2018-09-25 16:28:26 +00:00
|
|
|
import { and } from '@ember/object/computed';
|
|
|
|
import { computed } from '@ember/object';
|
2018-04-03 14:16:57 +00:00
|
|
|
import Certificate from './pki-certificate';
|
|
|
|
import DS from 'ember-data';
|
2018-06-12 21:06:37 +00:00
|
|
|
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
|
2018-04-03 14:16:57 +00:00
|
|
|
|
|
|
|
const { attr } = DS;
|
|
|
|
|
|
|
|
export default Certificate.extend({
|
2018-09-25 16:28:26 +00:00
|
|
|
DISPLAY_FIELDS: computed(function() {
|
|
|
|
return [
|
|
|
|
'csr',
|
|
|
|
'certificate',
|
|
|
|
'expiration',
|
|
|
|
'issuingCa',
|
|
|
|
'caChain',
|
|
|
|
'privateKey',
|
|
|
|
'privateKeyType',
|
|
|
|
'serialNumber',
|
|
|
|
];
|
|
|
|
}),
|
2018-04-03 14:16:57 +00:00
|
|
|
backend: attr('string', {
|
|
|
|
readOnly: true,
|
|
|
|
}),
|
|
|
|
|
|
|
|
caType: attr('string', {
|
|
|
|
possibleValues: ['root', 'intermediate'],
|
|
|
|
defaultValue: 'root',
|
|
|
|
label: 'CA Type',
|
|
|
|
readOnly: true,
|
|
|
|
}),
|
|
|
|
uploadPemBundle: attr('boolean', {
|
|
|
|
label: 'Upload PEM bundle',
|
|
|
|
readOnly: true,
|
|
|
|
}),
|
|
|
|
pemBundle: attr('string', {
|
|
|
|
label: 'PEM bundle',
|
|
|
|
editType: 'file',
|
|
|
|
}),
|
2018-04-09 02:09:29 +00:00
|
|
|
addBasicConstraints: attr('boolean', {
|
|
|
|
label: 'Add a Basic Constraints extension with CA: true',
|
|
|
|
helpText:
|
|
|
|
'Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services',
|
|
|
|
}),
|
2018-04-03 14:16:57 +00:00
|
|
|
|
|
|
|
fieldDefinition: computed('caType', 'uploadPemBundle', function() {
|
|
|
|
const type = this.get('caType');
|
|
|
|
const isUpload = this.get('uploadPemBundle');
|
|
|
|
let groups = [{ default: ['caType', 'uploadPemBundle'] }];
|
|
|
|
if (isUpload) {
|
|
|
|
groups[0].default.push('pemBundle');
|
|
|
|
} else {
|
|
|
|
groups[0].default.push('type', 'commonName');
|
|
|
|
if (type === 'root') {
|
|
|
|
groups.push({
|
|
|
|
Options: [
|
|
|
|
'altNames',
|
|
|
|
'ipSans',
|
|
|
|
'ttl',
|
|
|
|
'format',
|
|
|
|
'privateKeyFormat',
|
|
|
|
'keyType',
|
|
|
|
'keyBits',
|
|
|
|
'maxPathLength',
|
|
|
|
'permittedDnsNames',
|
|
|
|
'excludeCnFromSans',
|
|
|
|
'ou',
|
|
|
|
'organization',
|
|
|
|
'otherSans',
|
|
|
|
],
|
|
|
|
});
|
|
|
|
}
|
|
|
|
if (type === 'intermediate') {
|
|
|
|
groups.push({
|
|
|
|
Options: [
|
|
|
|
'altNames',
|
|
|
|
'ipSans',
|
|
|
|
'format',
|
|
|
|
'privateKeyFormat',
|
|
|
|
'keyType',
|
|
|
|
'keyBits',
|
|
|
|
'excludeCnFromSans',
|
2018-04-09 02:09:29 +00:00
|
|
|
'addBasicConstraints',
|
2018-04-03 14:16:57 +00:00
|
|
|
'ou',
|
|
|
|
'organization',
|
|
|
|
'otherSans',
|
|
|
|
],
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
groups.push({
|
|
|
|
'Address Options': ['country', 'locality', 'province', 'streetAddress', 'postalCode'],
|
|
|
|
});
|
|
|
|
|
|
|
|
return groups;
|
|
|
|
}),
|
|
|
|
|
|
|
|
type: attr('string', {
|
|
|
|
possibleValues: ['internal', 'exported'],
|
|
|
|
defaultValue: 'internal',
|
|
|
|
}),
|
|
|
|
ou: attr({
|
|
|
|
label: 'OU (OrganizationalUnit)',
|
|
|
|
editType: 'stringArray',
|
|
|
|
}),
|
|
|
|
organization: attr({
|
|
|
|
editType: 'stringArray',
|
|
|
|
}),
|
|
|
|
country: attr({
|
|
|
|
editType: 'stringArray',
|
|
|
|
}),
|
|
|
|
locality: attr({
|
|
|
|
editType: 'stringArray',
|
|
|
|
label: 'Locality/City',
|
|
|
|
}),
|
|
|
|
province: attr({
|
|
|
|
editType: 'stringArray',
|
|
|
|
label: 'Province/State',
|
|
|
|
}),
|
|
|
|
streetAddress: attr({
|
|
|
|
editType: 'stringArray',
|
|
|
|
}),
|
|
|
|
postalCode: attr({
|
|
|
|
editType: 'stringArray',
|
|
|
|
}),
|
|
|
|
|
|
|
|
keyType: attr('string', {
|
|
|
|
possibleValues: ['rsa', 'ec'],
|
|
|
|
defaultValue: 'rsa',
|
|
|
|
}),
|
|
|
|
keyBits: attr('number', {
|
|
|
|
defaultValue: 2048,
|
|
|
|
}),
|
|
|
|
privateKeyFormat: attr('string', {
|
|
|
|
possibleValues: ['', 'der', 'pem', 'pkcs8'],
|
|
|
|
defaultValue: '',
|
|
|
|
}),
|
|
|
|
maxPathLength: attr('number', {
|
|
|
|
defaultValue: -1,
|
|
|
|
}),
|
|
|
|
permittedDnsNames: attr('string', {
|
|
|
|
label: 'Permitted DNS domains',
|
|
|
|
}),
|
|
|
|
|
|
|
|
csr: attr('string', {
|
|
|
|
editType: 'textarea',
|
|
|
|
label: 'CSR',
|
|
|
|
}),
|
|
|
|
expiration: attr(),
|
|
|
|
|
2018-09-25 16:28:26 +00:00
|
|
|
deletePath: lazyCapabilities(apiPath`${'backend'}/root`, 'backend'),
|
|
|
|
canDeleteRoot: and('deletePath.canDelete', 'deletePath.canSudo'),
|
2018-04-03 14:16:57 +00:00
|
|
|
});
|