mirror of
https://github.com/google/nomulus.git
synced 2025-05-09 16:28:21 +02:00
4de8d3eae1
Output should be identical in either syntax, and migration will bring css and xid into consistency with other soy functions, plus it'll allow us to simplify the soy parser. LSC: https://docs.google.com/document/d/1evNu02pVXGm1QIcN0dTmNi-GnhbCKOWdrZwBJmcNaU0/edit# Tested: TAP --sample for global presubmit queue [] ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=164887843
184 lines
8 KiB
Text
184 lines
8 KiB
Text
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
{namespace registry.soy.registrar.security autoescape="strict"}
|
|
|
|
|
|
/** Registrar security settings page for view and edit. */
|
|
{template .settings}
|
|
{@param ipAddressWhitelist: list<string>}
|
|
{@param phonePasscode: string}
|
|
{@param? clientCertificate: string}
|
|
{@param? clientCertificateHash: string}
|
|
{@param? failoverClientCertificate: string}
|
|
{@param readonly: bool}
|
|
<form name="item" class="{css('item')} {css('registrar')}">
|
|
<h1>Security settings</h1>
|
|
{if $readonly}
|
|
<p>Use the 'Edit' button above to switch to enable editing the information below.
|
|
{/if}
|
|
<table>
|
|
<tr class="{css('kd-settings-pane-section')}">
|
|
<td>
|
|
<label class="{css('setting-label')}">Web console access</label>
|
|
<td class="{css('setting')}">
|
|
<p>Your web console account is managed through
|
|
<a href="https://www.google.com/accounts"
|
|
target="_blank" rel="noopener">Google account settings</a>.
|
|
|
|
<tr class="{css('kd-settings-pane-section')}">
|
|
<td>
|
|
<label class="{css('setting-label')}">IP whitelist</label>
|
|
<span class="{css('description')}">Restrict access to EPP
|
|
production servers to the following IP/IPv6 addresses, or
|
|
ranges like 1.1.1.1/24</span>
|
|
</td>
|
|
<td class="{css('setting')}">
|
|
<div class="{css('info')} {css('summary')}">
|
|
<div id="ips">
|
|
{foreach $ip in $ipAddressWhitelist}
|
|
{call .ip}
|
|
{param name: 'ipAddressWhitelist[' + index($ip) + ']' /}
|
|
{param ip: $ip /}
|
|
{/call}
|
|
{/foreach}
|
|
</div>
|
|
<div class="{css('hidden')}">
|
|
<input id="newIp" value="" placeholder="Enter IP address..."/>
|
|
<button id="btn-add-ip" type="button"
|
|
class="{css('kd-button')} {css('btn-add')}">Add</button>
|
|
</div>
|
|
</div>
|
|
</td>
|
|
|
|
<tr class="{css('kd-settings-pane-section')}">
|
|
<td>
|
|
<label class="{css('setting-label')}">Telephone passcode</label>
|
|
<span class="{css('description')}">Use this for support calls to the Registry.</span>
|
|
</td>
|
|
<td class="{css('setting')}">
|
|
<div id="domain-registrar-phone-passcode">
|
|
{if isNonnull($phonePasscode)}
|
|
<input id="phonePasscode"
|
|
name="phonePasscode"
|
|
value="{$phonePasscode}" readonly>
|
|
{else}
|
|
<p><em>Your phone passcode is pending allocation.</em>
|
|
{/if}
|
|
</div>
|
|
</td>
|
|
|
|
<tr class="{css('kd-settings-pane-section')}">
|
|
<td>
|
|
<label class="{css('setting-label')}">SSL Certificate</label>
|
|
<span class="{css('description')}">X.509 PEM certificate for EPP production access.</span>
|
|
</td>
|
|
<td class="{css('setting')}">
|
|
{if isNonnull($clientCertificate)}
|
|
<textarea
|
|
name="clientCertificate"
|
|
rows="16"
|
|
cols="64"
|
|
{if $readonly}readonly{/if}>{$clientCertificate}</textarea>
|
|
{elseif isNonnull($clientCertificateHash)}
|
|
{if $readonly}
|
|
<p>
|
|
You submitted your SSL certificate before full certificates
|
|
were stored. Currently only the hash of your certificate may
|
|
be viewed. Please re-submit or update your certificate by
|
|
using the Edit button on the top of this page.
|
|
|
|
<p class="{css('certhash')}">
|
|
<span class="{css('description')}">Existing certificate SHA256 base64 hash:</span>
|
|
{$clientCertificateHash}
|
|
{else}
|
|
<textarea name="clientCertificate" rows="16" cols="64"></textarea>
|
|
{/if}
|
|
{else}
|
|
{if $readonly}
|
|
<p>No certificate on file. Use the Edit button on the top of this page to add one.
|
|
{else}
|
|
<p>No certificate on file. Please enter your certificate below.
|
|
<textarea id="clientCertificate"
|
|
name="clientCertificate"
|
|
rows="16" cols="64"></textarea>
|
|
<div class="{css('description')}">
|
|
Example format:
|
|
<textarea id="exampleCert" rows="17" cols="64" readonly>
|
|
-----BEGIN CERTIFICATE-----{\n}
|
|
MIIDvTCCAqWgAwIBAgIJAK/PgPT0jTwRMA0GCSqGSIb3DQEBCwUAMHUxCzAJBgNV{\n}
|
|
BAYTAlVTMREwDwYDVQQIDAhOZXcgWW9yazERMA8GA1UEBwwITmV3IFlvcmsxDzAN{\n}
|
|
BgNVBAoMBkdvb2dsZTEdMBsGA1UECwwUZG9tYWluLXJlZ2lzdHJ5LXRlc3QxEDAO{\n}
|
|
BgNVBAMMB2NsaWVudDEwHhcNMTUwODI2MTkxODA4WhcNNDMwMTExMTkxODA4WjB1{\n}
|
|
MQswCQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxETAPBgNVBAcMCE5ldyBZ{\n}
|
|
b3JrMQ8wDQYDVQQKDAZHb29nbGUxHTAbBgNVBAsMFGRvbWFpbi1yZWdpc3RyeS10{\n}
|
|
ZXN0MRAwDgYDVQQDDAdjbGllbnQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB{\n}
|
|
CgKCAQEAvoE/IoFJyzb0dU4NFhL8FYgy+B/GnUd5aA66CMx5xKRMbEAtIgxU8TTO{\n}
|
|
W+9jdTsE00Grk3Ct4KdY73CYW+6IFXL4O0K/m5S+uajh+I2UMVZJV38RAIqNxue0{\n}
|
|
Egv9M4haSsCVIPcX9b+6McywfYSF1bzPb2Gb2FAQO7Jb0BjlPhPMIROCrbG40qPg{\n}
|
|
LWrl33dz+O52kO+DyZEzHqI55xH6au77sMITsJe+X23lzQcMFUUm8moiOw0EKrj/{\n}
|
|
GaMTZLHP46BCRoJDAPTNx55seIwgAHbKA2VVtqrvmA2XYJQA6ipdhfKRoJFy8Z8H{\n}
|
|
DYsorGtazQL2HhF/5uJD25z1m5eQHQIDAQABo1AwTjAdBgNVHQ4EFgQUParEmiSR{\n}
|
|
U/Oqy8hr7k+MBKhZwVkwHwYDVR0jBBgwFoAUParEmiSRU/Oqy8hr7k+MBKhZwVkw{\n}
|
|
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAojsUhF6PtZrStnHBFWNR{\n}
|
|
ryzvANB8krZlYeX9Hkqn8zIVfAkpbVmL8aZQ7yj17jSpw47PQh3x5gwA9yc/SS0G{\n}
|
|
E1rGuxYH02UGbua8G0+vviSQfLtskPQzK7EIR63WNhHEo/Q9umLJkZ0LguWEBf3L{\n}
|
|
q8CoXv2i/RNvqVPcTNp/zCKXJZAa8wAjNRJs834AZj4k5xwyYZ3F8D5PGz+YMOmV{\n}
|
|
M9Qd+NdXSC/Qn7HQzFhE8p5elBV35P8oX5dXEfn0S7zOXDenp5JvvLoggOWOcKsq{\n}
|
|
KiWDQrsT+TMKmHL94/h4t7FghtQLMzY5SGYJsYTv/LG8tewrz6KRb/Wj3JNojyEw{\n}
|
|
Ug=={\n}
|
|
-----END CERTIFICATE-----
|
|
</textarea>
|
|
</div>
|
|
{/if}
|
|
{/if}
|
|
</td>
|
|
|
|
<tr class="{css('kd-settings-pane-section')}">
|
|
<td>
|
|
<label class="{css('setting-label')}">
|
|
Failover SSL Certificate
|
|
</label>
|
|
<span class="{css('description')}">
|
|
X.509 PEM backup certificate for EPP Production Access.
|
|
</span>
|
|
<td class="{css('setting')}">
|
|
{if $readonly and not isNonnull($failoverClientCertificate)}
|
|
<p>No failover certificate on file.
|
|
{else}
|
|
<textarea id="failoverClientCertificate"
|
|
name="failoverClientCertificate"
|
|
rows="16"
|
|
cols="64"
|
|
{if $readonly}readonly{/if}>
|
|
{$failoverClientCertificate ?: ''}
|
|
</textarea>
|
|
{/if}
|
|
|
|
</table>
|
|
</form>
|
|
{/template}
|
|
|
|
|
|
/** IP address form input. */
|
|
{template .ip}
|
|
{@param name: string}
|
|
{@param ip: string}
|
|
<div class="{css('ip')}">
|
|
<button type="button" class="{css('kd-button')} {css('btn-remove')} {css('hidden')}">
|
|
<i class="{css('icon-remove')} {css('edit')}">x</i>
|
|
</button>
|
|
<input name="{$name}" value="{$ip}" readonly>
|
|
</div>
|
|
{/template}
|