slapos_web: form to generate certificate using caucase

c607a4cf · Alain Takoudjou · 792059be · c607a4cf · c607a4cf · c607a4cf
Commit c607a4cf authored Jun 19, 2017 by Alain Takoudjou
16 changed files
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewCertificate.py
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewCertificate.py
@@ -2,17 +2,18 @@ person = context.ERP5Site_getAuthenticatedMemberPersonValue()
 request = context.REQUEST
 response = request.RESPONSE
+certificate = url = ""
 if person is None:
  response.setStatus(403)
 else:
  try:
+    _, url = person.signCertificate(certificate_signature_request)
+    request.set('portal_status_message', context.Base_translateString('New Certificate created.'))
    certificate = person.getCertificate()
-    request.set('portal_status_message', context.Base_translateString('Certificate created.'))
  except ValueError:
-    certificate = {'certificate': '', 'key': ''}
    request.set('portal_status_message', context.Base_translateString('Certificate was already requested, please revoke existing one.'))
    response.setStatus(403)
-  request.set('your_certificate', certificate['certificate'])
+  request.set('your_certificate', certificate)
-  request.set('your_key', certificate['key'])
+  request.set('your_certificate_url', url)
  return context.WebSection_viewCertificateAsWeb()
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewCertificate.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewCertificate.xml
@@ -50,7 +50,7 @@
        </item>
        <item>
            <key> <string>_params</string> </key>
-            <value> <string>*args, **kwargs</string> </value>
+            <value> <string>certificate_signature_request, **kwargs</string> </value>
        </item>
        <item>
            <key> <string>id</string> </key>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewComputerCertificate.py
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewComputerCertificate.py
 computer = context
 request = context.REQUEST
 try:
-  computer.generateCertificate()
+  computer.generateCertificate(csr=certificate_signature_request)
  request.set('portal_status_message', context.Base_translateString('Certificate created.'))
 except ValueError:
  request.set('portal_status_message', context.Base_translateString('Certificate is still active, please revoke existing one.'))
 request.set('your_certificate', request.get('computer_certificate'))
-request.set('your_key', request.get('computer_key'))
+request.set('your_certificate_url', request.get('certificate_url'))
 return context.Computer_viewConnectionInformationAsWeb()
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewComputerCertificate.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_requestNewComputerCertificate.xml
@@ -50,7 +50,7 @@
        </item>
        <item>
            <key> <string>_params</string> </key>
-            <value> <string>form_id, *args, **kwargs</string> </value>
+            <value> <string>form_id, certificate_signature_request, *args, **kwargs</string> </value>
        </item>
        <item>
            <key> <string>id</string> </key>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_revokeCertificate.py
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_revokeCertificate.py
@@ -2,7 +2,7 @@ person = context.ERP5Site_getAuthenticatedMemberPersonValue()
 try:
  person.revokeCertificate()
  message = context.Base_translateString('Certificate revoked.')
-except ValueError:
+except ValueError, e:
-  message = context.Base_translateString('No certificate found.')
+  message = context.Base_translateString('No certificate found. %s' % str(e))
 return context.getWebSiteValue().myspace.my_account.Base_redirect(keep_items=dict(portal_status_message=message))
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb.xml
@@ -87,7 +87,7 @@
                    <value>
                      <list>
                        <string>your_information</string>
-                        <string>your_key</string>
+                        <string>your_certificate_url</string>
                        <string>your_certificate</string>
                      </list>
                    </value>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb/your_certificate_url.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb/your_certificate_url.xml
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb/your_information.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb/your_information.xml
@@ -209,7 +209,7 @@
                </item>
                <item>
                    <key> <string>default</string> </key>
-                    <value> <string>Please copy and store in safe place certificate and key.\n
+                    <value> <string>Please copy/download certificate and store in safe place.\n
 \n
 You can use them with slap library, for example in slap console.</string> </value>
                </item>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateRequestDialog.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateRequestDialog.xml
@@ -87,6 +87,8 @@
                    <value>
                      <list>
                        <string>your_description</string>
+                        <string>my_certificate_signature_request</string>
+                        <string>your_common_name</string>
                      </list>
                    </value>
                </item>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb/your_key.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateAsWeb/your_key.xml
@@ -8,7 +8,7 @@
      <dictionary>
        <item>
            <key> <string>id</string> </key>
-            <value> <string>your_key</string> </value>
+            <value> <string>my_certificate_signature_request</string> </value>
        </item>
        <item>
            <key> <string>message_values</string> </key>
@@ -205,7 +205,7 @@
                </item>
                <item>
                    <key> <string>css_class</string> </key>
-                    <value> <string>inline</string> </value>
+                    <value> <string></string> </value>
                </item>
                <item>
                    <key> <string>default</string> </key>
@@ -213,7 +213,7 @@
                </item>
                <item>
                    <key> <string>description</string> </key>
-                    <value> <string></string> </value>
+                    <value> <string>Put here the CSR string in PEM format</string> </value>
                </item>
                <item>
                    <key> <string>editable</string> </key>
@@ -233,7 +233,7 @@
                </item>
                <item>
                    <key> <string>height</string> </key>
-                    <value> <int>10</int> </value>
+                    <value> <int>15</int> </value>
                </item>
                <item>
                    <key> <string>hidden</string> </key>
@@ -257,7 +257,7 @@
                </item>
                <item>
                    <key> <string>title</string> </key>
-                    <value> <string>Key</string> </value>
+                    <value> <string>Certificate Signature Request (CSR)</string> </value>
                </item>
                <item>
                    <key> <string>unicode</string> </key>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateRequestDialog/your_common_name.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateRequestDialog/your_common_name.xml
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateRequestDialog/your_description.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewCertificateRequestDialog/your_description.xml
@@ -209,13 +209,11 @@
                </item>
                <item>
                    <key> <string>default</string> </key>
-                    <value> <string>Here you can request new SSL certificate.\n
+                    <value> <string>Here you can request a signed SSL certificate.\n
-\n
-After presenting it please copy key and certificate and store in secure place.\n
 \n
 In case of certificate compromise or lost please request it again.\n
 \n
-Certificate is not stored on Vifib.net servers</string> </value>
+Certificate is not stored on Vifib.net servers.</string> </value>
                </item>
                <item>
                    <key> <string>description</string> </key>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog.xml
@@ -87,6 +87,8 @@
                    <value>
                      <list>
                        <string>your_description</string>
+                        <string>my_certificate_signature_request</string>
+                        <string>your_common_name</string>
                      </list>
                    </value>
                </item>

--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog/my_certificate_signature_request.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog/my_certificate_signature_request.xml
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog/your_common_name.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog/your_common_name.xml
--- a/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog/your_description.xml
+++ b/master/bt5/slapos_web/SkinTemplateItem/portal_skins/vifib_hosting/WebSection_viewComputerCertificateRequestDialog/your_description.xml
@@ -211,7 +211,7 @@
                    <key> <string>default</string> </key>
                    <value> <string>Here you can request a new SSL certificate for computer.\n
 \n
-After presenting it please copy key and certificate and store in secure place.\n
+After presenting it please copy the certificate and store in secure place.\n
 \n
 In case of certificate compromise or lost please request it again.\n
 \n