Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
E
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kirill Smelkov
erp5
Commits
ca74a8ea
Commit
ca74a8ea
authored
Aug 15, 2023
by
Rafael Monnerat
Browse files
Options
Browse Files
Download
Plain Diff
Support multiple certificates per user
See merge request
nexedi/erp5!1811
parents
63254fe4
e80c4d7e
Changes
27
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
27 changed files
with
943 additions
and
105 deletions
+943
-105
bt5/erp5_certificate_authority/ActionTemplateItem/portal_types/Certificate%20Login/get_certificate.xml
...Item/portal_types/Certificate%20Login/get_certificate.xml
+18
-3
bt5/erp5_certificate_authority/ActionTemplateItem/portal_types/Certificate%20Login/revoke_certificate.xml
...m/portal_types/Certificate%20Login/revoke_certificate.xml
+17
-2
bt5/erp5_certificate_authority/DocumentTemplateItem/portal_components/document.erp5_certificate_authority.Person.py
..._components/document.erp5_certificate_authority.Person.py
+15
-43
bt5/erp5_certificate_authority/MixinTemplateItem/portal_components/mixin.erp5.CertificateLoginMixin.py
...tem/portal_components/mixin.erp5.CertificateLoginMixin.py
+76
-0
bt5/erp5_certificate_authority/MixinTemplateItem/portal_components/mixin.erp5.CertificateLoginMixin.xml
...em/portal_components/mixin.erp5.CertificateLoginMixin.xml
+102
-0
bt5/erp5_certificate_authority/PortalTypeTemplateItem/portal_types/Certificate%20Authority%20Tool.xml
...plateItem/portal_types/Certificate%20Authority%20Tool.xml
+13
-38
bt5/erp5_certificate_authority/PortalTypeTypeMixinTemplateItem/type_mixin.xml
..._authority/PortalTypeTypeMixinTemplateItem/type_mixin.xml
+5
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_getCertificate.py
..._certificate_authority/CertificateLogin_getCertificate.py
+12
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_getCertificate.xml
...certificate_authority/CertificateLogin_getCertificate.xml
+1
-1
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_revokeCertificate.py
...rtificate_authority/CertificateLogin_revokeCertificate.py
+5
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_revokeCertificate.xml
...tificate_authority/CertificateLogin_revokeCertificate.xml
+1
-1
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_view.xml
...kins/erp5_certificate_authority/CertificateLogin_view.xml
+1
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_view/my_destination_reference.xml
...hority/CertificateLogin_view/my_destination_reference.xml
+96
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_view/my_reference.xml
...tificate_authority/CertificateLogin_view/my_reference.xml
+1
-1
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_viewCertificateDialog.xml
...cate_authority/CertificateLogin_viewCertificateDialog.xml
+7
-3
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_viewCertificateDialog/your_certificate.xml
...rtificateLogin_viewCertificateDialog/your_certificate.xml
+0
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_viewCertificateDialog/your_key.xml
...ority/CertificateLogin_viewCertificateDialog/your_key.xml
+0
-0
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_viewCertificateDialog/your_tip.xml
...ority/CertificateLogin_viewCertificateDialog/your_tip.xml
+3
-1
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityPerson.py
...al_components/test.erp5.testCertificateAuthorityPerson.py
+289
-0
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityPerson.xml
...l_components/test.erp5.testCertificateAuthorityPerson.xml
+3
-3
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.py
...rtal_components/test.erp5.testCertificateAuthorityTool.py
+154
-0
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.xml
...tal_components/test.erp5.testCertificateAuthorityTool.xml
+112
-0
bt5/erp5_certificate_authority/ToolComponentTemplateItem/portal_components/tool.erp5.CertificateAuthorityTool.py
...m/portal_components/tool.erp5.CertificateAuthorityTool.py
+5
-5
bt5/erp5_certificate_authority/bt/template_action_path_list
bt5/erp5_certificate_authority/bt/template_action_path_list
+3
-3
bt5/erp5_certificate_authority/bt/template_mixin_id_list
bt5/erp5_certificate_authority/bt/template_mixin_id_list
+1
-0
bt5/erp5_certificate_authority/bt/template_portal_type_type_mixin_list
...ificate_authority/bt/template_portal_type_type_mixin_list
+1
-0
bt5/erp5_certificate_authority/bt/template_test_id_list
bt5/erp5_certificate_authority/bt/template_test_id_list
+2
-1
No files found.
bt5/erp5_certificate_authority/ActionTemplateItem/portal_types/
Perso
n/get_certificate.xml
→
bt5/erp5_certificate_authority/ActionTemplateItem/portal_types/
Certificate%20Logi
n/get_certificate.xml
View file @
ca74a8ea
...
...
@@ -26,7 +26,9 @@
</item>
<item>
<key>
<string>
condition
</string>
</key>
<value>
<string></string>
</value>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
...
...
@@ -56,7 +58,7 @@
</item>
<item>
<key>
<string>
priority
</string>
</key>
<value>
<float>
1
0
.0
</float>
</value>
<value>
<float>
1
1
.0
</float>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
...
...
@@ -77,7 +79,20 @@
<dictionary>
<item>
<key>
<string>
text
</string>
</key>
<value>
<string>
string:${object_url}/Person_getCertificate
</string>
</value>
<value>
<string>
string:${object_url}/CertificateLogin_getCertificate
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"Expression"
module=
"Products.CMFCore.Expression"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
text
</string>
</key>
<value>
<string>
python: here.getDestinationReference() is None
</string>
</value>
</item>
</dictionary>
</pickle>
...
...
bt5/erp5_certificate_authority/ActionTemplateItem/portal_types/
Perso
n/revoke_certificate.xml
→
bt5/erp5_certificate_authority/ActionTemplateItem/portal_types/
Certificate%20Logi
n/revoke_certificate.xml
View file @
ca74a8ea
...
...
@@ -26,7 +26,9 @@
</item>
<item>
<key>
<string>
condition
</string>
</key>
<value>
<string></string>
</value>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
...
...
@@ -77,7 +79,20 @@
<dictionary>
<item>
<key>
<string>
text
</string>
</key>
<value>
<string>
string:${object_url}/Person_revokeCertificate
</string>
</value>
<value>
<string>
string:${object_url}/CertificateLogin_revokeCertificate
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"Expression"
module=
"Products.CMFCore.Expression"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
text
</string>
</key>
<value>
<string>
python: here.getDestinationReference() is not None
</string>
</value>
</item>
</dictionary>
</pickle>
...
...
bt5/erp5_certificate_authority/DocumentTemplateItem/portal_components/document.erp5_certificate_authority.Person.py
View file @
ca74a8ea
...
...
@@ -5,30 +5,7 @@ from Products.ERP5Type import Permissions
class
Person
(
ERP5Person
):
security
=
ClassSecurityInfo
()
def
_getCertificateLoginDocument
(
self
):
for
_erp5_login
in
self
.
objectValues
(
portal_type
=
[
"ERP5 Login"
]):
if
_erp5_login
.
getValidationState
()
==
"validated"
and
\
_erp5_login
.
getReference
()
==
self
.
getUserId
():
# The user already created a Login document as UserId, so
# So just use this one.
return
_erp5_login
for
_certificate_login
in
self
.
objectValues
(
portal_type
=
[
"Certificate Login"
]):
if
_certificate_login
.
getValidationState
()
==
"validated"
:
return
_certificate_login
certificate_login
=
self
.
newContent
(
portal_type
=
"Certificate Login"
,
# For now use UserId as easy way.
reference
=
self
.
getUserId
()
)
certificate_login
.
validate
()
return
certificate_login
def
_checkCertificateRequest
(
self
):
def
checkCertificateRequest
(
self
):
try
:
self
.
checkUserCanChangePassword
()
except
Unauthorized
:
...
...
@@ -41,25 +18,20 @@ class Person(ERP5Person):
if
getSecurityManager
().
getUser
().
getId
()
!=
user_id
:
raise
def
_getCertificate
(
self
):
return
self
.
getPortalObject
().
portal_certificate_authority
\
.
getNewCertificate
(
self
.
_getCertificateLoginDocument
().
getReference
())
def
_revokeCertificate
(
self
):
return
self
.
getPortalObject
().
portal_certificate_authority
\
.
revokeCertificateByCommonName
(
self
.
_getCertificateLoginDocument
().
getReference
())
security
.
declarePublic
(
'getCertificate'
)
def
getCertificate
(
self
):
"""Returns new SSL certificate"""
self
.
_checkCertificateRequest
()
return
self
.
_getCertificate
()
security
.
declarePublic
(
'revokeCertificate'
)
def
revokeCertificate
(
self
):
"""Revokes existing certificate"""
self
.
_checkCertificateRequest
()
self
.
_revokeCertificate
()
def
_generateCertificate
(
self
):
certificate_login
=
self
.
newContent
(
portal_type
=
"Certificate Login"
,
)
certificate_dict
=
certificate_login
.
getCertificate
()
certificate_login
.
validate
()
return
certificate_dict
security
.
declarePublic
(
'generateCertificate'
)
def
generateCertificate
(
self
):
"""Returns new SSL certificate
This API was kept for backward compatibility"""
self
.
checkCertificateRequest
()
return
self
.
_generateCertificate
()
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getTitle'
)
...
...
bt5/erp5_certificate_authority/MixinTemplateItem/portal_components/mixin.erp5.CertificateLoginMixin.py
0 → 100644
View file @
ca74a8ea
# -*- coding: utf-8 -*-
##############################################################################
#
# Copyright (c) 2023 Nexedi SA and Contributors. All Rights Reserved.
# Rafael Monnerat <rafael@nexedi.com>
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly advised to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from
AccessControl
import
ClassSecurityInfo
class
CertificateLoginMixin
:
security
=
ClassSecurityInfo
()
def
_getCertificate
(
self
):
portal
=
self
.
getPortalObject
()
_id
=
self
.
_generateRandomId
()
reference
=
'CERTLOGIN-%i-%s'
%
(
portal
.
portal_ids
.
generateNewId
(
id_group
=
'certificate_login'
,
id_generator
=
'non_continuous_integer_increasing'
,
),
_id
)
self
.
setReference
(
reference
)
certificate_dict
=
self
.
getPortalObject
().
portal_certificate_authority
\
.
getNewCertificate
(
self
.
getReference
())
self
.
setDestinationReference
(
certificate_dict
[
'id'
])
return
certificate_dict
def
_revokeCertificate
(
self
):
if
self
.
getDestinationReference
()
is
not
None
:
certificate_dict
=
self
.
getPortalObject
().
portal_certificate_authority
\
.
revokeCertificate
(
self
.
getDestinationReference
())
self
.
setDestinationReference
(
None
)
return
certificate_dict
elif
self
.
getReference
()
is
not
None
:
# Backward compatibility whenever the serial wast set
certificate_dict
=
self
.
getPortalObject
().
portal_certificate_authority
\
.
revokeCertificateByCommonName
(
self
.
getReference
())
# Ensure it is None
self
.
setDestinationReference
(
None
)
return
certificate_dict
else
:
raise
ValueError
(
"No certificate found to revoke!"
)
security
.
declarePublic
(
'getCertificate'
)
def
getCertificate
(
self
):
"""Returns new SSL certificate"""
if
self
.
getDestinationReference
()
is
not
None
:
raise
ValueError
(
"Certificate was already issued, please revoke first."
)
return
self
.
_getCertificate
()
security
.
declarePublic
(
'revokeCertificate'
)
def
revokeCertificate
(
self
):
"""Revokes existing certificate"""
self
.
_revokeCertificate
()
bt5/erp5_certificate_authority/MixinTemplateItem/portal_components/mixin.erp5.CertificateLoginMixin.xml
0 → 100644
View file @
ca74a8ea
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Mixin Component"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
default_reference
</string>
</key>
<value>
<string>
CertificateLoginMixin
</string>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
mixin.erp5.CertificateLoginMixin
</string>
</value>
</item>
<item>
<key>
<string>
sid
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
text_content_error_message
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
text_content_warning_message
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
version
</string>
</key>
<value>
<string>
erp5
</string>
</value>
</item>
<item>
<key>
<string>
workflow_history
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
component_validation_workflow
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"WorkflowHistoryList"
module=
"Products.ERP5Type.Workflow"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_log
</string>
</key>
<value>
<list>
<dictionary>
<item>
<key>
<string>
action
</string>
</key>
<value>
<string>
validate
</string>
</value>
</item>
<item>
<key>
<string>
validation_state
</string>
</key>
<value>
<string>
validated
</string>
</value>
</item>
</dictionary>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
bt5/erp5_certificate_authority/PortalTypeTemplateItem/portal_types/Certificate%20Authority%20Tool.xml
View file @
ca74a8ea
...
...
@@ -10,22 +10,16 @@
<key>
<string>
_property_domain_dict
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
description
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
short_title
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
M
=
</string>
</persistent>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
I
=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
Q
=
</string>
</persistent>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
M
=
</string>
</persistent>
</value>
</item>
</dictionary>
...
...
@@ -45,9 +39,7 @@
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
<value>
<string>
Certificate Authority Tool contains Certificate Authority.
</string>
</value>
</item>
<item>
<key>
<string>
factory
</string>
</key>
...
...
@@ -79,9 +71,15 @@
<none/>
</value>
</item>
<item>
<key>
<string>
searchable_text_property_id
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string>
Contribution Tool
</string>
</value>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
type_class
</string>
</key>
...
...
@@ -104,28 +102,7 @@
<dictionary>
<item>
<key>
<string>
domain_name
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
property_name
</string>
</key>
<value>
<string>
description
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"TranslationInformation"
module=
"Products.ERP5Type.TranslationProviderBase"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
domain_name
</string>
</key>
<value>
<none/>
</value>
<value>
<string>
erp5_ui
</string>
</value>
</item>
<item>
<key>
<string>
property_name
</string>
</key>
...
...
@@ -134,7 +111,7 @@
</dictionary>
</pickle>
</record>
<record
id=
"
4"
aka=
"AAAAAAAAAAQ
="
>
<record
id=
"
3"
aka=
"AAAAAAAAAAM
="
>
<pickle>
<global
name=
"TranslationInformation"
module=
"Products.ERP5Type.TranslationProviderBase"
/>
</pickle>
...
...
@@ -142,9 +119,7 @@
<dictionary>
<item>
<key>
<string>
domain_name
</string>
</key>
<value>
<none/>
</value>
<value>
<string>
erp5_ui
</string>
</value>
</item>
<item>
<key>
<string>
property_name
</string>
</key>
...
...
bt5/erp5_certificate_authority/PortalTypeTypeMixinTemplateItem/type_mixin.xml
0 → 100644
View file @
ca74a8ea
<type_mixin>
<portal_type
id=
"Certificate Login"
>
<item>
CertificateLoginMixin
</item>
</portal_type>
</type_mixin>
\ No newline at end of file
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Perso
n_getCertificate.py
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogi
n_getCertificate.py
View file @
ca74a8ea
parent
=
context
.
getParentValue
()
if
parent
.
getPortalType
()
==
"Person"
:
parent
.
checkCertificateRequest
()
certificate
=
context
.
getCertificate
()
request
=
context
.
REQUEST
request
.
set
(
'your_certificate'
,
certificate
[
'certificate'
])
request
.
set
(
'your_key'
,
certificate
[
'key'
])
return
context
.
Person_viewCertificateDialog
()
return
context
.
CertificateLogin_viewCertificateDialog
(
keep_items
=
{
'portal_status_message'
:
'Certificate generated.'
}
)
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Person_revoke
Certificate.xml
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogin_get
Certificate.xml
View file @
ca74a8ea
...
...
@@ -54,7 +54,7 @@
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
Person_revoke
Certificate
</string>
</value>
<value>
<string>
CertificateLogin_get
Certificate
</string>
</value>
</item>
</dictionary>
</pickle>
...
...
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Perso
n_revokeCertificate.py
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogi
n_revokeCertificate.py
View file @
ca74a8ea
parent
=
context
.
getParentValue
()
if
parent
.
getPortalType
()
==
"Person"
:
parent
.
checkCertificateRequest
()
context
.
revokeCertificate
()
return
context
.
Base_redirect
(
form_id
,
keep_items
=
{
'portal_status_message'
:
'Certificate revoked.'
},
**
kw
)
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Person_get
Certificate.xml
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogin_revoke
Certificate.xml
View file @
ca74a8ea
...
...
@@ -54,7 +54,7 @@
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
Person_get
Certificate
</string>
</value>
<value>
<string>
CertificateLogin_revoke
Certificate
</string>
</value>
</item>
</dictionary>
</pickle>
...
...
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_view.xml
View file @
ca74a8ea
...
...
@@ -106,6 +106,7 @@
<key>
<string>
right
</string>
</key>
<value>
<list>
<string>
my_destination_reference
</string>
<string>
my_translated_validation_state_title
</string>
</list>
</value>
...
...
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_view/my_destination_reference.xml
0 → 100644
View file @
ca74a8ea
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"ProxyField"
module=
"Products.ERP5Form.ProxyField"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
delegated_list
</string>
</key>
<value>
<list>
<string>
title
</string>
</list>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
my_destination_reference
</string>
</value>
</item>
<item>
<key>
<string>
message_values
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
external_validator_failed
</string>
</key>
<value>
<string>
The input failed the external validator.
</string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
overrides
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string></string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
tales
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string></string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
values
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string>
my_view_mode_read_only_reference
</string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string>
Base_viewFieldLibrary
</string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string>
Click to edit the target
</string>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string>
Authorisation Identity
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_view/my_reference.xml
View file @
ca74a8ea
...
...
@@ -78,7 +78,7 @@
</item>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string>
my_
string_field
</string>
</value>
<value>
<string>
my_
view_mode_read_only_reference
</string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
...
...
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Perso
n_viewCertificateDialog.xml
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogi
n_viewCertificateDialog.xml
View file @
ca74a8ea
...
...
@@ -41,6 +41,10 @@
<key>
<string>
action
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
action_title
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<string></string>
</value>
...
...
@@ -115,7 +119,7 @@
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
Perso
n_viewCertificateDialog
</string>
</value>
<value>
<string>
CertificateLogi
n_viewCertificateDialog
</string>
</value>
</item>
<item>
<key>
<string>
method
</string>
</key>
...
...
@@ -123,7 +127,7 @@
</item>
<item>
<key>
<string>
name
</string>
</key>
<value>
<string>
Perso
n_viewCertificateDialog
</string>
</value>
<value>
<string>
CertificateLogi
n_viewCertificateDialog
</string>
</value>
</item>
<item>
<key>
<string>
pt
</string>
</key>
...
...
@@ -139,7 +143,7 @@
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string>
Certificate Request
</string>
</value>
<value>
<string>
Request Certificate
</string>
</value>
</item>
<item>
<key>
<string>
unicode_mode
</string>
</key>
...
...
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Perso
n_viewCertificateDialog/your_certificate.xml
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogi
n_viewCertificateDialog/your_certificate.xml
View file @
ca74a8ea
File moved
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Perso
n_viewCertificateDialog/your_key.xml
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogi
n_viewCertificateDialog/your_key.xml
View file @
ca74a8ea
File moved
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
Perso
n_viewCertificateDialog/your_tip.xml
→
bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/
CertificateLogi
n_viewCertificateDialog/your_tip.xml
View file @
ca74a8ea
...
...
@@ -211,7 +211,9 @@
<key>
<string>
default
</string>
</key>
<value>
<string>
Please copy both key and certificate.\n
\n
They are NOT stored anywhere for security reason.
</string>
</value>
They are NOT stored anywhere for security reason.\n
\n
To activate the certificate, you still have to validate the Certificate Login
</string>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
...
...
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5
_certificate_authority.testCertificateAuthorityTool
.py
→
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5
.testCertificateAuthorityPerson
.py
View file @
ca74a8ea
This diff is collapsed.
Click to expand it.
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5
_certificate_authority.testCertificateAuthorityTool
.xml
→
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5
.testCertificateAuthorityPerson
.xml
View file @
ca74a8ea
...
...
@@ -8,7 +8,7 @@
<dictionary>
<item>
<key>
<string>
default_reference
</string>
</key>
<value>
<string>
testCertificateAuthority
Tool
</string>
</value>
<value>
<string>
testCertificateAuthority
Person
</string>
</value>
</item>
<item>
<key>
<string>
default_source_reference
</string>
</key>
...
...
@@ -22,7 +22,7 @@
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
test.erp5
_certificate_authority.testCertificateAuthorityTool
</string>
</value>
<value>
<string>
test.erp5
.testCertificateAuthorityPerson
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
...
...
@@ -48,7 +48,7 @@
</item>
<item>
<key>
<string>
version
</string>
</key>
<value>
<string>
erp5
_certificate_authority
</string>
</value>
<value>
<string>
erp5
</string>
</value>
</item>
<item>
<key>
<string>
workflow_history
</string>
</key>
...
...
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.py
0 → 100644
View file @
ca74a8ea
# -*- coding: utf-8 -*-
##############################################################################
#
# Copyright (c) 2005 Nexedi SARL and Contributors. All Rights Reserved.
# Ivan Tyagov <ivan@nexedi.com>
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsability of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# garantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import
os
import
random
from
Products.ERP5Type.tests.ERP5TypeTestCase
import
ERP5TypeTestCase
from
erp5.component.tool.CertificateAuthorityTool
import
CertificateAuthorityBusy
#from AccessControl import Unauthorized
class
TestCertificateAuthorityTool
(
ERP5TypeTestCase
):
def
afterSetUp
(
self
):
if
"TEST_CA_PATH"
in
os
.
environ
:
self
.
portal
.
portal_certificate_authority
.
certificate_authority_path
=
\
os
.
environ
[
'TEST_CA_PATH'
]
def
getBusinessTemplateList
(
self
):
return
(
'erp5_base'
,
'erp5_certificate_authority'
)
def
test_lock_unlock
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
certificate_authority_tool
.
_checkCertificateAuthority
()
try
:
certificate_authority_tool
.
_lockCertificateAuthority
()
certificate_authority_tool
.
_unlockCertificateAuthority
()
certificate_authority_tool
.
_lockCertificateAuthority
()
self
.
assertRaises
(
CertificateAuthorityBusy
,
certificate_authority_tool
.
_lockCertificateAuthority
)
finally
:
certificate_authority_tool
.
_unlockCertificateAuthority
()
def
test_getNewCertificate
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
common_name
=
str
(
random
.
random
())
certificate_dict
=
certificate_authority_tool
.
getNewCertificate
(
common_name
)
self
.
assertEqual
(
common_name
,
certificate_dict
[
'common_name'
])
self
.
assertNotEqual
(
None
,
certificate_dict
[
'id'
])
self
.
assertNotEqual
(
None
,
certificate_dict
[
'key'
])
self
.
assertNotEqual
(
None
,
certificate_dict
[
'certificate'
])
self
.
assertIn
(
'CN=%s'
%
common_name
,
certificate_dict
[
'certificate'
])
# Check serial
serial
=
certificate_authority_tool
.
_getValidSerial
(
common_name
)
self
.
assertEqual
(
serial
,
[
certificate_dict
[
'id'
].
upper
()])
self
.
assertRaises
(
ValueError
,
certificate_authority_tool
.
getNewCertificate
,
common_name
)
def
test_getNewCertificate_locked
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
certificate_authority_tool
.
_checkCertificateAuthority
()
try
:
certificate_authority_tool
.
_lockCertificateAuthority
()
common_name
=
str
(
random
.
random
())
self
.
assertRaises
(
CertificateAuthorityBusy
,
certificate_authority_tool
.
getNewCertificate
,
common_name
)
certificate_authority_tool
.
_unlockCertificateAuthority
()
certificate_dict
=
certificate_authority_tool
.
getNewCertificate
(
common_name
)
self
.
assertEqual
(
common_name
,
certificate_dict
[
'common_name'
])
finally
:
certificate_authority_tool
.
_unlockCertificateAuthority
()
def
test_revokeCertificate_raise
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
common_name
=
str
(
random
.
random
())
self
.
assertRaises
(
ValueError
,
certificate_authority_tool
.
revokeCertificate
,
common_name
)
def
test_revokeCertificate
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
common_name
=
str
(
random
.
random
())
certificate_dict
=
certificate_authority_tool
.
getNewCertificate
(
common_name
)
self
.
assertEqual
(
common_name
,
certificate_dict
[
'common_name'
])
self
.
assertNotEqual
(
None
,
certificate_dict
[
'id'
])
self
.
assertIn
(
'CN=%s'
%
common_name
,
certificate_dict
[
'certificate'
])
# Check serial
serial_list
=
certificate_authority_tool
.
_getValidSerial
(
common_name
)
self
.
assertEqual
(
len
(
serial_list
),
1
)
self
.
assertEqual
(
serial_list
[
0
],
certificate_dict
[
'id'
].
upper
())
revoke_dict
=
certificate_authority_tool
.
revokeCertificate
(
serial_list
[
0
])
self
.
assertNotEqual
(
revoke_dict
[
'crl'
],
None
)
# No valid certificate anymore
self
.
assertRaises
(
ValueError
,
certificate_authority_tool
.
_getValidSerial
,
common_name
)
def
test_revokeCertificateByName
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
common_name
=
str
(
random
.
random
())
certificate_dict
=
certificate_authority_tool
.
getNewCertificate
(
common_name
)
self
.
assertEqual
(
common_name
,
certificate_dict
[
'common_name'
])
self
.
assertNotEqual
(
None
,
certificate_dict
[
'id'
])
self
.
assertIn
(
'CN=%s'
%
common_name
,
certificate_dict
[
'certificate'
])
serial_list
=
certificate_authority_tool
.
_getValidSerial
(
common_name
)
self
.
assertEqual
(
len
(
serial_list
),
1
)
self
.
assertEqual
(
serial_list
[
0
],
certificate_dict
[
'id'
].
upper
())
response
=
certificate_authority_tool
.
revokeCertificateByCommonName
(
common_name
)
self
.
assertEqual
(
None
,
response
)
# No valid certificate anymore
self
.
assertRaises
(
ValueError
,
certificate_authority_tool
.
_getValidSerial
,
common_name
)
def
test_revokeCertificate_locked
(
self
):
certificate_authority_tool
=
self
.
portal
.
portal_certificate_authority
common_name
=
str
(
random
.
random
())
certificate_dict
=
certificate_authority_tool
.
getNewCertificate
(
common_name
)
self
.
assertEqual
(
common_name
,
certificate_dict
[
'common_name'
])
try
:
certificate_authority_tool
.
_lockCertificateAuthority
()
self
.
assertRaises
(
CertificateAuthorityBusy
,
certificate_authority_tool
.
revokeCertificateByCommonName
,
common_name
)
certificate_authority_tool
.
_unlockCertificateAuthority
()
response
=
certificate_authority_tool
.
revokeCertificateByCommonName
(
common_name
)
self
.
assertEqual
(
None
,
response
)
# No valid certificate anymore
self
.
assertRaises
(
ValueError
,
certificate_authority_tool
.
_getValidSerial
,
common_name
)
finally
:
certificate_authority_tool
.
_unlockCertificateAuthority
()
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.xml
0 → 100644
View file @
ca74a8ea
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Test Component"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
default_reference
</string>
</key>
<value>
<string>
testCertificateAuthorityTool
</string>
</value>
</item>
<item>
<key>
<string>
default_source_reference
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
test.erp5.testCertificateAuthorityTool
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Test Component
</string>
</value>
</item>
<item>
<key>
<string>
sid
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
text_content_error_message
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
text_content_warning_message
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
version
</string>
</key>
<value>
<string>
erp5
</string>
</value>
</item>
<item>
<key>
<string>
workflow_history
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
component_validation_workflow
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"WorkflowHistoryList"
module=
"Products.ERP5Type.Workflow"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_log
</string>
</key>
<value>
<list>
<dictionary>
<item>
<key>
<string>
action
</string>
</key>
<value>
<string>
validate
</string>
</value>
</item>
<item>
<key>
<string>
validation_state
</string>
</key>
<value>
<string>
validated
</string>
</value>
</item>
</dictionary>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
bt5/erp5_certificate_authority/ToolComponentTemplateItem/portal_components/tool.erp5.CertificateAuthorityTool.py
View file @
ca74a8ea
...
...
@@ -281,15 +281,15 @@ class CertificateAuthorityTool(BaseTool):
index
=
open
(
self
.
index
).
read
().
splitlines
()
valid_line_list
=
[
q
for
q
in
index
if
q
.
startswith
(
'V'
)
and
(
'CN=%s/'
%
common_name
in
q
)]
if
len
(
valid_line_list
)
!=
1
:
if
len
(
valid_line_list
)
<
1
:
raise
ValueError
(
'No certificate for %r'
%
common_name
)
return
valid_line_list
[
0
].
split
(
'
\
t
'
)[
3
]
return
[
l
.
split
(
'
\
t
'
)[
3
]
for
l
in
valid_line_list
]
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'revokeCertificate'
)
'revokeCertificate
ByCommonName
'
)
def
revokeCertificateByCommonName
(
self
,
common_name
):
self
.
_checkCertificateAuthority
()
serial
=
self
.
_getValidSerial
(
common_name
)
for
serial
in
self
.
_getValidSerial
(
common_name
):
self
.
revokeCertificate
(
serial
)
InitializeClass
(
CertificateAuthorityTool
)
bt5/erp5_certificate_authority/bt/template_action_path_list
View file @
ca74a8ea
Certificate Login | get_certificate
Certificate Login | revoke_certificate
Certificate Login | view
\ No newline at end of file
Person | get_certificate
Person | revoke_certificate
\ No newline at end of file
bt5/erp5_certificate_authority/bt/template_mixin_id_list
0 → 100644
View file @
ca74a8ea
mixin.erp5.CertificateLoginMixin
\ No newline at end of file
bt5/erp5_certificate_authority/bt/template_portal_type_type_mixin_list
0 → 100644
View file @
ca74a8ea
Certificate Login | CertificateLoginMixin
\ No newline at end of file
bt5/erp5_certificate_authority/bt/template_test_id_list
View file @
ca74a8ea
test.erp5_certificate_authority.testCertificateAuthorityTool
\ No newline at end of file
test.erp5.testCertificateAuthorityPerson
test.erp5.testCertificateAuthorityTool
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment