max date on UI as per max validity configs
This commit is contained in:
parent
4d7c6844e5
commit
7011a4df8b
@ -172,6 +172,17 @@ Specifying the `SQLALCHEMY_MAX_OVERFLOW` to 0 will enforce limit to not create c
|
||||
PUBLIC_CA_MAX_VALIDITY_DAYS = 365
|
||||
|
||||
|
||||
.. data:: INTERNAL_CA_MAX_VALIDITY_DAYS
|
||||
:noindex:
|
||||
Use this config to override the limit of 365 days of validity for certificates issued by internal CA. Any CA which is
|
||||
not listed in PUBLIC_CA_AUTHORITY_NAMES will be treated as internal. Below example overrides the default validity of
|
||||
365 days and sets it to 90 days.
|
||||
|
||||
::
|
||||
|
||||
INTERNAL_CA_MAX_VALIDITY_DAYS = 90
|
||||
|
||||
|
||||
.. data:: DEBUG_DUMP
|
||||
:noindex:
|
||||
|
||||
|
@ -110,6 +110,7 @@ class RootAuthorityCertificateOutputSchema(LemurOutputSchema):
|
||||
cn = fields.String()
|
||||
not_after = fields.DateTime()
|
||||
not_before = fields.DateTime()
|
||||
max_issuance_date = fields.DateTime()
|
||||
owner = fields.Email()
|
||||
status = fields.Boolean()
|
||||
user = fields.Nested(UserNestedOutputSchema)
|
||||
@ -135,6 +136,7 @@ class AuthorityNestedOutputSchema(LemurOutputSchema):
|
||||
owner = fields.Email()
|
||||
plugin = fields.Nested(PluginOutputSchema)
|
||||
active = fields.Boolean()
|
||||
authority_certificate = fields.Nested(RootAuthorityCertificateOutputSchema, only=["max_issuance_date"])
|
||||
|
||||
|
||||
authority_update_schema = AuthorityUpdateSchema()
|
||||
|
@ -311,6 +311,16 @@ class Certificate(db.Model):
|
||||
def validity_range(self):
|
||||
return self.not_after - self.not_before
|
||||
|
||||
@property
|
||||
def max_issuance_date(self):
|
||||
public_CA = current_app.config.get("PUBLIC_CA_AUTHORITY_NAMES", [])
|
||||
if self.name.lower() in [ca.lower() for ca in public_CA]:
|
||||
default_validity_days = current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)
|
||||
else:
|
||||
default_validity_days = current_app.config.get("INTERNAL_CA_MAX_VALIDITY_DAYS", 365) # 1 Year
|
||||
issuance_validity_days = min(abs(self.not_after - arrow.utcnow()).days, default_validity_days)
|
||||
return arrow.utcnow().shift(days=issuance_validity_days)
|
||||
|
||||
@property
|
||||
def subject(self):
|
||||
return self.parsed_cert.subject
|
||||
|
@ -154,7 +154,7 @@
|
||||
is-open="popup1.opened"
|
||||
datepicker-options="dateOptions"
|
||||
close-text="Close"
|
||||
max-date="certificate.authority.authorityCertificate.notAfter"
|
||||
max-date="certificate.authority.authorityCertificate.maxIssuanceDate"
|
||||
min-date="certificate.authority.authorityCertificate.notBefore"
|
||||
alt-input-formats="altInputFormats"
|
||||
placeholder="Start Date"
|
||||
@ -174,7 +174,7 @@
|
||||
is-open="popup2.opened"
|
||||
datepicker-options="dateOptions"
|
||||
close-text="Close"
|
||||
max-date="certificate.authority.authorityCertificate.notAfter"
|
||||
max-date="certificate.authority.authorityCertificate.maxIssuanceDate"
|
||||
min-date="certificate.authority.authorityCertificate.notBefore"
|
||||
alt-input-formats="altInputFormats"
|
||||
placeholder="End Date"
|
||||
|
Loading…
Reference in New Issue
Block a user