add: revocation state in the result list of support cert search

author INOPIAE <m.maengel@inopiae.de>

Wed, 30 Aug 2017 05:15:27 +0000 (07:15 +0200)

committer Felix Dörre <felix@dogcraft.de>

Wed, 17 Jan 2018 15:50:19 +0000 (16:50 +0100)
author INOPIAE <m.maengel@inopiae.de>
Wed, 30 Aug 2017 05:15:27 +0000 (07:15 +0200)
committer Felix Dörre <felix@dogcraft.de>
Wed, 17 Jan 2018 15:50:19 +0000 (16:50 +0100)
diff --git a/src/club/wpia/gigi/output/template/Template.java b/src/club/wpia/gigi/output/template/Template.java

index 65db37fe8314938d3b5237c644c47a9874d6a7e8..cb0bed02b0fd8019f18e1eddb01ca070505b539e 100644 (file)
--- a/src/club/wpia/gigi/output/template/Template.java
+++ b/src/club/wpia/gigi/output/template/Template.java
@@ -73,6 +73,8 @@ public class Template implements Outputable {
  
      private static final String UNKOWN_CONTROL_STRUCTURE_MSG = "Unknown control structure \"%s\", did you mean \"%s\"?";
  
+    public static final String UTC_TIMESTAMP_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'";
+
      /**
       * Creates a new template by parsing the contents from the given URL. This
       * constructor will fail on syntax error. When the URL points to a file,
@@ -267,7 +269,7 @@ public class Template implements Outputable {
              if (vars.containsKey(Outputable.OUT_KEY_PLAIN)) {
                  out.print(sdfUI.format(s));
              } else {
-                SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
+                SimpleDateFormat sdf = new SimpleDateFormat(UTC_TIMESTAMP_FORMAT);
                  out.print("<time datetime=\"" + sdf.format(s) + "\">");
                  out.print(sdfUI.format(s));
                  out.print(" UTC</time>");
diff --git a/src/club/wpia/gigi/pages/admin/support/FindCertPage.java b/src/club/wpia/gigi/pages/admin/support/FindCertPage.java

index 0d2edbc9bb9032feeb6701a2c3b304621d43d463..ea5ac1e9d8924ef512cf50103444f4919506b9d5 100644 (file)
--- a/src/club/wpia/gigi/pages/admin/support/FindCertPage.java
+++ b/src/club/wpia/gigi/pages/admin/support/FindCertPage.java
@@ -9,6 +9,7 @@ import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
  import club.wpia.gigi.dbObjects.Certificate;
+import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
  import club.wpia.gigi.dbObjects.Certificate.SubjectAlternateName;
  import club.wpia.gigi.localisation.Language;
  import club.wpia.gigi.output.ArrayIterable;
@@ -59,6 +60,12 @@ public class FindCertPage extends Page {
                          vars.put("id", t.getId());
                          vars.put("serial", t.getSerial());
  
+                        if (t.getStatus() == CertificateStatus.REVOKED) {
+                            vars.put("revoked", t.getRevocationDate());
+                        } else {
+                            vars.put("revoked", l.getTranslation("N/A"));
+                        }
+
                          final List<SubjectAlternateName> san = t.getSANs();
                          vars.put("san", new IterableDataset() {
  
diff --git a/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ b/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ

index d8f61c1140d0d970c18a1a9afbb5b160e280a501..0e0fa25b0123e524fec64d6e792f8f789bf9f0d9 100644 (file)
--- a/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ
+++ b/src/club/wpia/gigi/pages/admin/support/FindCertPage.templ
@@ -1,7 +1,7 @@
  <p><?=_Multiple certificates?>: <?=$limit?></p>
  <table class="table">
  <tr>
-<th>Id</th><th><?=_Serial number?></th><th><?=_SAN?></th></tr>
+<th>Id</th><th><?=_Serial number?></th><th><?=_SAN?></th><th><?=_Revocation Date?></th></tr>
  <? foreach($certtable) {?>
    <tr>
      <td><a href="/support/certs/<?=$serial?>"><?=$id?></a></td>
@@ -11,6 +11,7 @@
         <?=$entry?>
      <? } ?>
      </td>
+    <td><?=$revoked?></td>
    </tr>
  <? } ?>
  </table>
diff --git a/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java b/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java

index e61f559ee8dfed4918679434a107ec9d74165a46..6feaafcf51613eba70b3bd3baf49f09ad70f061a 100644 (file)
--- a/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java
+++ b/tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java
@@ -7,6 +7,7 @@ import java.net.URLConnection;
  import java.net.URLEncoder;
  import java.security.GeneralSecurityException;
  import java.security.KeyPair;
+import java.text.SimpleDateFormat;
  
  import org.hamcrest.CoreMatchers;
  import org.junit.Test;
@@ -15,10 +16,12 @@ import club.wpia.gigi.GigiApiException;
  import club.wpia.gigi.dbObjects.Certificate;
  import club.wpia.gigi.dbObjects.Certificate.CSRType;
  import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
+import club.wpia.gigi.dbObjects.Certificate.RevocationType;
  import club.wpia.gigi.dbObjects.Certificate.SANType;
  import club.wpia.gigi.dbObjects.Digest;
  import club.wpia.gigi.dbObjects.Group;
  import club.wpia.gigi.dbObjects.User;
+import club.wpia.gigi.output.template.Template;
  import club.wpia.gigi.pages.account.certs.Certificates;
  import club.wpia.gigi.pages.admin.support.FindCertPage;
  import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage;
@@ -34,18 +37,16 @@ public class TestSEAdminPageCertSearch extends ClientTest {
  
      private String certMail;
  
+    private int id;
+
      public TestSEAdminPageCertSearch() throws IOException, GigiApiException, GeneralSecurityException, InterruptedException {
          grant(u, Group.SUPPORTER);
          cookie = login(email, TEST_PASSWORD);
          assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
  
          certMail = uniq + "_certowner@example.com";
-        int id = createVerifiedUser("fn", "ln", certMail, TEST_PASSWORD);
-        User u1 = User.getById(id);
-        KeyPair kp = generateKeypair();
-        String key = generatePEMCSR(kp, "CN=" + certMail);
-        c = new Certificate(u1, u1, Certificate.buildDN("CN", certMail), Digest.SHA512, key, CSRType.CSR, getClientProfile(), new Certificate.SubjectAlternateName(SANType.EMAIL, certMail));
-        await(c.issue(null, "2y", u));
+        id = createVerifiedUser("fn", "ln", certMail, TEST_PASSWORD);
+        c = createCertificate();
      }
  
      @Test
@@ -70,7 +71,7 @@ public class TestSEAdminPageCertSearch extends ClientTest {
      }
  
      @Test
-    public void testRevoke() throws IOException {
+    public void testRevoke() throws IOException, GeneralSecurityException, GigiApiException, InterruptedException {
          URLConnection conn = post(Certificates.SUPPORT_PATH + "/" + c.getSerial(), "action=revoke");
          assertEquals("https://" + ServerConstants.getHostNamePortSecure(Host.WWW) + Certificates.SUPPORT_PATH + "/" + c.getSerial(), conn.getHeaderField("Location"));
          for (int i = 0; i < 2; i++) {
@@ -79,6 +80,27 @@ public class TestSEAdminPageCertSearch extends ClientTest {
              assertThat(tm.getMessage(), CoreMatchers.containsString(c.getSerial()));
          }
          assertEquals(CertificateStatus.REVOKED, c.getStatus());
+
      }
  
+    @Test
+    public void testShowRevocation() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException {
+        Certificate c1 = createCertificate();
+        await(c1.revoke(RevocationType.SUPPORT));
+        URLConnection uc = post(cookie, FindCertPage.PATH, "certType=email&process=Next&cert=" + URLEncoder.encode(certMail, "UTF-8"), 0);
+        SimpleDateFormat sdf = new SimpleDateFormat(Template.UTC_TIMESTAMP_FORMAT);
+        String revokeDate = sdf.format(c1.getRevocationDate());
+        String result = IOUtils.readURL(uc);
+        assertThat(result, CoreMatchers.containsString(revokeDate));
+        assertThat(result, CoreMatchers.containsString("N/A"));
+    }
+
+    private Certificate createCertificate() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException {
+        User u1 = User.getById(id);
+        KeyPair kp = generateKeypair();
+        String key = generatePEMCSR(kp, "CN=" + certMail);
+        Certificate c1 = new Certificate(u1, u1, Certificate.buildDN("CN", certMail), Digest.SHA512, key, CSRType.CSR, getClientProfile(), new Certificate.SubjectAlternateName(SANType.EMAIL, certMail));
+        await(c1.issue(null, "2y", u));
+        return c1;
+    }
  }
author	INOPIAE <m.maengel@inopiae.de>
	Wed, 30 Aug 2017 05:15:27 +0000 (07:15 +0200)
committer	Felix Dörre <felix@dogcraft.de>
	Wed, 17 Jan 2018 15:50:19 +0000 (16:50 +0100)
src/club/wpia/gigi/output/template/Template.java		patch \| blob \| history
src/club/wpia/gigi/pages/admin/support/FindCertPage.java		patch \| blob \| history
src/club/wpia/gigi/pages/admin/support/FindCertPage.templ		patch \| blob \| history
tests/club/wpia/gigi/pages/admin/TestSEAdminPageCertSearch.java		patch \| blob \| history