[Freeipa-devel] [PATCH] 264-265 Web UI:Certificate pages

Tue Mar 5 23:33:49 UTC 2013

On 2/22/2013 10:43 AM, Petr Vobornik wrote:
> Note: static json files for testing and such will be updated soon (there
> were several patch which changes API. I rather want to do one mass
> regeneration than several minor ones in a short period of time.
>
>
> 1) [PATCH] Web UI:Certificate pages
>
> Following pages were added to Web UI:
>   * certificated details
>   * certificate search
>
> Certificate is not regular object so it gets no metadata. Therefore
> artificial metadata were created for it to allow usage of search and
> details facet.
>
> Search and details facet were modified to allow removing of
> add/remove/update/reset buttons - certificates have no mod operation and
> they are not added by standard means.
>
> User can revoke and restore certificated in details facet.
>
> https://fedorahosted.org/freeipa/ticket/3419

I have some comments. Some of these can be postponed for future 
enhancements.

1. As previously discussed, the cert-find is only available with Dogtag 
CA, so the Certificates page should be disabled with self-signed CA. But 
if self-signed CA is dropped, then it's not necessary to disable the 
Certificates page. We may need to keep the ticket open until this is 
resolved one way or another.

2. Right now the fields in the cert details page are editable although 
there is no Update button. If you change the value an Undo button will 
appear. If you try to leave the page it will show the Unsaved Changes 
dialog. Since there's no cert-mod operation these fields should not be 
editable.

3. In the cert details page if you revoke the cert it will work but an 
error will appear below the revocation reason field saying 'Must be an 
integer'.

4. I think showing an empty revocation reason field on a valid cert is 
kind of weird. It might be better to create a Status section with two 
fields: status and revocation reason. If status is valid the revocation 
reason will be empty or hidden. If revoked then the reason will appear 
below the status.

5. In host/service details page the View link can be changed to go to 
the cert details page instead of showing a dialog box.

6. It would be better to organize the fields in the cert details page 
like the cert view dialog in host/service details page.

7. Certificate can be added/revoked/restored via certificate pages and 
host/service details pages. We need to make sure that if you do an 
operation on one page, the other pages won't show outdated information.

> 2) [PATCH] Web UI:Choose different search option for cert-find
>
> This extends certificate search page by search option select. Therefore
> the search is not restricted to 'subject'.
>
> It should be replaced by https://fedorahosted.org/freeipa/ticket/191 in
> a future.
>
> https://fedorahosted.org/freeipa/ticket/3419

8. The revocation reason takes an integer. Probably the search field 
should change into a drop down list showing all available reasons.

9. The date options take a certain format (YYYY-MM-DD), so we should 
show the format probably as greyed text in the search field.

10. The current design only allows specifying one option at a time. Some 
of these options are meant to be used as a pair because they represent a 
range (min & max serial number). How about creating an Advanced Search 
dialog that shows all search options in separate fields so they can be 
combined? The basic search field can remain simple like the search field 
in other entities and it will search the cert subject only.

11. The list of search options is a drop down list, but it's surrounded 
by a rounded box like the text field next to it. This might be just a 
personal preference but I'm not sure if it's an appropriate look for a 
drop down list.

-- 
Endi S. Dewata