From b440616c23b61166ae6d87839a70eec31bdca235 Mon Sep 17 00:00:00 2001
From: Sandeepa Singh <sandeepa.singh@ibm.com>
Date: Mon, 26 Jul 2021 15:05:39 +0530
Subject: IA update: Update access and control section

This is the fifth commit of the information architecture changes and
has the following changes:

- The icon for access and control has been updated
- Access and control section has been updated to security and
access section
- Security settings page has been updated to policies page and moved to
security and access section
- Client sessions page has been updated to sessions page
- Local user management page has been updated to user management page
- SSL certificates page has been updated to certificates page

Signed-off-by: Sandeepa Singh <sandeepa.singh@ibm.com>
Change-Id: Ie93cee9002742ecf7d33615636f4f159f4395fc4
---
 .../modules/SecurityAndAccess/CertificatesStore.js | 202 +++++++++++++++++++++
 1 file changed, 202 insertions(+)
 create mode 100644 src/store/modules/SecurityAndAccess/CertificatesStore.js

(limited to 'src/store/modules/SecurityAndAccess/CertificatesStore.js')

diff --git a/src/store/modules/SecurityAndAccess/CertificatesStore.js b/src/store/modules/SecurityAndAccess/CertificatesStore.js
new file mode 100644
index 00000000..97241f34
--- /dev/null
+++ b/src/store/modules/SecurityAndAccess/CertificatesStore.js
@@ -0,0 +1,202 @@
+import api from '@/store/api';
+import i18n from '@/i18n';
+
+export const CERTIFICATE_TYPES = [
+  {
+    type: 'HTTPS Certificate',
+    location: '/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/',
+    label: i18n.t('pageCertificates.httpsCertificate'),
+  },
+  {
+    type: 'LDAP Certificate',
+    location: '/redfish/v1/AccountService/LDAP/Certificates/',
+    label: i18n.t('pageCertificates.ldapCertificate'),
+  },
+  {
+    type: 'TrustStore Certificate',
+    location: '/redfish/v1/Managers/bmc/Truststore/Certificates/',
+    // Web UI will show 'CA Certificate' instead of
+    // 'TrustStore Certificate' after user testing revealed
+    // the term 'TrustStore Certificate' wasn't recognized/was unfamilar
+    label: i18n.t('pageCertificates.caCertificate'),
+  },
+];
+
+const getCertificateProp = (type, prop) => {
+  const certificate = CERTIFICATE_TYPES.find(
+    (certificate) => certificate.type === type
+  );
+  return certificate ? certificate[prop] : null;
+};
+
+const CertificatesStore = {
+  namespaced: true,
+  state: {
+    allCertificates: [],
+    availableUploadTypes: [],
+  },
+  getters: {
+    allCertificates: (state) => state.allCertificates,
+    availableUploadTypes: (state) => state.availableUploadTypes,
+  },
+  mutations: {
+    setCertificates(state, certificates) {
+      state.allCertificates = certificates;
+    },
+    setAvailableUploadTypes(state, availableUploadTypes) {
+      state.availableUploadTypes = availableUploadTypes;
+    },
+  },
+  actions: {
+    async getCertificates({ commit }) {
+      return await api
+        .get('/redfish/v1/CertificateService/CertificateLocations')
+        .then(({ data: { Links: { Certificates } } }) =>
+          Certificates.map((certificate) => certificate['@odata.id'])
+        )
+        .then((certificateLocations) => {
+          const promises = certificateLocations.map((location) =>
+            api.get(location)
+          );
+          api.all(promises).then(
+            api.spread((...responses) => {
+              const certificates = responses.map(({ data }) => {
+                const {
+                  Name,
+                  ValidNotAfter,
+                  ValidNotBefore,
+                  Issuer = {},
+                  Subject = {},
+                } = data;
+                return {
+                  type: Name,
+                  location: data['@odata.id'],
+                  certificate: getCertificateProp(Name, 'label'),
+                  issuedBy: Issuer.CommonName,
+                  issuedTo: Subject.CommonName,
+                  validFrom: new Date(ValidNotBefore),
+                  validUntil: new Date(ValidNotAfter),
+                };
+              });
+              const availableUploadTypes = CERTIFICATE_TYPES.filter(
+                ({ type }) =>
+                  !certificates
+                    .map((certificate) => certificate.type)
+                    .includes(type)
+              );
+
+              commit('setCertificates', certificates);
+              commit('setAvailableUploadTypes', availableUploadTypes);
+            })
+          );
+        });
+    },
+    async addNewCertificate({ dispatch }, { file, type }) {
+      return await api
+        .post(getCertificateProp(type, 'location'), file, {
+          headers: { 'Content-Type': 'application/x-pem-file' },
+        })
+        .then(() => dispatch('getCertificates'))
+        .then(() =>
+          i18n.t('pageCertificates.toast.successAddCertificate', {
+            certificate: getCertificateProp(type, 'label'),
+          })
+        )
+        .catch((error) => {
+          console.log(error);
+          throw new Error(i18n.t('pageCertificates.toast.errorAddCertificate'));
+        });
+    },
+    async replaceCertificate(
+      { dispatch },
+      { certificateString, location, type }
+    ) {
+      const data = {};
+      data.CertificateString = certificateString;
+      data.CertificateType = 'PEM';
+      data.CertificateUri = { '@odata.id': location };
+
+      return await api
+        .post(
+          '/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate',
+          data
+        )
+        .then(() => dispatch('getCertificates'))
+        .then(() =>
+          i18n.t('pageCertificates.toast.successReplaceCertificate', {
+            certificate: getCertificateProp(type, 'label'),
+          })
+        )
+        .catch((error) => {
+          console.log(error);
+          throw new Error(
+            i18n.t('pageCertificates.toast.errorReplaceCertificate')
+          );
+        });
+    },
+    async deleteCertificate({ dispatch }, { type, location }) {
+      return await api
+        .delete(location)
+        .then(() => dispatch('getCertificates'))
+        .then(() =>
+          i18n.t('pageCertificates.toast.successDeleteCertificate', {
+            certificate: getCertificateProp(type, 'label'),
+          })
+        )
+        .catch((error) => {
+          console.log(error);
+          throw new Error(
+            i18n.t('pageCertificates.toast.errorDeleteCertificate')
+          );
+        });
+    },
+    async generateCsr(_, userData) {
+      const {
+        certificateType,
+        country,
+        state,
+        city,
+        companyName,
+        companyUnit,
+        commonName,
+        keyPairAlgorithm,
+        keyBitLength,
+        keyCurveId,
+        challengePassword,
+        contactPerson,
+        emailAddress,
+        alternateName,
+      } = userData;
+      const data = {};
+
+      data.CertificateCollection = {
+        '@odata.id': getCertificateProp(certificateType, 'location'),
+      };
+      data.Country = country;
+      data.State = state;
+      data.City = city;
+      data.Organization = companyName;
+      data.OrganizationalUnit = companyUnit;
+      data.CommonName = commonName;
+      data.KeyPairAlgorithm = keyPairAlgorithm;
+      data.AlternativeNames = alternateName;
+
+      if (keyCurveId) data.KeyCurveId = keyCurveId;
+      if (keyBitLength) data.KeyBitLength = keyBitLength;
+      if (challengePassword) data.ChallengePassword = challengePassword;
+      if (contactPerson) data.ContactPerson = contactPerson;
+      if (emailAddress) data.Email = emailAddress;
+
+      return await api
+        .post(
+          '/redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR',
+          data
+        )
+        //TODO: Success response also throws error so
+        // can't accurately show legitimate error in UI
+        .catch((error) => console.log(error));
+    },
+  },
+};
+
+export default CertificatesStore;
-- 
cgit v1.2.3