Validity with radio buttons

2020-08-26 19:30:12 -07:00 · 2020-08-26 19:30:12 -07:00 · 3242fc1e13
parent 6aedd3b0d8
commit 3242fc1e13
6 changed files with 52 additions and 24 deletions
--- a/docs/administration.rst
+++ b/docs/administration.rst
@ -172,15 +172,15 @@ Specifying the `SQLALCHEMY_MAX_OVERFLOW` to 0 will enforce limit to not create c
        PUBLIC_CA_MAX_VALIDITY_DAYS = 365


-.. data:: DEFAULT_MAX_VALIDITY_DAYS
+.. data:: DEFAULT_VALIDITY_DAYS
    :noindex:
-        Use this config to override the default limit of 1095 days (3 years) of validity. Any CA which is not listed in
-        PUBLIC_CA_AUTHORITY_NAMES will be using this validity to display date range on UI. Below example overrides the
-        default validity of 1095 days and sets it to 365 days.
+        Use this config to override the default validity of certificates offered through Lemur UI. Any CA which is not listed
+        in PUBLIC_CA_AUTHORITY_NAMES will be using this value as default validity to be displayed on UI. Below example overrides the
+        default validity of 365 days and sets it to 1095 days (3 years).

    ::

-        DEFAULT_MAX_VALIDITY_DAYS = 365
+        DEFAULT_VALIDITY_DAYS = 1095


 .. data:: DEBUG_DUMP
--- a/lemur/authorities/schemas.py
+++ b/lemur/authorities/schemas.py
@ -110,6 +110,7 @@ class RootAuthorityCertificateOutputSchema(LemurOutputSchema):
    not_after = fields.DateTime()
    not_before = fields.DateTime()
    max_issuance_days = fields.Integer()
+    default_validity_days = fields.Integer()
    owner = fields.Email()
    status = fields.Boolean()
    user = fields.Nested(UserNestedOutputSchema)
@ -135,7 +136,7 @@ class AuthorityNestedOutputSchema(LemurOutputSchema):
    owner = fields.Email()
    plugin = fields.Nested(PluginOutputSchema)
    active = fields.Boolean()
-    authority_certificate = fields.Nested(RootAuthorityCertificateOutputSchema, only=["max_issuance_days"])
+    authority_certificate = fields.Nested(RootAuthorityCertificateOutputSchema, only=["max_issuance_days", "default_validity_days"])


 authority_update_schema = AuthorityUpdateSchema()
--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@ -317,6 +317,14 @@ class Certificate(db.Model):
        if self.name.lower() in [ca.lower() for ca in public_CA]:
            return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)

+    @property
+    def default_validity_days(self):
+        public_CA = current_app.config.get("PUBLIC_CA_AUTHORITY_NAMES", [])
+        if self.name.lower() in [ca.lower() for ca in public_CA]:
+            return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)
+
+        return current_app.config.get("DEFAULT_VALIDITY_DAYS", 365)   # 1 year default
+
    @property
    def subject(self):
        return self.parsed_cert.subject
--- a/lemur/static/app/angular/certificates/certificate/certificate.js
+++ b/lemur/static/app/angular/certificates/certificate/certificate.js
@ -107,7 +107,6 @@ angular.module('lemur')
      startingDay: 1
    };

-
    $scope.open1 = function() {
      $scope.popup1.opened = true;
    };
@ -140,6 +139,12 @@ angular.module('lemur')
    );

    $scope.create = function (certificate) {
+      if(certificate.validityType === 'dates' &&
+          (!certificate.validityStart || !certificate.validityEnd)) { // these are not mandatory fields in schema, thus handling validation in js
+          return showMissingDateError();
+      }
+      delete certificate.validityType;
+
      WizardHandler.wizard().context.loading = true;
      CertificateService.create(certificate).then(
        function () {
@ -164,6 +169,23 @@ angular.module('lemur')
        });
    };

+    function showMissingDateError() {
+      let error = {};
+        error.message = '';
+        error.reasons = {};
+        error.reasons.validityRange = 'Valid start and end dates are needed, else select Default option';
+
+        toaster.pop({
+          type: 'error',
+          title: 'Validation Error',
+          body: 'lemur-bad-request',
+          bodyOutputType: 'directive',
+          directiveData: error,
+          timeout: 100000
+        });
+        return;
+    }
+
    $scope.templates = [
      {
        'name': 'Client Certificate',
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@ -136,19 +136,17 @@
             uib-tooltip="If no date is selected Lemur attempts to issue a 1 year certificate">
        Validity Range <span class="glyphicon glyphicon-question-sign"></span>
      </label>
-      <div class="col-sm-2">
-        <select ng-model="certificate.validityYears" class="form-control">
-          <option value="">-</option>
-          <option value="1">1 year</option>
-        </select>
+      <div class="col-sm-4">
+        <div class="btn-group">
+          <label class="btn btn-success" ng-model="certificate.validityType" uib-btn-radio="'defaultDays'" ng-click="clearDates()">
+              Default ({{certificate.authority.authorityCertificate.defaultValidityDays}} days)</label>
+          <label class="btn btn-success" ng-model="certificate.validityType" uib-btn-radio="'dates'">Select Date</label>
+        </div>
      </div>
-      <span style="padding-top: 15px" class="text-center col-sm-1">
-                <strong>or</strong>
-            </span>
-      <div class="col-sm-3">
+      <div class="col-sm-3" ng-if="certificate.validityType==='dates'">
        <div class="input-group">
          <input type="text" class="form-control"
-                 uib-tooltip="yyyy/MM/dd"
+                 uib-tooltip="Start Date (yyyy/MM/dd)"
                 uib-datepicker-popup="yyyy/MM/dd"
                 ng-model="certificate.validityStart"
                 ng-change="certificate.setValidityEndDateRange(certificate.validityStart)"
@ -167,10 +165,10 @@
                    </span>
        </div>
      </div>
-      <div class="col-sm-3">
+      <div class="col-sm-3" ng-if="certificate.validityType==='dates'">
        <div class="input-group">
          <input type="text" class="form-control"
-                 uib-tooltip="yyyy/MM/dd"
+                 uib-tooltip="End Date (yyyy/MM/dd)"
                 uib-datepicker-popup="yyyy/MM/dd"
                 ng-model="certificate.validityEnd"
                 is-open="popup2.opened"
@ -188,10 +186,6 @@
                    </span>
        </div>
      </div>
-      <div class="col-sm-1">
-        <button uib-tooltip="Clear Validity" ng-click="clearDates()" class="btn btn-default"><i
-          class="glyphicon glyphicon-remove"></i></button>
-      </div>
    </div>
    <div class="form-group" ng-show="certificate.authority.plugin.slug == 'acme-issuer'">
      <label class="control-label col-sm-2">
--- a/lemur/static/app/angular/certificates/services.js
+++ b/lemur/static/app/angular/certificates/services.js
@ -197,7 +197,7 @@ angular.module('lemur')
    CertificateService.create = function (certificate) {
      certificate.attachSubAltName();
      certificate.attachCustom();
-      if (certificate.validityYears === '') { // if a user de-selects validity years we ignore it
+      if (certificate.validityYears === '') { // if a user de-selects validity years we ignore it - might not be needed anymore
        delete certificate.validityYears;
      }
      return CertificateApi.post(certificate);
@ -283,6 +283,9 @@ angular.module('lemur')
        certificate.authority.authorityCertificate.minValidityEnd = defaults.authority.authorityCertificate.notBefore;
        certificate.authority.authorityCertificate.maxValidityEnd = defaults.authority.authorityCertificate.notAfter;

+        // pre-select validity type radio button to default days
+        certificate.validityType = 'defaultDays';
+
        if (certificate.dnsProviderId) {
          certificate.dnsProvider = {id: certificate.dnsProviderId};
        }