open-vault/ui/app/models/pki-ca-certificate.js
Matthew Irish cff34e983f
UI - pki updates (#4291)
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
2018-04-08 21:09:29 -05:00

161 lines
3.6 KiB
JavaScript

import Certificate from './pki-certificate';
import Ember from 'ember';
import DS from 'ember-data';
import { queryRecord } from 'ember-computed-query';
const { computed } = Ember;
const { attr } = DS;
export default Certificate.extend({
DISPLAY_FIELDS: [
'csr',
'certificate',
'expiration',
'issuingCa',
'caChain',
'privateKey',
'privateKeyType',
'serialNumber',
],
backend: attr('string', {
readOnly: true,
}),
caType: attr('string', {
possibleValues: ['root', 'intermediate'],
defaultValue: 'root',
label: 'CA Type',
readOnly: true,
}),
uploadPemBundle: attr('boolean', {
label: 'Upload PEM bundle',
readOnly: true,
}),
pemBundle: attr('string', {
label: 'PEM bundle',
editType: 'file',
}),
addBasicConstraints: attr('boolean', {
label: 'Add a Basic Constraints extension with CA: true',
helpText:
'Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services',
}),
fieldDefinition: computed('caType', 'uploadPemBundle', function() {
const type = this.get('caType');
const isUpload = this.get('uploadPemBundle');
let groups = [{ default: ['caType', 'uploadPemBundle'] }];
if (isUpload) {
groups[0].default.push('pemBundle');
} else {
groups[0].default.push('type', 'commonName');
if (type === 'root') {
groups.push({
Options: [
'altNames',
'ipSans',
'ttl',
'format',
'privateKeyFormat',
'keyType',
'keyBits',
'maxPathLength',
'permittedDnsNames',
'excludeCnFromSans',
'ou',
'organization',
'otherSans',
],
});
}
if (type === 'intermediate') {
groups.push({
Options: [
'altNames',
'ipSans',
'format',
'privateKeyFormat',
'keyType',
'keyBits',
'excludeCnFromSans',
'addBasicConstraints',
'ou',
'organization',
'otherSans',
],
});
}
}
groups.push({
'Address Options': ['country', 'locality', 'province', 'streetAddress', 'postalCode'],
});
return groups;
}),
type: attr('string', {
possibleValues: ['internal', 'exported'],
defaultValue: 'internal',
}),
ou: attr({
label: 'OU (OrganizationalUnit)',
editType: 'stringArray',
}),
organization: attr({
editType: 'stringArray',
}),
country: attr({
editType: 'stringArray',
}),
locality: attr({
editType: 'stringArray',
label: 'Locality/City',
}),
province: attr({
editType: 'stringArray',
label: 'Province/State',
}),
streetAddress: attr({
editType: 'stringArray',
}),
postalCode: attr({
editType: 'stringArray',
}),
keyType: attr('string', {
possibleValues: ['rsa', 'ec'],
defaultValue: 'rsa',
}),
keyBits: attr('number', {
defaultValue: 2048,
}),
privateKeyFormat: attr('string', {
possibleValues: ['', 'der', 'pem', 'pkcs8'],
defaultValue: '',
}),
maxPathLength: attr('number', {
defaultValue: -1,
}),
permittedDnsNames: attr('string', {
label: 'Permitted DNS domains',
}),
csr: attr('string', {
editType: 'textarea',
label: 'CSR',
}),
expiration: attr(),
deletePath: queryRecord(
'capabilities',
context => {
const { backend } = context.getProperties('backend');
return {
id: `${backend}/root`,
};
},
'backend'
),
canDeleteRoot: computed.and('deletePath.canDelete', 'deletePath.canSudo'),
});