Validity with radio buttons
This commit is contained in:
parent
6aedd3b0d8
commit
3242fc1e13
@ -172,15 +172,15 @@ Specifying the `SQLALCHEMY_MAX_OVERFLOW` to 0 will enforce limit to not create c
|
||||
PUBLIC_CA_MAX_VALIDITY_DAYS = 365
|
||||
|
||||
|
||||
.. data:: DEFAULT_MAX_VALIDITY_DAYS
|
||||
.. data:: DEFAULT_VALIDITY_DAYS
|
||||
:noindex:
|
||||
Use this config to override the default limit of 1095 days (3 years) of validity. Any CA which is not listed in
|
||||
PUBLIC_CA_AUTHORITY_NAMES will be using this validity to display date range on UI. Below example overrides the
|
||||
default validity of 1095 days and sets it to 365 days.
|
||||
Use this config to override the default validity of certificates offered through Lemur UI. Any CA which is not listed
|
||||
in PUBLIC_CA_AUTHORITY_NAMES will be using this value as default validity to be displayed on UI. Below example overrides the
|
||||
default validity of 365 days and sets it to 1095 days (3 years).
|
||||
|
||||
::
|
||||
|
||||
DEFAULT_MAX_VALIDITY_DAYS = 365
|
||||
DEFAULT_VALIDITY_DAYS = 1095
|
||||
|
||||
|
||||
.. data:: DEBUG_DUMP
|
||||
|
@ -110,6 +110,7 @@ class RootAuthorityCertificateOutputSchema(LemurOutputSchema):
|
||||
not_after = fields.DateTime()
|
||||
not_before = fields.DateTime()
|
||||
max_issuance_days = fields.Integer()
|
||||
default_validity_days = fields.Integer()
|
||||
owner = fields.Email()
|
||||
status = fields.Boolean()
|
||||
user = fields.Nested(UserNestedOutputSchema)
|
||||
@ -135,7 +136,7 @@ class AuthorityNestedOutputSchema(LemurOutputSchema):
|
||||
owner = fields.Email()
|
||||
plugin = fields.Nested(PluginOutputSchema)
|
||||
active = fields.Boolean()
|
||||
authority_certificate = fields.Nested(RootAuthorityCertificateOutputSchema, only=["max_issuance_days"])
|
||||
authority_certificate = fields.Nested(RootAuthorityCertificateOutputSchema, only=["max_issuance_days", "default_validity_days"])
|
||||
|
||||
|
||||
authority_update_schema = AuthorityUpdateSchema()
|
||||
|
@ -317,6 +317,14 @@ class Certificate(db.Model):
|
||||
if self.name.lower() in [ca.lower() for ca in public_CA]:
|
||||
return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)
|
||||
|
||||
@property
|
||||
def default_validity_days(self):
|
||||
public_CA = current_app.config.get("PUBLIC_CA_AUTHORITY_NAMES", [])
|
||||
if self.name.lower() in [ca.lower() for ca in public_CA]:
|
||||
return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)
|
||||
|
||||
return current_app.config.get("DEFAULT_VALIDITY_DAYS", 365) # 1 year default
|
||||
|
||||
@property
|
||||
def subject(self):
|
||||
return self.parsed_cert.subject
|
||||
|
@ -107,7 +107,6 @@ angular.module('lemur')
|
||||
startingDay: 1
|
||||
};
|
||||
|
||||
|
||||
$scope.open1 = function() {
|
||||
$scope.popup1.opened = true;
|
||||
};
|
||||
@ -140,6 +139,12 @@ angular.module('lemur')
|
||||
);
|
||||
|
||||
$scope.create = function (certificate) {
|
||||
if(certificate.validityType === 'dates' &&
|
||||
(!certificate.validityStart || !certificate.validityEnd)) { // these are not mandatory fields in schema, thus handling validation in js
|
||||
return showMissingDateError();
|
||||
}
|
||||
delete certificate.validityType;
|
||||
|
||||
WizardHandler.wizard().context.loading = true;
|
||||
CertificateService.create(certificate).then(
|
||||
function () {
|
||||
@ -164,6 +169,23 @@ angular.module('lemur')
|
||||
});
|
||||
};
|
||||
|
||||
function showMissingDateError() {
|
||||
let error = {};
|
||||
error.message = '';
|
||||
error.reasons = {};
|
||||
error.reasons.validityRange = 'Valid start and end dates are needed, else select Default option';
|
||||
|
||||
toaster.pop({
|
||||
type: 'error',
|
||||
title: 'Validation Error',
|
||||
body: 'lemur-bad-request',
|
||||
bodyOutputType: 'directive',
|
||||
directiveData: error,
|
||||
timeout: 100000
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
$scope.templates = [
|
||||
{
|
||||
'name': 'Client Certificate',
|
||||
|
@ -136,19 +136,17 @@
|
||||
uib-tooltip="If no date is selected Lemur attempts to issue a 1 year certificate">
|
||||
Validity Range <span class="glyphicon glyphicon-question-sign"></span>
|
||||
</label>
|
||||
<div class="col-sm-2">
|
||||
<select ng-model="certificate.validityYears" class="form-control">
|
||||
<option value="">-</option>
|
||||
<option value="1">1 year</option>
|
||||
</select>
|
||||
<div class="col-sm-4">
|
||||
<div class="btn-group">
|
||||
<label class="btn btn-success" ng-model="certificate.validityType" uib-btn-radio="'defaultDays'" ng-click="clearDates()">
|
||||
Default ({{certificate.authority.authorityCertificate.defaultValidityDays}} days)</label>
|
||||
<label class="btn btn-success" ng-model="certificate.validityType" uib-btn-radio="'dates'">Select Date</label>
|
||||
</div>
|
||||
</div>
|
||||
<span style="padding-top: 15px" class="text-center col-sm-1">
|
||||
<strong>or</strong>
|
||||
</span>
|
||||
<div class="col-sm-3">
|
||||
<div class="col-sm-3" ng-if="certificate.validityType==='dates'">
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control"
|
||||
uib-tooltip="yyyy/MM/dd"
|
||||
uib-tooltip="Start Date (yyyy/MM/dd)"
|
||||
uib-datepicker-popup="yyyy/MM/dd"
|
||||
ng-model="certificate.validityStart"
|
||||
ng-change="certificate.setValidityEndDateRange(certificate.validityStart)"
|
||||
@ -167,10 +165,10 @@
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-3">
|
||||
<div class="col-sm-3" ng-if="certificate.validityType==='dates'">
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control"
|
||||
uib-tooltip="yyyy/MM/dd"
|
||||
uib-tooltip="End Date (yyyy/MM/dd)"
|
||||
uib-datepicker-popup="yyyy/MM/dd"
|
||||
ng-model="certificate.validityEnd"
|
||||
is-open="popup2.opened"
|
||||
@ -188,10 +186,6 @@
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-1">
|
||||
<button uib-tooltip="Clear Validity" ng-click="clearDates()" class="btn btn-default"><i
|
||||
class="glyphicon glyphicon-remove"></i></button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group" ng-show="certificate.authority.plugin.slug == 'acme-issuer'">
|
||||
<label class="control-label col-sm-2">
|
||||
|
@ -197,7 +197,7 @@ angular.module('lemur')
|
||||
CertificateService.create = function (certificate) {
|
||||
certificate.attachSubAltName();
|
||||
certificate.attachCustom();
|
||||
if (certificate.validityYears === '') { // if a user de-selects validity years we ignore it
|
||||
if (certificate.validityYears === '') { // if a user de-selects validity years we ignore it - might not be needed anymore
|
||||
delete certificate.validityYears;
|
||||
}
|
||||
return CertificateApi.post(certificate);
|
||||
@ -283,6 +283,9 @@ angular.module('lemur')
|
||||
certificate.authority.authorityCertificate.minValidityEnd = defaults.authority.authorityCertificate.notBefore;
|
||||
certificate.authority.authorityCertificate.maxValidityEnd = defaults.authority.authorityCertificate.notAfter;
|
||||
|
||||
// pre-select validity type radio button to default days
|
||||
certificate.validityType = 'defaultDays';
|
||||
|
||||
if (certificate.dnsProviderId) {
|
||||
certificate.dnsProvider = {id: certificate.dnsProviderId};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user