Merge pull request #58 from kevgliss/configBasedNames

Adding ability to define distinguished names in config

docs/administration/index.rst

@@ -102,6 +102,53 @@ Basic Configuration
         LEMUR_ENCRYPTION_KEY = 'supersupersecret'
 
 
+Certificate Default Options
+---------------------------
+
+Lemur allows you to find tune your certificates to your organization. The following defaults are presented in the UI
+and are used when Lemur creates the CSR for your certificates.
+
+
+.. data:: LEMUR_DEFAULT_COUNTRY
+    :noindex:
+
+    ::
+
+        LEMUR_DEFAULT_COUNTRY = "US"
+
+
+.. data:: LEMUR_DEFAULT_STATE
+    :noindex:
+
+    ::
+
+        LEMUR_DEFAULT_STATE = "CA"
+
+
+.. data:: LEMUR_DEFAULT_LOCATION
+    :noindex:
+
+    ::
+
+        LEMUR_DEFAULT_LOCATION = "Los Gatos"
+
+
+.. data:: LEMUR_DEFAULT_ORGANIZATION
+    :noindex:
+
+    ::
+
+        LEMUR_DEFAULT_ORGANIZATION = "Netflix"
+
+
+.. data:: LEMUR_DEFAULT_ORGANIZATION_UNIT
+    :noindex:
+
+    ::
+
+        LEMUR_DEFAULT_ORGANIZATIONAL_UNIT = "Operations"
+
+
 Notification Options
 --------------------
 

lemur/certificates/views.py

@@ -7,7 +7,7 @@
 """
 from builtins import str
 
-from flask import Blueprint, make_response, jsonify
+from flask import Blueprint, current_app, make_response, jsonify
 from flask.ext.restful import reqparse, Api, fields
 
 from cryptography import x509
@@ -662,9 +662,59 @@ class NotificationCertificatesList(AuthenticatedResource):
         args['notification_id'] = notification_id
         return service.render(args)
 
+
+class CertificatesDefaults(AuthenticatedResource):
+    """ Defineds the 'certificates' defaults endpoint """
+    def __init__(self):
+        super(CertificatesDefaults)
+
+    def get(self):
+        """
+        .. http:get:: /certificates/defaults
+
+            Returns defaults needed to generate CSRs
+
+           **Example request**:
+
+           .. sourcecode:: http
+
+              GET /certificates/defaults HTTP/1.1
+              Host: example.com
+              Accept: application/json, text/javascript
+
+           **Example response**:
+
+           .. sourcecode:: http
+
+              HTTP/1.1 200 OK
+              Vary: Accept
+              Content-Type: text/javascript
+
+              {
+                 "country": "US",
+                 "state": "CA",
+                 "location": "Los Gatos",
+                 "organization": "Netflix",
+                 "organizationalUnit": "Operations"
+              }
+
+           :reqheader Authorization: OAuth token to authenticate
+           :statuscode 200: no error
+           :statuscode 403: unauthenticated
+        """
+        return dict(
+            country=current_app.config.get('LEMUR_DEFAULT_COUNTRY'),
+            state=current_app.config.get('LEMUR_DEFAULT_STATE'),
+            location=current_app.config.get('LEMUR_DEFAULT_LOCATION'),
+            organization=current_app.config.get('LEMUR_DEFAULT_ORGANIZATION'),
+            organizationalUnit=current_app.config.get('LEMUR_DEFAULT_ORGANIZATIONAL_UNIT')
+        )
+
+
 api.add_resource(CertificatesList, '/certificates', endpoint='certificates')
 api.add_resource(Certificates, '/certificates/<int:certificate_id>', endpoint='certificate')
 api.add_resource(CertificatesStats, '/certificates/stats', endpoint='certificateStats')
 api.add_resource(CertificatesUpload, '/certificates/upload', endpoint='certificateUpload')
 api.add_resource(CertificatePrivateKey, '/certificates/<int:certificate_id>/key', endpoint='privateKeyCertificates')
 api.add_resource(NotificationCertificatesList, '/notifications/<int:notification_id>/certificates', endpoint='notificationCertificates')
+api.add_resource(CertificatesDefaults, '/certificates/defaults', endpoint='certificatesDefault')

lemur/manage.py

@@ -80,6 +80,15 @@ LEMUR_RESTRICTED_DOMAINS = []
 LEMUR_EMAIL = ''
 LEMUR_SECURITY_TEAM_EMAIL = []
 
+# Certificate Defaults
+
+LEMUR_DEFAULT_COUNTRY = ''
+LEMUR_DEFAULT_STATE = ''
+LEMUR_DEFAULT_LOCATION = ''
+LEMUR_DEFAULT_ORGANIZATION = ''
+LEMUR_DEFAULT_ORGANIZATIONAL_UNIT = ''
+
+
 # Logging
 
 LOG_LEVEL = "DEBUG"

lemur/static/app/angular/certificates/certificate/certificate.js

@@ -25,6 +25,9 @@ angular.module('lemur')
   .controller('CertificateCreateController', function ($scope, $modalInstance, CertificateApi, CertificateService, DestinationService, AuthorityService, PluginService, MomentService, WizardHandler, LemurRestangular, NotificationService) {
     $scope.certificate = LemurRestangular.restangularizeElement(null, {}, 'certificates');
 
+    // set the defaults
+    CertificateService.getDefaults($scope.certificate);
+
     $scope.create = function (certificate) {
       WizardHandler.wizard().context.loading = true;
       CertificateService.create(certificate).then(function () {

lemur/static/app/angular/certificates/certificate/distinguishedName.tpl.html

@@ -6,7 +6,7 @@
         Country
       </label>
       <div class="col-sm-10">
-        <input name="country" ng-model="certificate.country" placeholder="Country" class="form-control" ng-init="certificate.country = 'US'" required/>
+        <input name="country" ng-model="certificate.country" placeholder="Country" class="form-control" required/>
         <p ng-show="dnForm.country.$invalid && !dnForm.country.$pristine" class="help-block">You must enter a country</p>
       </div>
     </div>
@@ -16,7 +16,7 @@
         State
       </label>
       <div class="col-sm-10">
-        <input name="state" ng-model="certificate.state" placeholder="State" class="form-control" ng-init="certificate.state = 'California'" required/>
+        <input name="state" ng-model="certificate.state" placeholder="State" class="form-control" required/>
         <p ng-show="dnForm.state.$invalid && !dnForm.state.$pristine" class="help-block">You must enter a state</p>
       </div>
     </div>
@@ -26,7 +26,7 @@
         Location
       </label>
       <div class="col-sm-10">
-        <input name="location" ng-model="certificate.location" placeholder="Location" class="form-control" ng-init="certificate.location = 'Los Gatos'"required/>
+        <input name="location" ng-model="certificate.location" placeholder="Location" class="form-control" required/>
         <p ng-show="dnForm.location.$invalid && !dnForm.location.$pristine" class="help-block">You must enter a location</p>
       </div>
     </div>
@@ -36,7 +36,7 @@
         Organization
       </label>
       <div class="col-sm-10">
-        <input name="organization" ng-model="certificate.organization" placeholder="Organization" class="form-control" ng-init="certificate.organization = 'Netflix, Inc.'" required/>
+        <input name="organization" ng-model="certificate.organization" placeholder="Organization" class="form-control" required/>
         <p ng-show="dnForm.organization.$invalid && !dnForm.organization.$pristine" class="help-block">You must enter a organization</p>
       </div>
     </div>
@@ -46,7 +46,7 @@
         Organizational Unit
       </label>
       <div class="col-sm-10">
-        <input name="organizationalUnit" ng-model="certificate.organizationalUnit" placeholder="Organizational Unit" class="form-control" ng-init="certificate.organizationalUnit = 'Operations'"required/>
+        <input name="organizationalUnit" ng-model="certificate.organizationalUnit" placeholder="Organizational Unit" class="form-control" required/>
         <p ng-show="dnForm.organization.$invalid && !dnForm.organizationalUnit.$pristine" class="help-block">You must enter a organizational unit</p>
       </div>
     </div>

lemur/static/app/angular/certificates/services.js

@@ -206,6 +206,16 @@ angular.module('lemur')
       });
     };
 
+    CertificateService.getDefaults = function (certificate) {
+      return certificate.customGET('defaults').then(function (defaults) {
+        certificate.country = defaults.country;
+        certificate.state = defaults.state;
+        certificate.location = defaults.location;
+        certificate.organization = defaults.organization;
+        certificate.organizationalUnit = defaults.organizationalUnit;
+      });
+    };
+
     CertificateService.updateActive = function (certificate) {
       return certificate.put().then(
           function () {