From 09a67718abfa6fdc17c99ffc6840c30780775526 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Tue, 29 Mar 2016 15:43:34 +0300 Subject: [PATCH] Expose certificate and CRL lifetime via session API call --- certidude/api/__init__.py | 4 ++++ certidude/static/js/templates.js | 6 +++++- certidude/static/views/authority.html | 7 +++++++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/certidude/api/__init__.py b/certidude/api/__init__.py index 923ca65..52a5f71 100644 --- a/certidude/api/__init__.py +++ b/certidude/api/__init__.py @@ -67,6 +67,10 @@ class SessionResource(object): autosign_subnets = config.AUTOSIGN_SUBNETS, request_subnets = config.REQUEST_SUBNETS, admin_subnets=config.ADMIN_SUBNETS, + signature = dict( + certificate_lifetime=config.CERTIFICATE_LIFETIME, + revocation_list_lifetime=config.REVOCATION_LIST_LIFETIME + ) ) if req.context.get("user").is_admin() else None, features=dict( tagging=config.TAGGING_BACKEND, diff --git a/certidude/static/js/templates.js b/certidude/static/js/templates.js index 918cdfe..b92d034 100644 --- a/certidude/static/js/templates.js +++ b/certidude/static/js/templates.js @@ -484,7 +484,11 @@ else { output += "\n E-mail disabled\n"; ; } -output += "

\n\n

Authenticated users allowed from:\n\n"; +output += "

\n\n

Web signed certificate attributes:

\n\n\n\n

Authenticated users allowed from:\n\n"; if(runtime.inOperator("0.0.0.0/0",runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"user_subnets"))) { output += "\n anywhere\n

\n"; ; diff --git a/certidude/static/views/authority.html b/certidude/static/views/authority.html index 05bb553..28a30bd 100644 --- a/certidude/static/views/authority.html +++ b/certidude/static/views/authority.html @@ -29,6 +29,13 @@ as such require complete reset of X509 infrastructure if some of them needs to b E-mail disabled {% endif %}

+

Web signed certificate attributes:

+ + +

Authenticated users allowed from: {% if "0.0.0.0/0" in session.authority.user_subnets %}