Search in sources :

Example 11 with ISMPEndpoint

use of com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint in project phoss-smp by phax.

the class PageSecureEndpointChangeCertificate method fillContent.

@Override
protected void fillContent(@Nonnull final WebPageExecutionContext aWPEC) {
    final Locale aDisplayLocale = aWPEC.getDisplayLocale();
    final HCNodeList aNodeList = aWPEC.getNodeList();
    final ISMPServiceInformationManager aServiceInfoMgr = SMPMetaManager.getServiceInformationMgr();
    boolean bShowList = true;
    final ICommonsMap<String, ICommonsList<ISMPEndpoint>> aEndpointsGroupedPerURL = new CommonsHashMap<>();
    final ICommonsMap<String, ICommonsSet<ISMPServiceGroup>> aServiceGroupsGroupedPerURL = new CommonsHashMap<>();
    final ICommonsList<ISMPServiceInformation> aAllSIs = aServiceInfoMgr.getAllSMPServiceInformation();
    int nTotalEndpointCount = 0;
    for (final ISMPServiceInformation aSI : aAllSIs) {
        final ISMPServiceGroup aSG = aSI.getServiceGroup();
        for (final ISMPProcess aProcess : aSI.getAllProcesses()) for (final ISMPEndpoint aEndpoint : aProcess.getAllEndpoints()) {
            final String sUnifiedCertificate = _getUnifiedCert(aEndpoint.getCertificate());
            aEndpointsGroupedPerURL.computeIfAbsent(sUnifiedCertificate, k -> new CommonsArrayList<>()).add(aEndpoint);
            aServiceGroupsGroupedPerURL.computeIfAbsent(sUnifiedCertificate, k -> new CommonsHashSet<>()).add(aSG);
            ++nTotalEndpointCount;
        }
    }
    {
        final BootstrapButtonToolbar aToolbar = new BootstrapButtonToolbar(aWPEC);
        aToolbar.addButton("Refresh", aWPEC.getSelfHref(), EDefaultIcon.REFRESH);
        aNodeList.addChild(aToolbar);
        final int nCount = BulkChangeCertificate.getRunningJobCount();
        if (nCount > 0) {
            aNodeList.addChild(warn((nCount == 1 ? "1 bulk change is" : nCount + " bulk changes are") + " currently running in the background"));
        }
    }
    if (aWPEC.hasAction(CPageParam.ACTION_EDIT)) {
        bShowList = false;
        final FormErrorList aFormErrors = new FormErrorList();
        final String sOldUnifiedCert = _getUnifiedCert(aWPEC.params().getAsString(FIELD_OLD_CERTIFICATE));
        if (aWPEC.hasSubAction(CPageParam.ACTION_SAVE)) {
            final String sNewCert = aWPEC.params().getAsString(FIELD_NEW_CERTIFICATE);
            final String sNewUnifiedCert = _getUnifiedCert(sNewCert);
            if (StringHelper.hasNoText(sOldUnifiedCert))
                aFormErrors.addFieldInfo(FIELD_OLD_CERTIFICATE, "An old certificate must be provided");
            else {
                final String sErrorDetails = _getCertificateParsingError(sOldUnifiedCert);
                if (sErrorDetails != null)
                    aFormErrors.addFieldInfo(FIELD_OLD_CERTIFICATE, "The old certificate is invalid: " + sErrorDetails);
            }
            if (StringHelper.hasNoText(sNewUnifiedCert))
                aFormErrors.addFieldError(FIELD_NEW_CERTIFICATE, "A new certificate must be provided");
            else {
                final String sErrorDetails = _getCertificateParsingError(sNewUnifiedCert);
                if (sErrorDetails != null)
                    aFormErrors.addFieldError(FIELD_NEW_CERTIFICATE, "The new certificate is invalid: " + sErrorDetails);
                else if (sNewUnifiedCert.equals(sOldUnifiedCert))
                    aFormErrors.addFieldError(FIELD_NEW_CERTIFICATE, "The new certificate is identical to the old certificate");
            }
            // Validate parameters
            if (aFormErrors.containsNoError()) {
                PhotonWorkerPool.getInstance().run("BulkChangeCertificate", new BulkChangeCertificate(aAllSIs, aDisplayLocale, sOldUnifiedCert, sNewCert));
                aWPEC.postRedirectGetInternal(success().addChildren(div("The bulk change of the endpoint certificate to"), _getCertificateDisplay(sNewUnifiedCert, aDisplayLocale), div("is now running in the background. Please manually refresh the page to see the update.")));
            }
        }
        final ICommonsSet<ISMPServiceGroup> aServiceGroups = aServiceGroupsGroupedPerURL.get(sOldUnifiedCert);
        final int nSGCount = CollectionHelper.getSize(aServiceGroups);
        final int nEPCount = CollectionHelper.getSize(aEndpointsGroupedPerURL.get(sOldUnifiedCert));
        aNodeList.addChild(info("The selected old certificate is currently used in " + nEPCount + " " + (nEPCount == 1 ? "endpoint" : "endpoints") + " of " + nSGCount + " " + (nSGCount == 1 ? "service group" : "service groups") + "."));
        // Show edit screen
        final BootstrapForm aForm = aNodeList.addAndReturnChild(getUIHandler().createFormSelf(aWPEC));
        aForm.addChild(new HCHiddenField(CPageParam.PARAM_ACTION, CPageParam.ACTION_EDIT));
        aForm.addChild(new HCHiddenField(CPageParam.PARAM_SUBACTION, CPageParam.ACTION_SAVE));
        aForm.addChild(new HCHiddenField(FIELD_OLD_CERTIFICATE, sOldUnifiedCert));
        aForm.addFormGroup(new BootstrapFormGroup().setLabel("Old certificate").setCtrl(_getCertificateDisplay(sOldUnifiedCert, aDisplayLocale)).setHelpText("The old certificate that is to be changed in all matching endpoints").setErrorList(aFormErrors.getListOfField(FIELD_OLD_CERTIFICATE)));
        aForm.addFormGroup(new BootstrapFormGroup().setLabelMandatory("New certificate").setCtrl(new HCTextArea(new RequestField(FIELD_NEW_CERTIFICATE, sOldUnifiedCert)).setRows(10)).setHelpText("The new certificate that is used instead").setErrorList(aFormErrors.getListOfField(FIELD_NEW_CERTIFICATE)));
        final BootstrapButtonToolbar aToolbar = aForm.addAndReturnChild(getUIHandler().createToolbar(aWPEC));
        aToolbar.addSubmitButton("Save changes", EDefaultIcon.SAVE);
        aToolbar.addButtonCancel(aDisplayLocale);
    }
    if (bShowList) {
        aNodeList.addChild(info().addChildren(div("This page lets you change the certificates of multiple endpoints at once. This is e.g. helpful when the old certificate expired."), div("Currently " + (nTotalEndpointCount == 1 ? "1 endpoint is" : nTotalEndpointCount + " endpoints are") + " registered.")));
        final HCTable aTable = new HCTable(new DTCol("Certificate").setInitialSorting(ESortOrder.ASCENDING), new DTCol("Service Group Count").setDisplayType(EDTColType.INT, aDisplayLocale), new DTCol("Endpoint Count").setDisplayType(EDTColType.INT, aDisplayLocale), new BootstrapDTColAction(aDisplayLocale)).setID(getID());
        aEndpointsGroupedPerURL.forEach((sCert, aEndpoints) -> {
            final HCRow aRow = aTable.addBodyRow();
            aRow.addCell(_getCertificateDisplay(sCert, aDisplayLocale));
            final int nSGCount = CollectionHelper.getSize(aServiceGroupsGroupedPerURL.get(sCert));
            aRow.addCell(Integer.toString(nSGCount));
            aRow.addCell(Integer.toString(aEndpoints.size()));
            final ISimpleURL aEditURL = aWPEC.getSelfHref().add(CPageParam.PARAM_ACTION, CPageParam.ACTION_EDIT).add(FIELD_OLD_CERTIFICATE, sCert);
            aRow.addCell(new HCA(aEditURL).setTitle("Change all endpoints using this certificate").addChild(EDefaultIcon.EDIT.getAsNode()));
        });
        final DataTables aDataTables = BootstrapDataTables.createDefaultDataTables(aWPEC, aTable);
        aNodeList.addChild(aTable).addChild(aDataTables);
    }
}
Also used : Locale(java.util.Locale) ICommonsList(com.helger.commons.collection.impl.ICommonsList) HCNodeList(com.helger.html.hc.impl.HCNodeList) FormErrorList(com.helger.photon.core.form.FormErrorList) HCRow(com.helger.html.hc.html.tabular.HCRow) PDTToString(com.helger.commons.datetime.PDTToString) CommonsHashMap(com.helger.commons.collection.impl.CommonsHashMap) ISimpleURL(com.helger.commons.url.ISimpleURL) BootstrapDTColAction(com.helger.photon.bootstrap4.uictrls.datatables.BootstrapDTColAction) BootstrapButtonToolbar(com.helger.photon.bootstrap4.buttongroup.BootstrapButtonToolbar) ISMPProcess(com.helger.phoss.smp.domain.serviceinfo.ISMPProcess) BootstrapDataTables(com.helger.photon.bootstrap4.uictrls.datatables.BootstrapDataTables) DataTables(com.helger.photon.uictrls.datatables.DataTables) RequestField(com.helger.photon.core.form.RequestField) ISMPServiceInformationManager(com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformationManager) HCHiddenField(com.helger.html.hc.html.forms.HCHiddenField) HCTextArea(com.helger.html.hc.html.forms.HCTextArea) ISMPServiceGroup(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup) HCA(com.helger.html.hc.html.textlevel.HCA) ISMPEndpoint(com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint) ISMPServiceInformation(com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformation) ISMPEndpoint(com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint) SMPEndpoint(com.helger.phoss.smp.domain.serviceinfo.SMPEndpoint) BootstrapForm(com.helger.photon.bootstrap4.form.BootstrapForm) HCTable(com.helger.html.hc.html.tabular.HCTable) ICommonsSet(com.helger.commons.collection.impl.ICommonsSet) DTCol(com.helger.photon.uictrls.datatables.column.DTCol) BootstrapFormGroup(com.helger.photon.bootstrap4.form.BootstrapFormGroup)

Example 12 with ISMPEndpoint

use of com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint in project phoss-smp by phax.

the class PageSecureTasksProblems method fillContent.

@Override
protected void fillContent(@Nonnull final WebPageExecutionContext aWPEC) {
    final HCNodeList aNodeList = aWPEC.getNodeList();
    final Locale aDisplayLocale = aWPEC.getDisplayLocale();
    final ISMPServiceGroupManager aServiceGroupMgr = SMPMetaManager.getServiceGroupMgr();
    final ISMPServiceInformationManager aServiceInfoMgr = SMPMetaManager.getServiceInformationMgr();
    final OffsetDateTime aNowDT = PDTFactory.getCurrentOffsetDateTime();
    final OffsetDateTime aNowPlusDT = aNowDT.plusMonths(3);
    aNodeList.addChild(info("This page tries to identify upcoming tasks and potential problems in the SMP configuration. It is meant to highlight immediate and upcoming action items as well as potential misconfiguration."));
    final HCOL aOL = new HCOL();
    // Check for default password
    if (PhotonSecurityManager.getUserMgr().areUserIDAndPasswordValid(CSecurity.USER_ADMINISTRATOR_ID, CSecurity.USER_ADMINISTRATOR_PASSWORD)) {
        aOL.addItem(_createError("Please change the password of the default user " + CSecurity.USER_ADMINISTRATOR_EMAIL + "!"), div("This is a severe security risk"));
    }
    _checkSettings(aOL);
    // check keystore configuration
    _checkKeyStore(aWPEC, aOL, aNowDT, aNowPlusDT);
    // Check truststore configuration
    _checkTrustStore(aWPEC, aOL, aNowDT, aNowPlusDT);
    // Check SML configuration
    _checkSMLConfiguration(aOL);
    // Check Directory configuration
    _checkDirectoryConfig(aWPEC, aOL, aNowDT, aNowPlusDT);
    // check service groups and redirects
    {
        final ICommonsList<ISMPServiceGroup> aServiceGroups = aServiceGroupMgr.getAllSMPServiceGroups();
        if (aServiceGroups.isEmpty()) {
            aOL.addItem(_createWarning("No service group is configured. This SMP is currently empty."));
        } else {
            // For all service groups
            for (final ISMPServiceGroup aServiceGroup : CollectionHelper.getSorted(aServiceGroups, ISMPServiceGroup.comparator())) {
                final HCUL aULPerSG = new HCUL();
                final ICommonsList<ISMPServiceInformation> aServiceInfos = aServiceInfoMgr.getAllSMPServiceInformationOfServiceGroup(aServiceGroup);
                if (aServiceInfos.isEmpty()) {
                    // This is merely a warning or an error
                    aULPerSG.addItem(_createInfo("No endpoint is configured for this service group."));
                } else {
                    for (final ISMPServiceInformation aServiceInfo : aServiceInfos) {
                        final HCUL aULPerDocType = new HCUL();
                        final ICommonsList<ISMPProcess> aProcesses = aServiceInfo.getAllProcesses();
                        for (final ISMPProcess aProcess : aProcesses) {
                            final HCUL aULPerProcess = new HCUL();
                            final ICommonsList<ISMPEndpoint> aEndpoints = aProcess.getAllEndpoints();
                            for (final ISMPEndpoint aEndpoint : aEndpoints) {
                                final HCUL aULPerEndpoint = new HCUL();
                                final ESMPTransportProfile eTransportProfile = ESMPTransportProfile.getFromIDOrNull(aEndpoint.getTransportProfile());
                                if (eTransportProfile == null)
                                    aULPerEndpoint.addItem(_createWarning("The endpoint uses the non-standard transport profile '" + aEndpoint.getTransportProfile() + "'."));
                                if (aEndpoint.getServiceActivationDateTime() != null) {
                                    if (aEndpoint.getServiceActivationDateTime().isAfter(XMLOffsetDateTime.of(aNowDT)))
                                        aULPerEndpoint.addItem(_createWarning("The endpoint is not yet active."), div("It will be active from " + PDTToString.getAsString(aEndpoint.getServiceActivationDateTime(), aDisplayLocale) + "."));
                                }
                                if (aEndpoint.getServiceExpirationDateTime() != null) {
                                    if (aEndpoint.getServiceExpirationDateTime().isBefore(XMLOffsetDateTime.of(aNowDT)))
                                        aULPerEndpoint.addItem(_createError("The endpoint is no longer active."), div("It was valid until " + PDTToString.getAsString(aEndpoint.getServiceExpirationDateTime(), aDisplayLocale) + "."));
                                    else if (aEndpoint.getServiceExpirationDateTime().isBefore(XMLOffsetDateTime.of(aNowPlusDT)))
                                        aULPerEndpoint.addItem(_createWarning("The endpoint will be inactive soon."), div("It is only valid until " + PDTToString.getAsString(aEndpoint.getServiceExpirationDateTime(), aDisplayLocale) + "."));
                                }
                                X509Certificate aX509Cert = null;
                                try {
                                    aX509Cert = CertificateHelper.convertStringToCertficate(aEndpoint.getCertificate());
                                } catch (final CertificateException ex) {
                                // Ignore
                                }
                                if (aX509Cert == null)
                                    aULPerEndpoint.addItem(_createError("The X.509 certificate configured at the endpoint is invalid and could not be interpreted as a certificate."));
                                else {
                                    final OffsetDateTime aNotBefore = PDTFactory.createOffsetDateTime(aX509Cert.getNotBefore());
                                    if (aNowDT.isBefore(aNotBefore))
                                        aULPerEndpoint.addItem(_createError("The endpoint certificate is not yet active."), div("It will be valid from " + PDTToString.getAsString(aNotBefore, aDisplayLocale) + "."));
                                    final OffsetDateTime aNotAfter = PDTFactory.createOffsetDateTime(aX509Cert.getNotAfter());
                                    if (aNowDT.isAfter(aNotAfter))
                                        aULPerEndpoint.addItem(_createError("The endpoint certificate is already expired."), div("It was valid until " + PDTToString.getAsString(aNotAfter, aDisplayLocale) + "."));
                                    else if (aNowPlusDT.isAfter(aNotAfter))
                                        aULPerEndpoint.addItem(_createWarning("The endpoint certificate will expire soon."), div("It is only valid until " + PDTToString.getAsString(aNotAfter, aDisplayLocale) + "."));
                                }
                                // Show per endpoint errors
                                if (aULPerEndpoint.hasChildren())
                                    aULPerProcess.addItem(div("Transport profile ").addChild(code(aEndpoint.getTransportProfile())), aULPerEndpoint);
                            }
                            // Show per process errors
                            if (aULPerProcess.hasChildren())
                                aULPerDocType.addItem(div("Process ").addChild(code(aProcess.getProcessIdentifier().getURIEncoded()).addClass(CUICoreCSS.CSS_CLASS_NOWRAP)), aULPerProcess);
                        }
                        // Show per document type errors
                        if (aULPerDocType.hasChildren())
                            aULPerSG.addItem(div("Document type ").addChild(code(aServiceInfo.getDocumentTypeIdentifier().getURIEncoded()).addClass(CUICoreCSS.CSS_CLASS_NOWRAP)), aULPerDocType);
                    }
                }
                // Show per service group errors
                if (aULPerSG.hasChildren())
                    aOL.addItem(div("Service group ").addChild(code(aServiceGroup.getParticipantIdentifier().getURIEncoded())), aULPerSG);
            }
        }
    }
    // Show results
    if (aOL.hasChildren()) {
        aNodeList.addChild(warn("The following list of tasks and problems were identified:"));
        aNodeList.addChild(aOL);
    } else
        aNodeList.addChild(success("Great job, no tasks or problems identified!"));
}
Also used : Locale(java.util.Locale) ISMPServiceGroupManager(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroupManager) ICommonsList(com.helger.commons.collection.impl.ICommonsList) HCNodeList(com.helger.html.hc.impl.HCNodeList) ISMPServiceInformationManager(com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformationManager) ISMPServiceGroup(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup) ESMPTransportProfile(com.helger.peppol.smp.ESMPTransportProfile) CertificateException(java.security.cert.CertificateException) ISMPEndpoint(com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint) ISMPServiceInformation(com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformation) X509Certificate(java.security.cert.X509Certificate) HCUL(com.helger.html.hc.html.grouping.HCUL) XMLOffsetDateTime(com.helger.commons.datetime.XMLOffsetDateTime) OffsetDateTime(java.time.OffsetDateTime) HCOL(com.helger.html.hc.html.grouping.HCOL) ISMPProcess(com.helger.phoss.smp.domain.serviceinfo.ISMPProcess)

Aggregations

ISMPEndpoint (com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint)12 ISMPProcess (com.helger.phoss.smp.domain.serviceinfo.ISMPProcess)12 Locale (java.util.Locale)8 ISMPServiceInformation (com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformation)7 HCNodeList (com.helger.html.hc.impl.HCNodeList)6 ISMPServiceGroup (com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup)6 ISMPServiceInformationManager (com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformationManager)6 HCA (com.helger.html.hc.html.textlevel.HCA)5 IDocumentTypeIdentifier (com.helger.peppolid.IDocumentTypeIdentifier)5 BootstrapButtonToolbar (com.helger.photon.bootstrap4.buttongroup.BootstrapButtonToolbar)5 ICommonsList (com.helger.commons.collection.impl.ICommonsList)4 ISimpleURL (com.helger.commons.url.ISimpleURL)4 HCRow (com.helger.html.hc.html.tabular.HCRow)4 IParticipantIdentifier (com.helger.peppolid.IParticipantIdentifier)4 IProcessIdentifier (com.helger.peppolid.IProcessIdentifier)4 IIdentifierFactory (com.helger.peppolid.factory.IIdentifierFactory)4 ISMPServiceGroupManager (com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroupManager)4 BootstrapFormGroup (com.helger.photon.bootstrap4.form.BootstrapFormGroup)4 CommonsHashMap (com.helger.commons.collection.impl.CommonsHashMap)3 PDTToString (com.helger.commons.datetime.PDTToString)3