Commit f0b8ac9a authored by michael.simon's avatar michael.simon
Browse files

Add ssh pub key management page for registry

parent 5d725ea2
......@@ -25,7 +25,7 @@ public class JpaSshPubKeyRegistryDao extends JpaBaseDao<SshPubKeyRegistryEntity,
@Override
@SuppressWarnings("unchecked")
public List<SshPubKeyRegistryEntity> findByUserAndService(Long userId, Long serviceId) {
return em.createQuery("select e from SshPubKeyRegistryEntity e where e.user.id = :userId and e.service.id = :serviceId")
return em.createQuery("select e from SshPubKeyRegistryEntity e where e.registry.user.id = :userId and e.registry.service.id = :serviceId")
.setParameter("userId", userId)
.setParameter("serviceId", serviceId)
.getResultList();
......
......@@ -79,6 +79,9 @@ public class ServiceEntity extends AbstractBaseEntity {
@Column(name="group_capable")
private Boolean groupCapable;
@Column(name="ssh_pub_key_capable")
private Boolean sshPubKeyCapable;
@ManyToOne(targetEntity = BusinessRuleEntity.class)
private BusinessRuleEntity accessRule;
......@@ -293,4 +296,12 @@ public class ServiceEntity extends AbstractBaseEntity {
this.deregisterText = deregisterText;
}
public Boolean getSshPubKeyCapable() {
return sshPubKeyCapable;
}
public void setSshPubKeyCapable(Boolean sshPubKeyCapable) {
this.sshPubKeyCapable = sshPubKeyCapable;
}
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.bean;
import java.io.Serializable;
import java.util.List;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ViewScoped;
import javax.faces.event.ComponentSystemEvent;
import javax.inject.Inject;
import edu.kit.scc.webreg.entity.RegistryEntity;
import edu.kit.scc.webreg.entity.RegistryStatus;
import edu.kit.scc.webreg.entity.ServiceEntity;
import edu.kit.scc.webreg.entity.SshPubKeyEntity;
import edu.kit.scc.webreg.entity.SshPubKeyRegistryEntity;
import edu.kit.scc.webreg.entity.SshPubKeyRegistryStatus;
import edu.kit.scc.webreg.entity.SshPubKeyStatus;
import edu.kit.scc.webreg.entity.SshPubKeyUsageType;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.exc.NotAuthorizedException;
import edu.kit.scc.webreg.sec.AuthorizationBean;
import edu.kit.scc.webreg.service.RegistryService;
import edu.kit.scc.webreg.service.ServiceService;
import edu.kit.scc.webreg.service.UserService;
import edu.kit.scc.webreg.service.reg.RegisterUserService;
import edu.kit.scc.webreg.service.reg.RegisterUserWorkflow;
import edu.kit.scc.webreg.service.ssh.SshPubKeyRegistryService;
import edu.kit.scc.webreg.service.ssh.SshPubKeyService;
import edu.kit.scc.webreg.session.SessionManager;
import edu.kit.scc.webreg.util.FacesMessageGenerator;
@ManagedBean
@ViewScoped
public class SetServiceSshPubKeyBean implements Serializable {
private static final long serialVersionUID = 1L;
private final String[] usageTypes = { "Interactive", "Command" };
@Inject
private RegistryService registryService;
@Inject
private ServiceService serviceService;
@Inject
private AuthorizationBean authBean;
@Inject
private SessionManager sessionManager;
@Inject
private UserService userService;
@Inject
private RegisterUserService registerUserService;
@Inject
private SshPubKeyService sshPubKeyService;
@Inject
private SshPubKeyRegistryService sshPubKeyRegistryService;
@Inject
private FacesMessageGenerator messageGenerator;
private RegistryEntity registryEntity;
private ServiceEntity serviceEntity;
private UserEntity userEntity;
private Long id;
private String serviceShortName;
private List<SshPubKeyRegistryEntity> sshPubKeyRegistryList;
private List<SshPubKeyEntity> sshPubKeyList;
private SshPubKeyEntity selectedKey;
private String selectedUsageType;
private String newCommand, newFrom, newComment;
private Boolean initialized = false;
public void preRenderView(ComponentSystemEvent ev) {
if (! initialized) {
userEntity = userService.findById(sessionManager.getUserId());
if (id != null) {
registryEntity = registryService.findById(id);
if (registryEntity == null)
throw new IllegalArgumentException("Service Registry not found");
serviceEntity = registryEntity.getService();
}
else if (serviceShortName != null) {
serviceEntity = serviceService.findByShortName(serviceShortName);
if (serviceEntity == null)
throw new IllegalArgumentException("Service not found");
registryEntity = registryService.findByServiceAndUserAndStatus(serviceEntity, userEntity, RegistryStatus.ACTIVE);
}
if (! registryEntity.getUser().getId().equals(userEntity.getId()))
throw new NotAuthorizedException("Not authorized to view this item");
if (! authBean.isUserInService(serviceEntity))
throw new IllegalArgumentException("Not authorized for this service");
sshPubKeyList = sshPubKeyService.findByUserAndStatus(userEntity.getId(), SshPubKeyStatus.ACTIVE);
sshPubKeyRegistryList = sshPubKeyRegistryService.findByUserAndService(userEntity.getId(), serviceEntity.getId());
initialized = true;
}
}
public String save() {
if (! (RegistryStatus.ACTIVE.equals(registryEntity.getRegistryStatus()) ||
RegistryStatus.LOST_ACCESS.equals(registryEntity.getRegistryStatus()))) {
messageGenerator.addResolvedErrorMessage("key_error", "error", "ssh_pub_key_cannot_be_set", true);
return null;
}
SshPubKeyRegistryEntity sshPubKeyRegistry = sshPubKeyRegistryService.createNew();
sshPubKeyRegistry.setRegistry(registryEntity);
sshPubKeyRegistry.setSshPubKey(selectedKey);
sshPubKeyRegistry.setComment(newComment);
if ("interactive".equalsIgnoreCase(selectedUsageType)) {
sshPubKeyRegistry.setUsageType(SshPubKeyUsageType.INTERACTIVE);
sshPubKeyRegistry.setKeyStatus(SshPubKeyRegistryStatus.ACTIVE);
}
else if ("command".equalsIgnoreCase(selectedUsageType)) {
sshPubKeyRegistry.setUsageType(SshPubKeyUsageType.COMMAND);
sshPubKeyRegistry.setCommand(newCommand);
sshPubKeyRegistry.setFrom(newFrom);
sshPubKeyRegistry.setKeyStatus(SshPubKeyRegistryStatus.PENDING);
}
else {
messageGenerator.addResolvedErrorMessage("key_error", "error", "ssh_pub_key_cannot_be_set", true);
return null;
}
sshPubKeyRegistry = sshPubKeyRegistryService.save(sshPubKeyRegistry);
sshPubKeyRegistryList.add(sshPubKeyRegistry);
return null;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public ServiceEntity getServiceEntity() {
return serviceEntity;
}
public String getServiceShortName() {
return serviceShortName;
}
public void setServiceShortName(String serviceShortName) {
this.serviceShortName = serviceShortName;
}
public List<SshPubKeyRegistryEntity> getSshPubKeyRegistryList() {
return sshPubKeyRegistryList;
}
public void setSshPubKeyRegistryList(List<SshPubKeyRegistryEntity> sshPubKeyRegistryList) {
this.sshPubKeyRegistryList = sshPubKeyRegistryList;
}
public List<SshPubKeyEntity> getSshPubKeyList() {
return sshPubKeyList;
}
public void setSshPubKeyList(List<SshPubKeyEntity> sshPubKeyList) {
this.sshPubKeyList = sshPubKeyList;
}
public String[] getUsageTypes() {
return usageTypes;
}
public String getSelectedUsageType() {
return selectedUsageType;
}
public void setSelectedUsageType(String selectedUsageType) {
this.selectedUsageType = selectedUsageType;
}
public SshPubKeyEntity getSelectedKey() {
return selectedKey;
}
public void setSelectedKey(SshPubKeyEntity selectedKey) {
this.selectedKey = selectedKey;
}
public String getNewCommand() {
return newCommand;
}
public void setNewCommand(String newCommand) {
this.newCommand = newCommand;
}
public String getNewFrom() {
return newFrom;
}
public void setNewFrom(String newFrom) {
this.newFrom = newFrom;
}
public String getNewComment() {
return newComment;
}
public void setNewComment(String newComment) {
this.newComment = newComment;
}
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.converter;
import javax.inject.Inject;
import javax.inject.Named;
import edu.kit.scc.webreg.entity.BaseEntity;
import edu.kit.scc.webreg.service.BaseService;
import edu.kit.scc.webreg.service.ssh.SshPubKeyService;
@Named("sshPubKeyConverter")
public class SshPubKeyConverter extends AbstractConverter {
private static final long serialVersionUID = 1L;
@Inject
private SshPubKeyService service;
@Override
protected BaseService<? extends BaseEntity<Long>, Long> getService() {
return service;
}
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.converter;
import javax.inject.Inject;
import javax.inject.Named;
import edu.kit.scc.webreg.entity.BaseEntity;
import edu.kit.scc.webreg.service.BaseService;
import edu.kit.scc.webreg.service.ssh.SshPubKeyRegistryService;
@Named("sshPubKeyRegistryConverter")
public class SshPubKeyRegistryConverter extends AbstractConverter {
private static final long serialVersionUID = 1L;
@Inject
private SshPubKeyRegistryService service;
@Override
protected BaseService<? extends BaseEntity<Long>, Long> getService() {
return service;
}
}
......@@ -315,6 +315,13 @@ public class AuthorizationBean implements Serializable {
return false;
}
public boolean isSshPubKeyCapable(ServiceEntity serviceEntity) {
if (serviceEntity.getSshPubKeyCapable() != null)
return serviceEntity.getSshPubKeyCapable();
else
return false;
}
public List<ServiceEntity> getUnregisteredServiceList() {
return sessionManager.getUnregisteredServiceList();
}
......
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:bw="http://www.scc.kit.edu/bwfacelets"
xmlns:p="http://primefaces.org/ui"
xmlns:of="http://omnifaces.org/functions">
<head>
<title></title>
</head>
<body>
<f:view>
<f:metadata>
<f:viewParam name="registryId" value="#{setServiceSshPubKeyBean.id}"/>
<f:viewParam name="ssn" value="#{setServiceSshPubKeyBean.serviceShortName}"/>
<f:event type="javax.faces.event.PreRenderViewEvent"
listener="#{setServiceSshPubKeyBean.preRenderView}" />
</f:metadata>
<ui:composition template="/template/default.xhtml">
<ui:param name="title" value="#{messages.title}"/>
<ui:define name="content">
<h:form id="form">
<div id="panelInline">
<p:panel header="#{messages.set_ssh_pub_key_for} #{setServiceSshPubKeyBean.serviceEntity.name}">
<div class="panel">
<h:outputText value="#{messages.service_ssh_pub_key_help}" escape="false" />
</div>
<p:messages id="messageBox" for="key_error" showDetail="true" />
<p:panelGrid id="baseData" columns="2">
</p:panelGrid>
<p:dataTable var="regKey" value="#{setServiceSshPubKeyBean.sshPubKeyRegistryList.toArray()}">
<p:column>
<f:facet name="header"><h:outputText value="#{messages.ssh_key_name}:"/></f:facet>
<h:outputText value="#{regKey.sshPubKey.name}"/>
</p:column>
</p:dataTable>
</p:panel>
<p:panel header="#{messages.set_ssh_pub_key}">
<p:dataTable var="key" value="#{setServiceSshPubKeyBean.sshPubKeyList.toArray()}">
<p:column>
<f:facet name="header"><h:outputText value="#{messages.ssh_key_name}:"/></f:facet>
<h:outputText value="#{key.name}"/>
</p:column>
<p:column>
<f:facet name="header"><h:outputText value="#{messages.expires}:"/></f:facet>
<h:outputText value="#{of:formatDate(key.expiresAt, 'dd.MM.yyyy HH:mm')}"/>
</p:column>
<p:column>
<p:commandLink oncomplete="PF('addKeyDlg').show();" update=":form:addKeyDlgId">
<h:panelGroup styleClass="ui-icon ui-icon-plus" />
<f:setPropertyActionListener value="#{key}" target="#{setServiceSshPubKeyBean.selectedKey}" />
</p:commandLink>
</p:column>
</p:dataTable>
<p:dialog header="#{messages.set_ssh_pub_key_for} #{setServiceSshPubKeyBean.serviceEntity.name}"
widgetVar="addKeyDlg" id="addKeyDlgId" modal="true">
<div class="panel">
<h:outputText value="#{messages.service_ssh_pub_key_help_modal}" />
</div>
<p:panelGrid columns="2">
<p:outputLabel for ="@next" value="#{messages.ssh_pub_key_selected}" />
<h:outputText value="#{setServiceSshPubKeyBean.selectedKey.name}" />
<p:outputLabel for="@next" value="#{messages.ssh_pub_key_usage_type}" />
<p:selectOneMenu value="#{setServiceSshPubKeyBean.selectedUsageType}">
<p:ajax update="sshUsageTypeId" />
<f:selectItems value="#{setServiceSshPubKeyBean.usageTypes}"
var="ut" itemLabel="#{ut}" itemValue="#{ut}" />
</p:selectOneMenu>
</p:panelGrid>
<p:panel id="sshUsageTypeId">
<h:panelGroup rendered="#{setServiceSshPubKeyBean.selectedUsageType == 'Interactive'}">
<div class="panel">
<h:outputText value="#{messages.ssh_pub_key_usage_interactive_help}" />
</div>
</h:panelGroup>
<h:panelGroup rendered="#{setServiceSshPubKeyBean.selectedUsageType == 'Command'}">
<div class="panel">
<h:outputText value="#{messages.ssh_pub_key_usage_command_help}" />
</div>
<p:panelGrid columns="2">
<p:outputLabel for="@next" value="#{messages.ssh_pub_key_command}" />
<p:inputText value="#{setServiceSshPubKeyBean.newCommand}" />
<p:outputLabel for="@next" value="#{messages.ssh_pub_key_from}" />
<p:inputText value="#{setServiceSshPubKeyBean.newFrom}" />
</p:panelGrid>
</h:panelGroup>
</p:panel>
<p:panelGrid columns="2">
<p:outputLabel for="@next" value="#{messages.ssh_pub_key_comment}" />
<p:inputTextarea rows="4" cols="30" value="#{setServiceSshPubKeyBean.newComment}" />
</p:panelGrid>
<h:panelGroup layout="block" style="text-align: right">
<p:commandButton value="#{messages.add}" action="#{setServiceSshPubKeyBean.save()}"
update="@form" oncomplete="PF('addKeyDlg').hide();" />
<p:commandButton value="#{messages.cancel}" oncomplete="PF('addKeyDlg').hide();" />
</h:panelGroup>
</p:dialog>
</p:panel>
</div>
</h:form>
</ui:define>
</ui:composition>
</f:view>
</body>
</html>
......@@ -64,6 +64,14 @@
</h:link>
</li>
</h:panelGroup>
<h:panelGroup rendered="#{registry.registryStatus == 'ACTIVE' and authorizationBean.isSshPubKeyCapable(registry.service)}">
<li>
<span class="ui-icon ui-icon-locked" style="display:inline-block; vertical-align: bottom;" />
<h:link outcome="/service/set-sshkey.xhtml" value="#{messages.set_ssh_pub_key}">
<f:param name="registryId" value="#{registry.id}" />
</h:link>
</li>
</h:panelGroup>
</ul>
</div>
</div>
......
......@@ -64,6 +64,14 @@
</h:link>
</li>
</h:panelGroup>
<h:panelGroup rendered="#{registry.registryStatus == 'ACTIVE' and authorizationBean.isSshPubKeyCapable(registry.service)}">
<li>
<span class="ui-icon ui-icon-locked" style="display:inline-block; vertical-align: bottom;" />
<h:link outcome="/service/set-sshkey.xhtml" value="#{messages.set_ssh_pub_key}">
<f:param name="registryId" value="#{registry.id}" />
</h:link>
</li>
</h:panelGroup>
</ul>
</div>
</div>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment