Commit fff99e68 authored by Rafael Monnerat's avatar Rafael Monnerat

erp5_certificate_authority: Use specific property for store CSR ID

   it ensure that property is an integer.
parent 693dcd75
......@@ -53,11 +53,11 @@ class CertificateLoginMixin:
certificate_dict = {
"common_name" : self.getReference()
}
if self.getReference() and self.getSourceReference():
if self.getReference() and self.getCsrId():
if csr is not None:
raise ValueError("The certificate was already requsted without the certificate sign request.")
certificate_dict["id"] = self.getSourceReference()
crt_pem = caucase_connector.getCertificate(int(self.getSourceReference()))
certificate_dict["id"] = self.getCsrId()
crt_pem = caucase_connector.getCertificate(self.getCsrId())
certificate_dict["certificate"] = crt_pem
# We should assert that reference is the CN of crt_pem
return certificate_dict
......@@ -75,18 +75,18 @@ class CertificateLoginMixin:
caucase_connector.createCertificate(csr_id, template_csr=template_csr)
crt_pem = caucase_connector.getCertificate(csr_id)
self.setSourceReference(csr_id)
self.setCsrId(csr_id)
return {
"certificate" : crt_pem,
"id" : self.getSourceReference(),
"id" : self.getCsrId(),
"common_name" : reference
}
security.declarePublic('getCertificate')
def getCertificate(self, csr=None):
"""Returns new SSL certificate"""
if csr is None and self.getSourceReference() is None:
if csr is None and self.getCsrId() is None:
key, csr = self._getCaucaseConnector()._createCertificateRequest()
certificate_dict = self._getCertificate(csr=csr)
certificate_dict["key"] = key
......@@ -96,13 +96,13 @@ class CertificateLoginMixin:
def _revokeCertificate(self, key_pem=None):
if self.getDestinationReference() is not None or (
self.getReference() is not None and self.getSourceReference() is None
self.getReference() is not None and self.getCsrId() is None
):
raise ValueError("You cannot revoke certificates from prior implementation!")
if self.getSourceReference() is not None:
if self.getCsrId() is not None:
caucase_connector = self._getCaucaseConnector()
crt_pem = caucase_connector.getCertificate(int(self.getSourceReference()))
crt_pem = caucase_connector.getCertificate(self.getCsrId())
if key_pem is None:
return caucase_connector.revokeCertificate(crt_pem, key_pem)
return caucase_connector.revokeCertificate(crt_pem)
......
......@@ -4,4 +4,7 @@
<item>Reference</item>
<item>Url</item>
</portal_type>
<portal_type id="Certificate Login">
<item>CaucaseCertificateLogin</item>
</portal_type>
</property_sheet_list>
\ No newline at end of file
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Property Sheet" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_count</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_mt_index</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>_tree</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>CaucaseCertificateLogin</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Length" module="BTrees.Length"/>
</pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Standard Property" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>elementary_type/int</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string>Certificate Signing Request ID</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>csr_id_property</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
......@@ -27,7 +27,6 @@
#
##############################################################################
#import os
import random
from Products.ERP5Type.tests.ERP5TypeCaucaseTestCase import ERP5TypeCaucaseTestCase
from Products.ERP5Type.Core.Workflow import ValidationFailed
......@@ -325,7 +324,7 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase):
self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0])
self.assertEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(certificate_login.getSourceReference(), None)
self.assertNotEqual(certificate_login.getCsrId(), None)
self.assertEqual(None, certificate_login.revokeCertificate())
self.assertEqual(certificate_login.getDestinationReference(), None)
......@@ -351,7 +350,7 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase):
self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0])
self.assertEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(certificate_login.getSourceReference(), None)
self.assertNotEqual(certificate_login.getCsrId(), None)
self.assertEqual(None, certificate_login.revokeCertificate(certificate_dict['key']))
self.assertEqual(certificate_login.getDestinationReference(), None)
......@@ -377,11 +376,11 @@ class TestPersonCertificateLogin(ERP5TypeCaucaseTestCase):
self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn_list[0])
self.assertEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(certificate_login.getSourceReference(), None)
self.assertNotEqual(certificate_login.getCsrId(), None)
# Older implementation wont set it on the Certificate login
certificate_login.setDestinationReference(None)
certificate_login.setSourceReference(None)
certificate_login.setCsrId(None)
# Still raise since it has no valid certificate anymore
self.assertRaises(ValueError, certificate_login.revokeCertificate)
......
Caucase Connector | CaucaseConnector
Caucase Connector | Reference
Caucase Connector | Url
\ No newline at end of file
Caucase Connector | Url
Certificate Login | CaucaseCertificateLogin
\ No newline at end of file
CaucaseCertificateLogin
CaucaseConnector
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment