Pull from trunk.

svn path=/branches/tk377/; revision=4960

5 files changed, 61 insertions, 8 deletions

diff --git a/doc/doc.RPKI.CA.Configuration.rootd b/doc/doc.RPKI.CA.Configuration.rootd
index 678e2edf..f27bdd15 100644
--- a/doc/doc.RPKI.CA.Configuration.rootd
+++ b/doc/doc.RPKI.CA.Configuration.rootd
@@ -142,7 +142,11 @@ generate a root certificate as follows:
   $ openssl x509 -req -sha256             \
           -signkey root.key -in root.req  \
           -outform DER -out root.cer      \
-          -extfile root.conf -extensions x509v3_extensions
+          -extfile root.conf -extensions x509v3_extensions \
+          -days 1825
+
+You may want to shorten the five year expire time (1825 days), which is a bit
+long. It is a root certificate, so a longer expire is not unusual.
 
 The generated root.cer must be copied to the publication directory as defined
 in rpki.conf,
diff --git a/doc/doc.RPKI.CA.UI.GUI b/doc/doc.RPKI.CA.UI.GUI
index 89df1d0a..4b887e60 100644
--- a/doc/doc.RPKI.CA.UI.GUI
+++ b/doc/doc.RPKI.CA.UI.GUI
@@ -120,6 +120,18 @@ In addition, your rcynic script should also have
 
 after the rcynic run.
 
+****** Expiration Checking ******
+
+The web portal can notify users when it detects that RPKI certificates will
+expire in the near future. Run the following script as a cron job, perhaps once
+a night:
+
+  /usr/local/sbin/rpkigui-check-expired
+
+By default it will warn of expiration 14 days in advance, but this may be
+changed by using the -t command line option and specifying how many days in
+advance to check.
+
 ****** Using the GUI ******
 
 ****** GUI Examples ******
diff --git a/doc/manual.pdf b/doc/manual.pdf
index 556dd130..8f6912cf 100644
--- a/doc/manual.pdf
+++ b/doc/manual.pdf
diff --git a/rpkid/rpki/gui/app/templates/app/dashboard.html b/rpkid/rpki/gui/app/templates/app/dashboard.html
index b6a7a9cb..0af4bae6 100644
--- a/rpkid/rpki/gui/app/templates/app/dashboard.html
+++ b/rpkid/rpki/gui/app/templates/app/dashboard.html
@@ -65,6 +65,7 @@
     <p>The following resources have not been allocated to a child, nor appear in a ROA.
 
     {% if unused_asns %}
+    <h3>ASNs</h3>
     <ul>
       {% for asn in unused_asns %}
       <li>AS{{ asn }}
@@ -73,19 +74,39 @@
     {% endif %}
 
     {% if unused_prefixes %}
-    <ul>
+    <h3>IPv4</h3>
+    <table class="table table-condensed table-striped">
+      <tr><th>Prefix</th><th>Action</th></tr>
       {% for addr in unused_prefixes %}
-      <li>{{ addr }}
+      <tr>
+	<td>{{ addr }}</td>
+	<td>
+	  {# if addr can be represented as a prefix, add a button for issuing a roa #}
+	  {% if addr.is_prefix %}
+	  <a class="btn btn-mini" title="Create ROA using this prefix" href="{% url rpki.gui.app.views.roa_create %}?prefix={{ addr }}">ROA</a>
+	  {% endif %}
+	</td>
+      </tr>
       {% endfor %} <!-- addrs -->
-    </ul>
+    </table>
     {% endif %}
 
     {% if unused_prefixes_v6 %}
-    <ul>
+    <h3>IPv6</h3>
+    <table class="table table-condensed table-striped">
+      <tr><th>Prefix</th><th></th></tr>
       {% for addr in unused_prefixes_v6 %}
-      <li>{{ addr }}
+      <tr>
+	<td>{{ addr }}</td>
+	<td>
+	  {# if addr can be represented as a prefix, add a button for issuing a roa #}
+	  {% if addr.is_prefix %}
+	  <a class="btn btn-mini" title='create roa using this prefix' href="{% url rpki.gui.app.views.roa_create %}?prefix={{ addr }}">roa</a>
+	  {% endif %}
+	</td>
+      </tr>
       {% endfor %} <!-- addrs -->
-    </ul>
+    </table>
     {% endif %}
 
   </div><!-- /span -->
diff --git a/rpkid/rpki/gui/app/views.py b/rpkid/rpki/gui/app/views.py
index fc1e9cce..535ffe6c 100644
--- a/rpkid/rpki/gui/app/views.py
+++ b/rpkid/rpki/gui/app/views.py
@@ -38,6 +38,7 @@ from rpki.gui.app import models, forms, glue, range_list
 from rpki.resource_set import (resource_range_as, resource_range_ipv4,
                                resource_range_ipv6, roa_prefix_ipv4)
 from rpki import sundial
+import rpki.exceptions
 
 from rpki.gui.cacheview.models import ROAPrefixV4, ROA
 from rpki.gui.routeview.models import RouteOrigin
@@ -195,6 +196,16 @@ def dashboard(request):
     my_prefixes_v6 = range_list.RangeList([obj.as_resource_range() for obj in prefixes_v6])
 
     unused_prefixes = my_prefixes.difference(used_prefixes)
+    # monkey-patch each object with a boolean value indicating whether or not
+    # it is a prefix.  We have to do this here because in the template there is
+    # no way to catch the MustBePrefix exception.
+    for x in unused_prefixes:
+        try:
+            x.prefixlen()
+            x.is_prefix = True
+        except rpki.exceptions.MustBePrefix:
+            x.is_prefix = False
+
     unused_prefixes_v6 = my_prefixes_v6.difference(used_prefixes_v6)
 
     clients = models.Client.objects.all() if request.user.is_superuser else None
@@ -487,7 +498,12 @@ def roa_create(request):
                            'max_prefixlen': max_prefixlen,
                            'routes': routes})
     else:
-        form = forms.ROARequest()
+        # pull initial values from query parameters
+        d = {}
+        for s in ('asn', 'prefix'):
+            if s in request.GET:
+                d[s] = request.GET[s]
+        form = forms.ROARequest(initial=d)
 
     return render(request, 'app/roarequest_form.html', {'form': form})