From a2f9fc97c14aa9095dba5c544400b42c00d2d086 Mon Sep 17 00:00:00 2001 From: Sam Havron Date: Wed, 23 Jun 2021 18:36:16 -0400 Subject: [PATCH 1/6] Add rotation toggle and filter to table view --- lemur/certificates/schemas.py | 1 + lemur/certificates/service.py | 12 ++++++++--- lemur/certificates/views.py | 11 ++++++---- .../app/angular/certificates/services.js | 2 +- .../app/angular/certificates/view/view.js | 21 ++++++++++++++++++- .../angular/certificates/view/view.tpl.html | 6 ++++++ 6 files changed, 44 insertions(+), 9 deletions(-) diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py index 3a2d1625d3..3adc2ab41a 100644 --- a/lemur/certificates/schemas.py +++ b/lemur/certificates/schemas.py @@ -365,6 +365,7 @@ class CertificateShortOutputSchema(LemurOutputSchema): name = fields.String() owner = fields.Email() notify = fields.Boolean() + rotation = fields.Boolean() authority = fields.Nested(AuthorityNestedOutputSchema) issuer = fields.String() cn = fields.String() diff --git a/lemur/certificates/service.py b/lemur/certificates/service.py index 14c9d2e003..dfdd4d2cc9 100644 --- a/lemur/certificates/service.py +++ b/lemur/certificates/service.py @@ -354,14 +354,18 @@ def cleanup_owner_roles_notification(owner_name, kwargs): kwargs["notifications"] = [n for n in kwargs["notifications"] if not n.label.startswith(notification_prefix)] -def update_notify(cert, notify_flag): +def update_switches(cert, notify_flag=None, rotation_flag=None): """ - Toggle notification value which is a boolean + Toggle notification and/or rotation values which are boolean :param notify_flag: new notify value + :param rotation_flag: new rotation value :param cert: Certificate object to be updated :return: """ - cert.notify = notify_flag + if notify_flag is not None: # check for None allows value of False to continue + cert.notify = notify_flag + if rotation_flag is not None: + cert.rotation = rotation_flag return database.update(cert) @@ -561,6 +565,8 @@ def render(args): ) elif "notify" in filt: query = query.filter(Certificate.notify == truthiness(terms[1])) + elif "rotation" in filt: + query = query.filter(Certificate.rotation == truthiness(terms[1])) elif "active" in filt: query = query.filter(Certificate.active == truthiness(terms[1])) elif "cn" in terms: diff --git a/lemur/certificates/views.py b/lemur/certificates/views.py index 35a549a6d6..3cf7572a07 100644 --- a/lemur/certificates/views.py +++ b/lemur/certificates/views.py @@ -352,6 +352,7 @@ def get(self): parser.add_argument("owner", type=inputs.boolean, location="args") parser.add_argument("id", type=str, location="args") parser.add_argument("active", type=inputs.boolean, location="args") + parser.add_argument("rotation", type=inputs.boolean, location="args") parser.add_argument( "destinationId", type=int, dest="destination_id", location="args" ) @@ -931,7 +932,7 @@ def put(self, certificate_id, data=None): @validate_schema(certificate_edit_input_schema, certificate_output_schema) def post(self, certificate_id, data=None): """ - .. http:post:: /certificates/1/update/notify + .. http:post:: /certificates/1/update/switches Update certificate notification @@ -945,7 +946,8 @@ def post(self, certificate_id, data=None): Content-Type: application/json;charset=UTF-8 { - "notify": false + "notify": false, # Optional + "rotation": false # Optional } **Example response**: @@ -980,6 +982,7 @@ def post(self, certificate_id, data=None): "description": null, "deleted": null, "notify": false, + "rotation": false, "notifications": [{ "id": 1 }] @@ -1029,7 +1032,7 @@ def post(self, certificate_id, data=None): 403, ) - cert = service.update_notify(cert, data.get("notify")) + cert = service.update_switches(cert, notify_flag=data.get("notify"), rotation_flag=data.get("rotation")) log_service.create(g.current_user, "update_cert", certificate=cert) return cert @@ -1516,7 +1519,7 @@ def put(self, certificate_id, data=None): Certificates, "/certificates/", endpoint="certificate" ) api.add_resource( - Certificates, "/certificates//update/notify", endpoint="certificateUpdateNotify" + Certificates, "/certificates//update/switches", endpoint="certificateUpdateSwitches" ) api.add_resource(CertificatesStats, "/certificates/stats", endpoint="certificateStats") api.add_resource( diff --git a/lemur/static/app/angular/certificates/services.js b/lemur/static/app/angular/certificates/services.js index 52877186e2..0b88073548 100644 --- a/lemur/static/app/angular/certificates/services.js +++ b/lemur/static/app/angular/certificates/services.js @@ -305,7 +305,7 @@ angular.module('lemur') return certificate.customGET('key'); }; - CertificateService.updateNotify = function (certificate) { + CertificateService.updateSwitches = function (certificate) { return certificate.post(); }; diff --git a/lemur/static/app/angular/certificates/view/view.js b/lemur/static/app/angular/certificates/view/view.js index 72a3161895..5b8b7b3106 100644 --- a/lemur/static/app/angular/certificates/view/view.js +++ b/lemur/static/app/angular/certificates/view/view.js @@ -115,7 +115,7 @@ angular.module('lemur') }; $scope.updateNotify = function (certificate) { - CertificateService.updateNotify(certificate).then( + CertificateService.updateSwitches(certificate).then( function () { toaster.pop({ type: 'success', @@ -133,6 +133,25 @@ angular.module('lemur') certificate.notify = false; }); }; + $scope.updateRotation = function (certificate) { + CertificateService.updateSwitches(certificate).then( + function () { + toaster.pop({ + type: 'success', + title: certificate.name, + body: 'Updated!' + }); + }, + function (response) { + toaster.pop({ + type: 'error', + title: certificate.name, + body: 'Unable to update! ' + response.data.message, + timeout: 100000 + }); + certificate.rotation = false; + }); + }; $scope.getCertificateStatus = function () { var def = $q.defer(); def.resolve([{'title': 'True', 'id': true}, {'title': 'False', 'id': false}]); diff --git a/lemur/static/app/angular/certificates/view/view.tpl.html b/lemur/static/app/angular/certificates/view/view.tpl.html index 06c4d860f4..5068526c46 100644 --- a/lemur/static/app/angular/certificates/view/view.tpl.html +++ b/lemur/static/app/angular/certificates/view/view.tpl.html @@ -37,6 +37,12 @@

Certificates
  • {{ certificate.name }}
  • {{ certificate.owner }}
    • + + +
    + +
    From 8fd2757adb651568482544a6abb9483a39d10734 Mon Sep 17 00:00:00 2001 From: Sam Havron Date: Wed, 23 Jun 2021 18:45:06 -0400 Subject: [PATCH 2/6] docs comment style --- lemur/certificates/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lemur/certificates/views.py b/lemur/certificates/views.py index 3cf7572a07..b41cf8a60a 100644 --- a/lemur/certificates/views.py +++ b/lemur/certificates/views.py @@ -946,8 +946,8 @@ def post(self, certificate_id, data=None): Content-Type: application/json;charset=UTF-8 { - "notify": false, # Optional - "rotation": false # Optional + "notify": false, + "rotation": false } **Example response**: From c7f111525ef893af708ad4b023ec63ce15a3fed5 Mon Sep 17 00:00:00 2001 From: Sam Havron Date: Wed, 23 Jun 2021 18:48:38 -0400 Subject: [PATCH 3/6] edit api docs --- lemur/certificates/views.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lemur/certificates/views.py b/lemur/certificates/views.py index b41cf8a60a..f0fb404f0f 100644 --- a/lemur/certificates/views.py +++ b/lemur/certificates/views.py @@ -934,20 +934,20 @@ def post(self, certificate_id, data=None): """ .. http:post:: /certificates/1/update/switches - Update certificate notification + Update certificate boolean switches for notification or rotation **Example request**: .. sourcecode:: http - POST /certificates/1/update/notify HTTP/1.1 + POST /certificates/1/update/switches HTTP/1.1 Host: example.com Accept: application/json, text/javascript Content-Type: application/json;charset=UTF-8 { - "notify": false, - "rotation": false + "notify": false, + "rotation": false } **Example response**: From 3e94c84137a6a323deb955f54c6031e852a299a1 Mon Sep 17 00:00:00 2001 From: Sam Havron Date: Mon, 28 Jun 2021 18:55:20 -0400 Subject: [PATCH 4/6] 0.9.1 changelog --- CHANGELOG.rst | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index a3cd7cc81a..668b1a2968 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,6 +1,51 @@ Changelog ========= +0.9.1 - `2021-06-28` +~~~~~~~~~~~~~~~~~~~~ + +This release introduces a breaking change (PR `#3646 `_) to the following API endpoint: + +- `POST /certificates/1/update/notify `_ + +The endpoint is now: + +- `POST /certificates/1/update/switches `_ + +The new endpoint honors the existing `notify` request parameter, and additionally accepts a new `rotation` parameter. +As a result of this change, the certificate table view now includes rotation switches and filtering by rotation status. + + +Other notable changes in this release: + +- ACME: + - New celery task to prevent duplicate certificates from being autorotated + - ACME DNS-01 Challenges are supported in synchronous mode + - DNS provider check fails gracefully if not found +- Authentication: + - SSO auth now returns a newly created user during initial login + - CSRF protection is added to OAuth2.0 +- Notifications: + - New reissue failed notification + - New reissue with no endpoints notification + - New revocation notification +- Plugins: + - Plugin option values are validated server-side + - Some plugin option validations updated to compile successfully server-side +- Database: + - Source and Destination deletions remove certificate associations with new confirmation dialog +- Dependency updates and conflict resolutions +- Expanded audit logs + +And several smaller bugfixes and improvements. + +Special thanks to all who contributed to this release, notably: + +- `havron `_ +- `tho `_ +- `mizzy `_ + + 0.9.0 - `2021-03-17` ~~~~~~~~~~~~~~~~~~~~ From 7edee9f444e21b6463f55a4aa2e84c005fde80d4 Mon Sep 17 00:00:00 2001 From: charhate Date: Mon, 28 Jun 2021 17:04:59 -0700 Subject: [PATCH 5/6] 0.9.0 -> 0.10.0 Bumping minor version give all the changes, specially the API change that is not backward compatible --- CHANGELOG.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 668b1a2968..4159830670 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,7 +1,7 @@ Changelog ========= -0.9.1 - `2021-06-28` +0.10.0 - `2021-06-28` ~~~~~~~~~~~~~~~~~~~~ This release introduces a breaking change (PR `#3646 `_) to the following API endpoint: From 2a4f804c335436abfadb839eeae20d72fd914d91 Mon Sep 17 00:00:00 2001 From: charhate Date: Mon, 28 Jun 2021 17:13:30 -0700 Subject: [PATCH 6/6] Fix Title underline WARNING: Title underline too short --- CHANGELOG.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 4159830670..0aa348e52c 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -2,7 +2,7 @@ Changelog ========= 0.10.0 - `2021-06-28` -~~~~~~~~~~~~~~~~~~~~ +~~~~~~~~~~~~~~~~~~~~~ This release introduces a breaking change (PR `#3646 `_) to the following API endpoint: