Task #3208
closedAdd possibility to download PKCS12 of other user
100%
Description
We need functionality where an application (with access to IdM REST API) needs to download PKCS12 that belong to ordinary users.
- Other user (application) must be able to see PKCS12 bags and status of certificates in them (valid, revoked, ...) to choose the bag for download.
- This feature must be guarded by separate privilege in the IdM.
- PKCS12 still remains encrypted with user-supplied password, that does not change.
If you need more details, let me know.
Updated by Roman Kučera over 1 year ago
- Sprint set to Sprint 12.3-8 (Nov 09 - Nov 23)
Updated by Roman Kučera over 1 year ago
- Status changed from New to In Progress
- % Done changed from 0 to 60
Implemented in branch https://git.bcvsolutions.eu/modules/crt/-/commits/kucerar/3208-permission-to-download-key
logic + tests
TODO localization
Updated by Roman Kučera over 1 year ago
- % Done changed from 60 to 80
Localization added
New behavior for downloading key is:- You are owner of the crt, you can download - you need this new permission to
- You have permission DOWNLOADKEY for certificate and authority which created that certificate.
Updated by Roman Kučera over 1 year ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Roman Kučera to Tomáš Doischer
Can you please make a review?
Updated by Tomáš Doischer over 1 year ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Tomáš Doischer to Roman Kučera
LGTM, but there is a bug in the frontend where a request cannot be sent (not caused by you). Can you please look at it?
Updated by Roman Kučera over 1 year ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Roman Kučera to Tomáš Doischer
The issue should be fixed, request for driver without eav is working.
I don't have driver with EAV so I can't test if this works to.
Updated by Tomáš Doischer over 1 year ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Tomáš Doischer to Roman Kučera
- % Done changed from 80 to 90
Thank you for the fix. :) I don't have that driver either but I don't think this change can break anything.
LGTM, merged to develop. Before I close it, can you add a few lines to the documentation, please? This setting is not entirely obvious. After that, you can close the ticket.
Updated by Roman Kučera over 1 year ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Roman Kučera to Tomáš Doischer
Documentation edited https://wiki.czechidm.com/tutorial/adm/modules_crt#generate_certificate_in_gui
There is section about downloading key.
Updated by Tomáš Doischer over 1 year ago
- Status changed from Needs feedback to Resolved
- Assignee changed from Tomáš Doischer to Roman Kučera
- % Done changed from 90 to 100
Thanks, LGTM.
Updated by Peter Štrunc about 1 year ago
- Status changed from Resolved to In Progress
- Target version set to 3.0.3
Updated by Peter Štrunc about 1 year ago
- Status changed from In Progress to Closed