add: revocation state in the result list of support cert search
authorINOPIAE <m.maengel@inopiae.de>
Wed, 30 Aug 2017 05:15:27 +0000 (07:15 +0200)
committerFelix Dörre <felix@dogcraft.de>
Wed, 17 Jan 2018 15:50:19 +0000 (16:50 +0100)
Change-Id: I1b18cfdd2fc4dfb88cb33d0ff468f848f69fa4fd

src/club/wpia/gigi/output/template/Template.java
src/club/wpia/gigi/pages/admin/support/FindCertPage.java
src/club/wpia/gigi/pages/admin/support/FindCertPage.templ
tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java

index 65db37f..cb0bed0 100644 (file)
@@ -73,6 +73,8 @@ public class Template implements Outputable {
 
     private static final String UNKOWN_CONTROL_STRUCTURE_MSG = "Unknown control structure \"%s\", did you mean \"%s\"?";
 
+    public static final String UTC_TIMESTAMP_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'";
+
     /**
      * Creates a new template by parsing the contents from the given URL. This
      * constructor will fail on syntax error. When the URL points to a file,
@@ -267,7 +269,7 @@ public class Template implements Outputable {
             if (vars.containsKey(Outputable.OUT_KEY_PLAIN)) {
                 out.print(sdfUI.format(s));
             } else {
-                SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
+                SimpleDateFormat sdf = new SimpleDateFormat(UTC_TIMESTAMP_FORMAT);
                 out.print("<time datetime=\"" + sdf.format(s) + "\">");
                 out.print(sdfUI.format(s));
                 out.print(" UTC</time>");
index 0d2edbc..ea5ac1e 100644 (file)
@@ -9,6 +9,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import club.wpia.gigi.dbObjects.Certificate;
+import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
 import club.wpia.gigi.dbObjects.Certificate.SubjectAlternateName;
 import club.wpia.gigi.localisation.Language;
 import club.wpia.gigi.output.ArrayIterable;
@@ -59,6 +60,12 @@ public class FindCertPage extends Page {
                         vars.put("id", t.getId());
                         vars.put("serial", t.getSerial());
 
+                        if (t.getStatus() == CertificateStatus.REVOKED) {
+                            vars.put("revoked", t.getRevocationDate());
+                        } else {
+                            vars.put("revoked", l.getTranslation("N/A"));
+                        }
+
                         final List<SubjectAlternateName> san = t.getSANs();
                         vars.put("san", new IterableDataset() {
 
index d8f61c1..0e0fa25 100644 (file)
@@ -1,7 +1,7 @@
 <p><?=_Multiple certificates?>: <?=$limit?></p>
 <table class="table">
 <tr>
-<th>Id</th><th><?=_Serial number?></th><th><?=_SAN?></th></tr>
+<th>Id</th><th><?=_Serial number?></th><th><?=_SAN?></th><th><?=_Revocation Date?></th></tr>
 <? foreach($certtable) {?>
   <tr>
     <td><a href="/support/certs/<?=$serial?>"><?=$id?></a></td>
@@ -11,6 +11,7 @@
        <?=$entry?>
     <? } ?>
     </td>
+    <td><?=$revoked?></td>
   </tr>
 <? } ?>
 </table>
index e61f559..6feaafc 100644 (file)
@@ -7,6 +7,7 @@ import java.net.URLConnection;
 import java.net.URLEncoder;
 import java.security.GeneralSecurityException;
 import java.security.KeyPair;
+import java.text.SimpleDateFormat;
 
 import org.hamcrest.CoreMatchers;
 import org.junit.Test;
@@ -15,10 +16,12 @@ import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.dbObjects.Certificate;
 import club.wpia.gigi.dbObjects.Certificate.CSRType;
 import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
+import club.wpia.gigi.dbObjects.Certificate.RevocationType;
 import club.wpia.gigi.dbObjects.Certificate.SANType;
 import club.wpia.gigi.dbObjects.Digest;
 import club.wpia.gigi.dbObjects.Group;
 import club.wpia.gigi.dbObjects.User;
+import club.wpia.gigi.output.template.Template;
 import club.wpia.gigi.pages.account.certs.Certificates;
 import club.wpia.gigi.pages.admin.support.FindCertPage;
 import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage;
@@ -34,18 +37,16 @@ public class TestSEAdminPageCertSearch extends ClientTest {
 
     private String certMail;
 
+    private int id;
+
     public TestSEAdminPageCertSearch() throws IOException, GigiApiException, GeneralSecurityException, InterruptedException {
         grant(u, Group.SUPPORTER);
         cookie = login(email, TEST_PASSWORD);
         assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
 
         certMail = uniq + "_certowner@example.com";
-        int id = createVerifiedUser("fn", "ln", certMail, TEST_PASSWORD);
-        User u1 = User.getById(id);
-        KeyPair kp = generateKeypair();
-        String key = generatePEMCSR(kp, "CN=" + certMail);
-        c = new Certificate(u1, u1, Certificate.buildDN("CN", certMail), Digest.SHA512, key, CSRType.CSR, getClientProfile(), new Certificate.SubjectAlternateName(SANType.EMAIL, certMail));
-        await(c.issue(null, "2y", u));
+        id = createVerifiedUser("fn", "ln", certMail, TEST_PASSWORD);
+        c = createCertificate();
     }
 
     @Test
@@ -70,7 +71,7 @@ public class TestSEAdminPageCertSearch extends ClientTest {
     }
 
     @Test
-    public void testRevoke() throws IOException {
+    public void testRevoke() throws IOException, GeneralSecurityException, GigiApiException, InterruptedException {
         URLConnection conn = post(Certificates.SUPPORT_PATH + "/" + c.getSerial(), "action=revoke");
         assertEquals("https://" + ServerConstants.getHostNamePortSecure(Host.WWW) + Certificates.SUPPORT_PATH + "/" + c.getSerial(), conn.getHeaderField("Location"));
         for (int i = 0; i < 2; i++) {
@@ -79,6 +80,27 @@ public class TestSEAdminPageCertSearch extends ClientTest {
             assertThat(tm.getMessage(), CoreMatchers.containsString(c.getSerial()));
         }
         assertEquals(CertificateStatus.REVOKED, c.getStatus());
+
     }
 
+    @Test
+    public void testShowRevocation() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException {
+        Certificate c1 = createCertificate();
+        await(c1.revoke(RevocationType.SUPPORT));
+        URLConnection uc = post(cookie, FindCertPage.PATH, "certType=email&process=Next&cert=" + URLEncoder.encode(certMail, "UTF-8"), 0);
+        SimpleDateFormat sdf = new SimpleDateFormat(Template.UTC_TIMESTAMP_FORMAT);
+        String revokeDate = sdf.format(c1.getRevocationDate());
+        String result = IOUtils.readURL(uc);
+        assertThat(result, CoreMatchers.containsString(revokeDate));
+        assertThat(result, CoreMatchers.containsString("N/A"));
+    }
+
+    private Certificate createCertificate() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException {
+        User u1 = User.getById(id);
+        KeyPair kp = generateKeypair();
+        String key = generatePEMCSR(kp, "CN=" + certMail);
+        Certificate c1 = new Certificate(u1, u1, Certificate.buildDN("CN", certMail), Digest.SHA512, key, CSRType.CSR, getClientProfile(), new Certificate.SubjectAlternateName(SANType.EMAIL, certMail));
+        await(c1.issue(null, "2y", u));
+        return c1;
+    }
 }