for r in g.current_user.roles])
if role_id not in user_role_ids: if role_id not in user_role_ids:
return dict(message="You are not allowed to view a role which you are not a member of"), 400 return dict(message="You are not allowed to view a role which you are not a member of"), 403
return service.get(role_id) return service.get(role_id)

View File

@ -51,9 +51,6 @@ angular.module('lemur')
}) })
.controller('CertificateEditController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, NotificationService, toaster, editId) { .controller('CertificateEditController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, NotificationService, toaster, editId) {
CertificateApi.get(editId).then(function (certificate) { CertificateApi.get(editId).then(function (certificate) {
CertificateService.getNotifications(certificate);
CertificateService.getDestinations(certificate);
CertificateService.getReplacements(certificate);
$scope.certificate = certificate; $scope.certificate = certificate;
}); });
@ -90,7 +87,6 @@ angular.module('lemur')
.controller('CertificateCreateController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, AuthorityService, AuthorityApi, PluginService, MomentService, WizardHandler, LemurRestangular, NotificationService, toaster) { .controller('CertificateCreateController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, AuthorityService, AuthorityApi, PluginService, MomentService, WizardHandler, LemurRestangular, NotificationService, toaster) {
$scope.certificate = LemurRestangular.restangularizeElement(null, {}, 'certificates'); $scope.certificate = LemurRestangular.restangularizeElement(null, {}, 'certificates');
// set the defaults // set the defaults
CertificateService.getDefaults($scope.certificate); CertificateService.getDefaults($scope.certificate);

View File

@ -10,10 +10,10 @@
Plugin Plugin
</label> </label>
<div class="col-sm-10"> <div class="col-sm-10">
<select class="form-control" ng-model="certificate.export.plugin" ng-options="plugin.title for plugin in plugins" required></select> <select class="form-control" ng-model="certificate.plugin" ng-options="plugin.title for plugin in plugins" required></select>
</div> </div>
</div> </div>
<div class="form-group" ng-repeat="item in certificate.export.plugin.pluginOptions"> <div class="form-group" ng-repeat="item in certificate.plugin.pluginOptions">
<ng-form name="subForm" class="form-horizontal" role="form" novalidate> <ng-form name="subForm" class="form-horizontal" role="form" novalidate>
<div ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}"> <div ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
<label class="control-label col-sm-2"> <label class="control-label col-sm-2">

View File

@ -37,7 +37,7 @@
class="form-control" required></textarea> class="form-control" required></textarea>
<p ng-show="trackingForm.description.$invalid && !trackingForm.description.$pristine" <p ng-show="trackingForm.description.$invalid && !trackingForm.description.$pristine"
class="help-block">You class="help-block">You
must give a short description about this authority will be used for.</p> must give a short description about this certificate will be used for.</p>
</div> </div>
</div> </div>
<div class="form-group" <div class="form-group"

View File

@ -72,7 +72,7 @@
<li class="dropdown" dropdown on-toggle="toggled(open)"> <li class="dropdown" dropdown on-toggle="toggled(open)">
<a href class="dropdown-toggle profile-nav" dropdown-toggle> <a href class="dropdown-toggle profile-nav" dropdown-toggle>
<span ng-if="currentUser.profileImage"> <span ng-if="currentUser.profileImage">
{{ currentUser.username }}<img src="{{ currentUser.profileImage }}" class="profile img-circle"> {{ currentUser.username }}<img ng-src="{{ currentUser.profileImage }}" class="profile img-circle">
</span> </span>
<span ng-if="!currentUser.profileImage"> <span ng-if="!currentUser.profileImage">
{{ currentUser.username }}<ng-letter-avatar height="35" width="35" data="currentUser.username" shape="round"></ng-letter-avatar> {{ currentUser.username }}<ng-letter-avatar height="35" width="35" data="currentUser.username" shape="round"></ng-letter-avatar>

View File

@ -44,8 +44,8 @@ def test_authority_post(client, token, status):
@pytest.mark.parametrize("token,status", [ @pytest.mark.parametrize("token,status", [
(VALID_USER_HEADER_TOKEN, 200), (VALID_USER_HEADER_TOKEN, 404),
(VALID_ADMIN_HEADER_TOKEN, 200), (VALID_ADMIN_HEADER_TOKEN, 404),
('', 401) ('', 401)
]) ])
def test_authority_put(client, token, status): def test_authority_put(client, token, status):

View File

@ -19,7 +19,7 @@ def test_role_input_schema(client):
@pytest.mark.parametrize("token,status", [ @pytest.mark.parametrize("token,status", [
(VALID_USER_HEADER_TOKEN, 200), (VALID_USER_HEADER_TOKEN, 403),
(VALID_ADMIN_HEADER_TOKEN, 200), (VALID_ADMIN_HEADER_TOKEN, 200),
('', 401) ('', 401)
]) ])