Commit fac4a0ea authored by Rafael Monnerat's avatar Rafael Monnerat

erp5_certificate_authority: Use specific property for store CSR ID

   it ensure that property is an integer.
parent b83079a2
...@@ -53,11 +53,11 @@ class CertificateLoginMixin: ...@@ -53,11 +53,11 @@ class CertificateLoginMixin:
certificate_dict = { certificate_dict = {
"common_name" : self.getReference() "common_name" : self.getReference()
} }
if self.getReference() and self.getSourceReference(): if self.getReference() and self.getCsrId():
if csr is not None: if csr is not None:
raise ValueError("The certificate was already requsted without the certificate sign request.") raise ValueError("The certificate was already requsted without the certificate sign request.")
certificate_dict["id"] = self.getSourceReference() certificate_dict["id"] = self.getCsrId()
crt_pem = caucase_connector.getCertificate(int(self.getSourceReference())) crt_pem = caucase_connector.getCertificate(self.getCsrId())
certificate_dict["certificate"] = crt_pem certificate_dict["certificate"] = crt_pem
# We should assert that reference is the CN of crt_pem # We should assert that reference is the CN of crt_pem
return certificate_dict return certificate_dict
...@@ -75,18 +75,18 @@ class CertificateLoginMixin: ...@@ -75,18 +75,18 @@ class CertificateLoginMixin:
caucase_connector.createCertificate(csr_id, template_csr=template_csr) caucase_connector.createCertificate(csr_id, template_csr=template_csr)
crt_pem = caucase_connector.getCertificate(csr_id) crt_pem = caucase_connector.getCertificate(csr_id)
self.setSourceReference(csr_id) self.setCsrId(csr_id)
return { return {
"certificate" : crt_pem, "certificate" : crt_pem,
"id" : self.getSourceReference(), "id" : self.getCsrId(),
"common_name" : reference "common_name" : reference
} }
security.declarePublic('getCertificate') security.declarePublic('getCertificate')
def getCertificate(self, csr=None): def getCertificate(self, csr=None):
"""Returns new SSL certificate""" """Returns new SSL certificate"""
if csr is None and self.getSourceReference() is None: if csr is None and self.getCsrId() is None:
key, csr = self._getCaucaseConnector()._createCertificateRequest() key, csr = self._getCaucaseConnector()._createCertificateRequest()
certificate_dict = self._getCertificate(csr=csr) certificate_dict = self._getCertificate(csr=csr)
certificate_dict["key"] = key certificate_dict["key"] = key
...@@ -96,13 +96,13 @@ class CertificateLoginMixin: ...@@ -96,13 +96,13 @@ class CertificateLoginMixin:
def _revokeCertificate(self, key_pem=None): def _revokeCertificate(self, key_pem=None):
if self.getDestinationReference() is not None or ( if self.getDestinationReference() is not None or (
self.getReference() is not None and self.getSourceReference() is None self.getReference() is not None and self.getCsrId() is None
): ):
raise ValueError("You cannot revoke certificates from prior implementation!") raise ValueError("You cannot revoke certificates from prior implementation!")
if self.getSourceReference() is not None: if self.getCsrId() is not None:
caucase_connector = self._getCaucaseConnector() caucase_connector = self._getCaucaseConnector()
crt_pem = caucase_connector.getCertificate(int(self.getSourceReference())) crt_pem = caucase_connector.getCertificate(self.getCsrId())
if key_pem is None: if key_pem is None:
return caucase_connector.revokeCertificate(crt_pem, key_pem) return caucase_connector.revokeCertificate(crt_pem, key_pem)
return caucase_connector.revokeCertificate(crt_pem) return caucase_connector.revokeCertificate(crt_pem)
......
...@@ -4,4 +4,7 @@ ...@@ -4,4 +4,7 @@
<item>Reference</item> <item>Reference</item>
<item>Url</item> <item>Url</item>
</portal_type> </portal_type>
<portal_type id="Certificate Login">
<item>CaucaseCertificateLogin</item>
</portal_type>
</property_sheet_list> </property_sheet_list>
\ No newline at end of file
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Property Sheet" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_count</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_mt_index</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>_tree</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>CaucaseCertificateLogin</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Length" module="BTrees.Length"/>
</pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Standard Property" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>elementary_type/int</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string>Certificate Signing Request ID</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>csr_id_property</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -27,7 +27,6 @@ ...@@ -27,7 +27,6 @@
# #
############################################################################## ##############################################################################
#import os
import random import random
from Products.ERP5Type.tests.ERP5TypeCaucaseTestCase import ERP5TypeCaucaseTestCase from Products.ERP5Type.tests.ERP5TypeCaucaseTestCase import ERP5TypeCaucaseTestCase
from Products.ERP5Type.Core.Workflow import ValidationFailed from Products.ERP5Type.Core.Workflow import ValidationFailed
...@@ -325,7 +324,7 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase): ...@@ -325,7 +324,7 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase):
self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0]) self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0])
self.assertEqual(certificate_login.getDestinationReference(), None) self.assertEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(certificate_login.getSourceReference(), None) self.assertNotEqual(certificate_login.getCsrId(), None)
self.assertEqual(None, certificate_login.revokeCertificate()) self.assertEqual(None, certificate_login.revokeCertificate())
self.assertEqual(certificate_login.getDestinationReference(), None) self.assertEqual(certificate_login.getDestinationReference(), None)
...@@ -351,7 +350,7 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase): ...@@ -351,7 +350,7 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase):
self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0]) self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0])
self.assertEqual(certificate_login.getDestinationReference(), None) self.assertEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(certificate_login.getSourceReference(), None) self.assertNotEqual(certificate_login.getCsrId(), None)
self.assertEqual(None, certificate_login.revokeCertificate(certificate_dict['key'])) self.assertEqual(None, certificate_login.revokeCertificate(certificate_dict['key']))
self.assertEqual(certificate_login.getDestinationReference(), None) self.assertEqual(certificate_login.getDestinationReference(), None)
...@@ -377,11 +376,11 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase): ...@@ -377,11 +376,11 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase):
self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0]) self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0])
self.assertEqual(certificate_login.getDestinationReference(), None) self.assertEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(certificate_login.getSourceReference(), None) self.assertNotEqual(certificate_login.getCsrId(), None)
# Older implementation wont set it on the Certificate login # Older implementation wont set it on the Certificate login
certificate_login.setDestinationReference(None) certificate_login.setDestinationReference(None)
certificate_login.setSourceReference(None) certificate_login.setCsrId(None)
# Still raise since it has no valid certificate anymore # Still raise since it has no valid certificate anymore
self.assertRaises(ValueError, certificate_login.revokeCertificate) self.assertRaises(ValueError, certificate_login.revokeCertificate)
......
Caucase Connector | CaucaseConnector Caucase Connector | CaucaseConnector
Caucase Connector | Reference Caucase Connector | Reference
Caucase Connector | Url Caucase Connector | Url
Certificate Login | CaucaseCertificateLogin
\ No newline at end of file
CaucaseCertificateLogin
CaucaseConnector CaucaseConnector
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment