254 duplication certificate name (#319)
This commit is contained in:
kevgliss
parent
62b61ed980
commit
1763a1a717
|
|
@ -53,8 +53,6 @@ def create_name(issuer, not_before, not_after, subject, san):
|
||||||
not_after=not_after.strftime('%Y%m%d')
|
not_after=not_after.strftime('%Y%m%d')
|
||||||
)
|
)
|
||||||
|
|
||||||
# NOTE we may want to give more control over naming
|
|
||||||
# aws doesn't allow special chars except '-'
|
|
||||||
disallowed_chars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
|
disallowed_chars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
|
||||||
disallowed_chars = disallowed_chars.replace("-", "")
|
disallowed_chars = disallowed_chars.replace("-", "")
|
||||||
disallowed_chars = disallowed_chars.replace(".", "")
|
disallowed_chars = disallowed_chars.replace(".", "")
|
||||||
|
|
@ -64,7 +62,13 @@ def create_name(issuer, not_before, not_after, subject, san):
|
||||||
temp = temp.replace(c, "")
|
temp = temp.replace(c, "")
|
||||||
|
|
||||||
# white space is silly too
|
# white space is silly too
|
||||||
return temp.replace(" ", "-")
|
final = temp.replace(" ", "-")
|
||||||
|
|
||||||
|
# we don't want any overlapping certificate names
|
||||||
|
if Certificate.query.filter(Certificate.name == final).all():
|
||||||
|
final += '-1'
|
||||||
|
|
||||||
|
return final
|
||||||
|
|
||||||
|
|
||||||
def get_signing_algorithm(cert):
|
def get_signing_algorithm(cert):
|
||||||
|
|
|
||||||
|
|
@ -129,7 +129,7 @@ class CertificateUploadInputSchema(LemurInputSchema):
|
||||||
|
|
||||||
|
|
||||||
class CertificateExportInputSchema(LemurInputSchema):
|
class CertificateExportInputSchema(LemurInputSchema):
|
||||||
export = fields.Nested(PluginInputSchema)
|
plugin = fields.Nested(PluginInputSchema)
|
||||||
|
|
||||||
|
|
||||||
certificate_input_schema = CertificateInputSchema()
|
certificate_input_schema = CertificateInputSchema()
|
||||||
|
|
|
||||||
|
|
@ -675,7 +675,7 @@ class CertificateExport(AuthenticatedResource):
|
||||||
self.reqparse = reqparse.RequestParser()
|
self.reqparse = reqparse.RequestParser()
|
||||||
super(CertificateExport, self).__init__()
|
super(CertificateExport, self).__init__()
|
||||||
|
|
||||||
@validate_schema(None, certificate_export_input_schema)
|
@validate_schema(certificate_export_input_schema, None)
|
||||||
def post(self, certificate_id, data=None):
|
def post(self, certificate_id, data=None):
|
||||||
"""
|
"""
|
||||||
.. http:post:: /certificates/1/export
|
.. http:post:: /certificates/1/export
|
||||||
|
|
@ -743,11 +743,10 @@ class CertificateExport(AuthenticatedResource):
|
||||||
"""
|
"""
|
||||||
cert = service.get(certificate_id)
|
cert = service.get(certificate_id)
|
||||||
role = role_service.get_by_name(cert.owner)
|
role = role_service.get_by_name(cert.owner)
|
||||||
|
|
||||||
permission = UpdateCertificatePermission(certificate_id, getattr(role, 'name', None))
|
permission = UpdateCertificatePermission(certificate_id, getattr(role, 'name', None))
|
||||||
|
|
||||||
options = data['export']['plugin']['plugin_options']
|
options = data['plugin']['plugin_options']
|
||||||
plugin = data['export']['plugin']
|
plugin = data['plugin']['plugin_object']
|
||||||
|
|
||||||
if plugin.requires_key:
|
if plugin.requires_key:
|
||||||
if permission.can():
|
if permission.can():
|
||||||
|
|
|
||||||
|
|
@ -134,6 +134,9 @@ def validate_schema(input_schema, output_schema):
|
||||||
|
|
||||||
resp = f(*args, **kwargs)
|
resp = f(*args, **kwargs)
|
||||||
|
|
||||||
|
if isinstance(resp, tuple):
|
||||||
|
return resp[0], resp[1]
|
||||||
|
|
||||||
if not resp:
|
if not resp:
|
||||||
return dict(message="No data found"), 404
|
return dict(message="No data found"), 404
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -223,7 +223,7 @@ class Roles(AuthenticatedResource):
|
||||||
if not g.current_user.is_admin:
|
if not g.current_user.is_admin:
|
||||||
user_role_ids = set([r.id for r in g.current_user.roles])
|
user_role_ids = set([r.id for r in g.current_user.roles])
|
||||||
if role_id not in user_role_ids:
|
if role_id not in user_role_ids:
|
||||||
return dict(message="You are not allowed to view a role which you are not a member of"), 400
|
return dict(message="You are not allowed to view a role which you are not a member of"), 403
|
||||||
|
|
||||||
return service.get(role_id)
|
return service.get(role_id)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -51,9 +51,6 @@ angular.module('lemur')
|
||||||
})
|
})
|
||||||
.controller('CertificateEditController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, NotificationService, toaster, editId) {
|
.controller('CertificateEditController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, NotificationService, toaster, editId) {
|
||||||
CertificateApi.get(editId).then(function (certificate) {
|
CertificateApi.get(editId).then(function (certificate) {
|
||||||
CertificateService.getNotifications(certificate);
|
|
||||||
CertificateService.getDestinations(certificate);
|
|
||||||
CertificateService.getReplacements(certificate);
|
|
||||||
$scope.certificate = certificate;
|
$scope.certificate = certificate;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -90,7 +87,6 @@ angular.module('lemur')
|
||||||
|
|
||||||
.controller('CertificateCreateController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, AuthorityService, AuthorityApi, PluginService, MomentService, WizardHandler, LemurRestangular, NotificationService, toaster) {
|
.controller('CertificateCreateController', function ($scope, $uibModalInstance, CertificateApi, CertificateService, DestinationService, AuthorityService, AuthorityApi, PluginService, MomentService, WizardHandler, LemurRestangular, NotificationService, toaster) {
|
||||||
$scope.certificate = LemurRestangular.restangularizeElement(null, {}, 'certificates');
|
$scope.certificate = LemurRestangular.restangularizeElement(null, {}, 'certificates');
|
||||||
|
|
||||||
// set the defaults
|
// set the defaults
|
||||||
CertificateService.getDefaults($scope.certificate);
|
CertificateService.getDefaults($scope.certificate);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -10,10 +10,10 @@
|
||||||
Plugin
|
Plugin
|
||||||
</label>
|
</label>
|
||||||
<div class="col-sm-10">
|
<div class="col-sm-10">
|
||||||
<select class="form-control" ng-model="certificate.export.plugin" ng-options="plugin.title for plugin in plugins" required></select>
|
<select class="form-control" ng-model="certificate.plugin" ng-options="plugin.title for plugin in plugins" required></select>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group" ng-repeat="item in certificate.export.plugin.pluginOptions">
|
<div class="form-group" ng-repeat="item in certificate.plugin.pluginOptions">
|
||||||
<ng-form name="subForm" class="form-horizontal" role="form" novalidate>
|
<ng-form name="subForm" class="form-horizontal" role="form" novalidate>
|
||||||
<div ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
|
<div ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
|
||||||
<label class="control-label col-sm-2">
|
<label class="control-label col-sm-2">
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@
|
||||||
class="form-control" required></textarea>
|
class="form-control" required></textarea>
|
||||||
<p ng-show="trackingForm.description.$invalid && !trackingForm.description.$pristine"
|
<p ng-show="trackingForm.description.$invalid && !trackingForm.description.$pristine"
|
||||||
class="help-block">You
|
class="help-block">You
|
||||||
must give a short description about this authority will be used for.</p>
|
must give a short description about this certificate will be used for.</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group"
|
<div class="form-group"
|
||||||
|
|
|
||||||
|
|
@ -72,7 +72,7 @@
|
||||||
<li class="dropdown" dropdown on-toggle="toggled(open)">
|
<li class="dropdown" dropdown on-toggle="toggled(open)">
|
||||||
<a href class="dropdown-toggle profile-nav" dropdown-toggle>
|
<a href class="dropdown-toggle profile-nav" dropdown-toggle>
|
||||||
<span ng-if="currentUser.profileImage">
|
<span ng-if="currentUser.profileImage">
|
||||||
{{ currentUser.username }}<img src="{{ currentUser.profileImage }}" class="profile img-circle">
|
{{ currentUser.username }}<img ng-src="{{ currentUser.profileImage }}" class="profile img-circle">
|
||||||
</span>
|
</span>
|
||||||
<span ng-if="!currentUser.profileImage">
|
<span ng-if="!currentUser.profileImage">
|
||||||
{{ currentUser.username }}<ng-letter-avatar height="35" width="35" data="currentUser.username" shape="round"></ng-letter-avatar>
|
{{ currentUser.username }}<ng-letter-avatar height="35" width="35" data="currentUser.username" shape="round"></ng-letter-avatar>
|
||||||
|
|
|
||||||
|
|
@ -44,8 +44,8 @@ def test_authority_post(client, token, status):
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.parametrize("token,status", [
|
@pytest.mark.parametrize("token,status", [
|
||||||
(VALID_USER_HEADER_TOKEN, 200),
|
(VALID_USER_HEADER_TOKEN, 404),
|
||||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
(VALID_ADMIN_HEADER_TOKEN, 404),
|
||||||
('', 401)
|
('', 401)
|
||||||
])
|
])
|
||||||
def test_authority_put(client, token, status):
|
def test_authority_put(client, token, status):
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ def test_role_input_schema(client):
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.parametrize("token,status", [
|
@pytest.mark.parametrize("token,status", [
|
||||||
(VALID_USER_HEADER_TOKEN, 200),
|
(VALID_USER_HEADER_TOKEN, 403),
|
||||||
(VALID_ADMIN_HEADER_TOKEN, 200),
|
(VALID_ADMIN_HEADER_TOKEN, 200),
|
||||||
('', 401)
|
('', 401)
|
||||||
])
|
])
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue