luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

UI/vault 13506/pki attr cleanup (#19121) 

* add show page for generated CSR

* fix typo, make key-id copyable

* add tests

* move pki tests to designated folder

* list keys when in between state after CSR generation

* uses customTTL for generateing role cert and adds privateKeyFormat

* Revert "move pki tests to designated folder"

This reverts commit 82b60e4beab0717bbace8dee64cc0863a5488079.

* Revert "add tests"

This reverts commit 3c90fc9abacf8309d2cf9f1b90299a5153b743da.

* Revert "fix typo, make key-id copyable"

This reverts commit 8e6f5a1f4580229e6de8f6e919945f03ee29ac3d.

* revert accidental parent commits

* Revert "list keys when in between state after CSR generation"

This reverts commit c01d7852a46d41a72e5eace28aafed5daa93f70f.

* fix empty arrays removed when serialized

* fix comment;
g

* update test
This commit is contained in:
claire bontempo 2023-02-10 10:12:40 -08:00 committed by GitHub
parent 052c175ce5
commit 4af59fd6cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 30 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ui/app/models/pki/certificate/base.js
View File

@ -36,6 +36,15 @@ export default class PkiCertificateBaseModel extends Model {
// Required input for all certificates
@attr('string') commonName;
@attr({
label: 'Not valid after',
detailsLabel: 'Issued certificates expire after',
subText:
'The time after which this certificate will no longer be valid. This can be a TTL (a range of time from now) or a specific date.',
editType: 'yield',
})
customTtl; // combines ttl and notAfter into one input <PkiNotValidAfterForm>
// Attrs that come back from API POST request
@attr({ masked: true, label: 'CA Chain' }) caChain;
@attr('string', { masked: true }) certificate;

9
ui/app/models/pki/certificate/generate.js
View File

@ -5,7 +5,7 @@ import PkiCertificateBaseModel from './base';
const generateFromRole = [
{
default: ['commonName'],
default: ['commonName', 'customTtl'],
},
{
'Subject Alternative Name (SAN) Options': [
@ -13,13 +13,12 @@ const generateFromRole = [
'ipSans',
'uriSans',
'otherSans',
'ttl',
'format',
'privateKeyFormat',
'excludeCnFromSans',
'notAfter',
],
},
{
'More Options': ['format', 'privateKeyFormat'],
},
];
const validations = {
commonName: [{ type: 'presence', message: 'Common name is required.' }],

9
ui/app/serializers/pki/role.js
View File

@ -4,4 +4,13 @@ export default class PkiRoleSerializer extends ApplicationSerializer {
attrs = {
name: { serialize: false },
};
serialize() {
const json = super.serialize(...arguments);
// attributes with empty arrays are stripped from serialized json
// but an empty list is acceptable for key_usage to specify no default constraints
// intercepting here to ensure an empty array persists (the backend assumes default values)
json.key_usage = json.key_usage || [];
return json;
}
}

10
ui/lib/pki/addon/components/page/pki-role-details.hbs
View File

@ -52,15 +52,7 @@
@label={{capitalize (or attr.options.detailsLabel attr.options.label (humanize (dasherize attr.name)))}}
@value={{val}}
@alwaysRender={{true}}
>
{{#if (gt val.length 0)}}
{{#each val as |key|}}
<span>{{key}}, </span>
{{/each}}
{{else}}
None
{{/if}}
</InfoTableRow>
/>
{{else if (eq attr.name "noStore")}}
<InfoTableRow
@label={{capitalize (or attr.options.detailsLabel attr.options.label (humanize (dasherize attr.name)))}}

1
ui/lib/pki/addon/components/pki-generate-csr.ts
View File

@ -34,6 +34,7 @@ export default class PkiGenerateCsrComponent extends Component<Args> {
'commonName',
'excludeCnFromSans',
'format',
'privateKeyFormat',
'serialNumber',
'addBasicConstraints',
]);

1
ui/lib/pki/addon/components/pki-generate-root.js
View File

@ -39,6 +39,7 @@ export default class PkiGenerateRootComponent extends Component {
'customTtl',
'notBeforeDuration',
'format',
'privateKeyFormat',
'permittedDnsDomains',
'maxPathLength',
];

11
ui/lib/pki/addon/components/pki-key-usage.ts
View File

@ -62,17 +62,6 @@ export default class PkiKeyUsage extends Component<PkiKeyUsageArgs> {
this.args.model.extKeyUsageOids = value;
}
_amendList(checkboxName: string, value: boolean, type: string): string[] {
const list = type === 'keyUsage' ? this.args.model.keyUsage : this.args.model.extKeyUsage;
const idx = list.indexOf(checkboxName);
if (value === true && idx < 0) {
list.push(checkboxName);
} else if (value === false && idx >= 0) {
list.splice(idx, 1);
}
return list;
}
@action checkboxChange(name: string, value: string[]) {
// Make sure we can set this value type to this model key
if (name === 'keyUsage' || name === 'extKeyUsage') {

1
ui/lib/pki/addon/components/pki-role-generate.hbs
View File

@ -18,6 +18,7 @@
@renderGroup="Subject Alternative Name (SAN) Options"
@groupName="formFieldGroups"
/>
<FormFieldGroups @model={{@model}} @mode="create" @renderGroup="More Options" @groupName="formFieldGroups" />
</div>
<div class="field is-grouped box is-fullwidth is-bottomless">
<div class="control">

6
ui/tests/integration/components/pki/page/pki-role-details-test.js
View File

@ -30,10 +30,12 @@ module('Integration | Component | pki role details page', function (hooks) {
{ owner: this.engine }
);
assert.dom(SELECTORS.issuerLabel).hasText('Issuer', 'Label is');
assert.dom(SELECTORS.keyUsageValue).hasText('None', 'Key usage shows none when array is empty');
assert
.dom(`${SELECTORS.keyUsageValue} [data-test-icon="minus"]`)
.exists('Key usage shows dash when array is empty');
assert
.dom(SELECTORS.extKeyUsageValue)
.hasText('bar, baz,', 'Key usage shows comma-joined values when array has items');
.hasText('bar,baz', 'Key usage shows comma-joined values when array has items');
assert.dom(SELECTORS.noStoreValue).containsText('Yes', 'noStore shows opposite of what the value is');
assert.dom(SELECTORS.customTtlValue).containsText('10m', 'TTL shown as duration');
});