mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-08 13:39:02 +00:00
shankar0123
55eb7135be
Closes five 2026-04-24 audit findings (all P2, all category cat-f /
diff-05x06-*) by reconciling the TypeScript interfaces in
web/src/api/types.ts with the on-wire JSON shape Go's
internal/domain/*.go structs actually emit. D-1 closed the same pattern
for one entity (Certificate / ManagedCertificate); D-2 covers the
remaining five.
Per-entity verdicts (audit's "stricter side is the contract"):
Agent — TRIM 5 phantoms (last_heartbeat, capabilities, tags,
created_at, updated_at). Go emits last_heartbeat_at only.
Target — ADD 2 (retired_at?, retired_reason?) — I-004 fields.
DiscCert — ADD pem_data? — real field, real Go emit, omitempty.
Issuer — TRIM phantom status. Go has Enabled bool only.
Notif — TRIM phantom subject. Go has Message string only.
Certificate — verify-only; D-1 closure confirmed clean at recon.
Consumer fixes (same commit as the trim):
- AgentDetailPage.tsx — remove dead Capabilities + Tags sections (always
rendered empty); replace agent.created_at/updated_at row with the
Go-emitted registered_at; widen heartbeatStatus() to accept undefined.
- AgentsPage.tsx — same heartbeatStatus widening.
- IssuersPage.tsx + IssuerDetailPage.tsx — issuerStatus() now derives
from `enabled` exclusively; the dead `issuer.status || 'Unknown'`
fallback is gone.
- NotificationsPage.tsx — drop dead `|| n.subject` fallback.
- NotificationsPage.test.tsx — drop dead `subject:` from mocks.
- api/utils.ts::timeAgo widened to accept string | undefined | null.
- api/types.test.ts — Agent (I-004) fixture trimmed of the 5 phantoms.
Tests (Vitest):
- 5 new describe blocks in web/src/api/types.test.ts:
- Agent interface (D-2 phantom-fields trim) — 2 it blocks
- Target interface (D-2 retirement fields) — 2 it blocks
- DiscoveredCertificate interface (D-2 pem_data ADD) — 2 it blocks
- Issuer interface (D-2 status phantom trim) — 1 it block
- Notification interface (D-2 subject phantom trim) — 1 it block
- Each block uses the literal-construction pattern from D-1; trimmed
fields are pinned via excess-property comments that compile-fail when
uncommented if a phantom is reintroduced.
CI regression guardrail:
- .github/workflows/ci.yml — existing D-1 step renamed to "Forbidden
StatusBadge dead-key + TS phantom-field regression guard (D-1 + D-2)".
Three new awk-windowed greps over Agent / Issuer / Notification
interfaces in types.ts. The Agent grep includes a `grep -v
'last_heartbeat_at'` filter to avoid false positives on the
legitimate Go-emitted heartbeat field.
Documentation:
- CHANGELOG.md — new D-2 section above B-1 under [unreleased] with full
Added/Removed/Audit findings closed/Known follow-ups breakdown.
- docs/architecture.md — Web Dashboard section gains a new "TS ↔ Go
type contract rule (D-1 + D-2 closure)" paragraph capturing the
stricter-side-wins rule and the CI guardrail it's anchored by.
- coverage-gap-audit-2026-04-24-v5/unified-audit.md — Live Tracker score
20/47 → 25/47 (P2: 6/27 → 11/27). Per-finding ✅ RESOLVED Status
blocks added to all 5 diff-05x06-* entries plus the verify-only
Certificate entry. Closed-bundle index gets D-2 row.
Verification (all gates green):
- cd web && tsc --noEmit → clean
- cd web && vitest run --reporter=dot → 9 files, 302 tests passing
(was 294 → +8 D-2 cases)
- cd web && vite build → clean
- go vet ./internal/... ./cmd/... → clean (no Go touched)
- golangci-lint v2.11.4 run ./... → 0 issues
- D-2 Agent guardrail dry-run → empty (good)
- D-2 Issuer guardrail dry-run → empty (good)
- D-2 Notification guardrail dry-run → empty (good)
- D-2 Target ADD-shape sanity → 2 retirement fields present
- D-2 DiscCert ADD-shape sanity → pem_data present
- D-1 Certificate guardrail still clean → empty (good)
- OpenAPI YAML parses → 89 paths
Audit findings closed:
- diff-05x06-7cdf4e78ae24 (P2, Agent TS↔Go drift)
- diff-05x06-2044a46f4dd0 (P2, Target TS↔DeploymentTarget Go drift)
- diff-05x06-85ab6b98a2f7 (P2, DiscoveredCertificate TS↔Go drift)
- diff-05x06-97fab8783a5c (P2, Issuer TS↔Go drift)
- diff-05x06-caba9eb3620e (P2, Notification TS↔NotificationEvent drift)
- diff-05x06-af18a8d7ef41 (P2) — verified clean since D-1; no edit
Deferred follow-ups:
- Issuer richer status view (enabled × test_status) — UX scope, not drift.
- Real Agent metadata (capabilities, tags) — backend feature, not drift.
- DiscoveredCertificate pem_data list-response perf — separate backend change.
530 lines
21 KiB
TypeScript
530 lines
21 KiB
TypeScript
import { useEffect, useState, useMemo } from 'react';
|
|
import { Link } from 'react-router-dom';
|
|
import { useQuery, useMutation, useQueryClient } from '@tanstack/react-query';
|
|
import { getIssuers, testIssuerConnection, deleteIssuer, createIssuer, updateIssuer } from '../api/client';
|
|
import PageHeader from '../components/PageHeader';
|
|
import DataTable from '../components/DataTable';
|
|
import type { Column } from '../components/DataTable';
|
|
import StatusBadge from '../components/StatusBadge';
|
|
import ErrorState from '../components/ErrorState';
|
|
import { formatDateTime } from '../api/utils';
|
|
import type { Issuer } from '../api/types';
|
|
import { issuerTypes, typeLabels, getIssuerCatalogStatus, type IssuerTypeConfig } from '../config/issuerTypes';
|
|
import TypeSelector from '../components/issuer/TypeSelector';
|
|
import ConfigForm from '../components/issuer/ConfigForm';
|
|
import ConfigDetailModal from '../components/issuer/ConfigDetailModal';
|
|
|
|
// Derive display status from backend `enabled` boolean.
|
|
//
|
|
// D-2 (diff-05x06-97fab8783a5c, master): pre-D-2 the fall-through chain
|
|
// here was `issuer.status || 'Unknown'`, which always rendered 'Unknown'
|
|
// because the Go-side struct never emitted a `status` field — the TS
|
|
// interface comment claimed status was "derived from enabled" but no
|
|
// derivation existed. Post-D-2 the phantom `Issuer.status` is gone and
|
|
// this function is the canonical derivation site. `enabled` is a
|
|
// required boolean on Go's Issuer struct so the `!== undefined` guard
|
|
// is now belt-and-suspenders rather than load-bearing, but kept for
|
|
// defensive rendering against malformed responses.
|
|
function issuerStatus(issuer: Issuer): string {
|
|
return issuer.enabled ? 'Enabled' : 'Disabled';
|
|
}
|
|
|
|
export default function IssuersPage() {
|
|
const queryClient = useQueryClient();
|
|
const [testResult, setTestResult] = useState<{ id: string; ok: boolean; msg: string } | null>(null);
|
|
const [showCreateModal, setShowCreateModal] = useState(false);
|
|
const [preselectedType, setPreselectedType] = useState<string | null>(null);
|
|
const [typeFilter, setTypeFilter] = useState<string>('');
|
|
const [configModal, setConfigModal] = useState<{ title: string; config: Record<string, unknown> } | null>(null);
|
|
// B-1 master closure (cat-b-7a34f893a8f9): rename-only Edit affordance.
|
|
// Pre-B-1 the only way to rename an issuer was delete-and-recreate,
|
|
// which destroyed cert provenance and forced a re-encryption cycle
|
|
// through internal/crypto/encryption.go for every cert under the
|
|
// issuer. Type and credential blob are intentionally NOT editable here
|
|
// — changing the underlying CA driver type would require
|
|
// re-encrypting config under a different schema, and credentials are
|
|
// stored encrypted at rest (we can't decrypt them client-side to
|
|
// pre-populate). Operators who need to rotate credentials still
|
|
// delete + recreate. Documented as a deferred follow-up in the L-1
|
|
// CHANGELOG entry.
|
|
const [editingIssuer, setEditingIssuer] = useState<Issuer | null>(null);
|
|
|
|
const { data, isLoading, error, refetch } = useQuery({
|
|
queryKey: ['issuers'],
|
|
queryFn: () => getIssuers(),
|
|
});
|
|
|
|
const testMutation = useMutation({
|
|
mutationFn: testIssuerConnection,
|
|
onSuccess: (_data, id) => setTestResult({ id, ok: true, msg: 'Connection successful' }),
|
|
onError: (err: Error, id) => setTestResult({ id, ok: false, msg: err.message }),
|
|
});
|
|
|
|
const deleteMutation = useMutation({
|
|
mutationFn: deleteIssuer,
|
|
onSuccess: () => queryClient.invalidateQueries({ queryKey: ['issuers'] }),
|
|
});
|
|
|
|
const createMutation = useMutation({
|
|
mutationFn: (data: { name: string; type: string; config: Record<string, unknown> }) =>
|
|
createIssuer(data),
|
|
onSuccess: () => {
|
|
queryClient.invalidateQueries({ queryKey: ['issuers'] });
|
|
setShowCreateModal(false);
|
|
setPreselectedType(null);
|
|
},
|
|
});
|
|
|
|
// B-1 master closure: updateIssuer is wired to the rename-only Edit
|
|
// modal. Type and credential blob are NOT mutated here — see editingIssuer
|
|
// docblock above. Sends `{ name, type, config }` to satisfy the backend
|
|
// PUT contract (the handler decodes into a full domain.Issuer struct);
|
|
// type + config are preserved by reading them from the editing target.
|
|
const updateMutation = useMutation({
|
|
mutationFn: ({ id, data }: { id: string; data: Partial<Issuer> }) => updateIssuer(id, data),
|
|
onSuccess: () => {
|
|
queryClient.invalidateQueries({ queryKey: ['issuers'] });
|
|
setEditingIssuer(null);
|
|
},
|
|
});
|
|
|
|
const catalogStatus = useMemo(
|
|
() => getIssuerCatalogStatus(data?.data || []),
|
|
[data?.data]
|
|
);
|
|
|
|
// Filter issuers by type
|
|
const filteredIssuers = useMemo(() => {
|
|
if (!data?.data) return [];
|
|
if (!typeFilter) return data.data;
|
|
return data.data.filter(i => i.type === typeFilter);
|
|
}, [data?.data, typeFilter]);
|
|
|
|
const columns: Column<Issuer>[] = [
|
|
{
|
|
key: 'name',
|
|
label: 'Issuer',
|
|
render: (i) => (
|
|
<div>
|
|
<Link to={`/issuers/${i.id}`} className="font-medium text-accent hover:text-accent-bright" onClick={(e) => e.stopPropagation()}>
|
|
{i.name}
|
|
</Link>
|
|
<div className="text-xs text-ink-faint font-mono">{i.id}</div>
|
|
</div>
|
|
),
|
|
},
|
|
{
|
|
key: 'type',
|
|
label: 'Type',
|
|
render: (i) => (
|
|
<span className="badge badge-neutral">{typeLabels[i.type] || i.type}</span>
|
|
),
|
|
},
|
|
{
|
|
key: 'status',
|
|
label: 'Status',
|
|
render: (i) => <StatusBadge status={issuerStatus(i)} />,
|
|
},
|
|
{
|
|
key: 'config',
|
|
label: 'Config',
|
|
render: (i) => {
|
|
if (!i.config || Object.keys(i.config).length === 0) return <span className="text-ink-faint">—</span>;
|
|
return (
|
|
<button
|
|
onClick={(e) => {
|
|
e.stopPropagation();
|
|
setConfigModal({ title: `${i.name} Configuration`, config: i.config });
|
|
}}
|
|
className="text-xs text-brand-400 hover:text-brand-500 transition-colors"
|
|
>
|
|
View Config
|
|
</button>
|
|
);
|
|
},
|
|
},
|
|
{
|
|
key: 'created',
|
|
label: 'Created',
|
|
render: (i) => <span className="text-xs text-ink-muted">{formatDateTime(i.created_at)}</span>,
|
|
},
|
|
{
|
|
key: 'actions',
|
|
label: '',
|
|
render: (i) => (
|
|
<div className="flex gap-2">
|
|
<button
|
|
onClick={(e) => { e.stopPropagation(); testMutation.mutate(i.id); }}
|
|
disabled={testMutation.isPending}
|
|
className="text-xs text-brand-400 hover:text-brand-500 transition-colors"
|
|
>
|
|
Test
|
|
</button>
|
|
<button
|
|
onClick={(e) => { e.stopPropagation(); setEditingIssuer(i); }}
|
|
className="text-xs text-brand-400 hover:text-brand-500 transition-colors"
|
|
>
|
|
Edit
|
|
</button>
|
|
<button
|
|
onClick={(e) => { e.stopPropagation(); if (confirm(`Delete issuer ${i.name}?`)) deleteMutation.mutate(i.id); }}
|
|
className="text-xs text-red-600 hover:text-red-700 transition-colors"
|
|
>
|
|
Delete
|
|
</button>
|
|
</div>
|
|
),
|
|
},
|
|
];
|
|
|
|
return (
|
|
<>
|
|
<PageHeader
|
|
title="Issuers"
|
|
subtitle={data ? `${data.total} configured` : undefined}
|
|
action={
|
|
<button
|
|
onClick={() => {
|
|
setPreselectedType(null);
|
|
setShowCreateModal(true);
|
|
}}
|
|
className="px-4 py-2 bg-brand-600 text-white rounded font-medium hover:bg-brand-700 transition-colors text-sm"
|
|
>
|
|
+ New Issuer
|
|
</button>
|
|
}
|
|
/>
|
|
{testResult && (
|
|
<div className={`mx-6 mt-3 rounded px-4 py-3 text-sm ${testResult.ok ? 'bg-emerald-100 border border-emerald-200 text-emerald-700' : 'bg-red-50 border border-red-200 text-red-700'}`}>
|
|
{testResult.id}: {testResult.msg}
|
|
<button onClick={() => setTestResult(null)} className="ml-3 text-xs opacity-60 hover:opacity-100">dismiss</button>
|
|
</div>
|
|
)}
|
|
|
|
<div className="flex-1 overflow-y-auto">
|
|
{error ? (
|
|
<ErrorState error={error as Error} onRetry={() => refetch()} />
|
|
) : (
|
|
<>
|
|
{/* Issuer Type Catalog Cards */}
|
|
<div className="px-6 py-4">
|
|
<h3 className="text-sm font-semibold text-ink-muted mb-3">Issuer Types</h3>
|
|
<div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-3">
|
|
{catalogStatus.map(({ type, status, count }) => (
|
|
<CatalogCard
|
|
key={type.id}
|
|
type={type}
|
|
status={status}
|
|
count={count}
|
|
onConfigure={() => {
|
|
setPreselectedType(type.id);
|
|
setShowCreateModal(true);
|
|
}}
|
|
onFilter={() => {
|
|
// Match both the canonical id and aliases
|
|
const filterValue = type.id === 'local' ? 'local' : type.id;
|
|
setTypeFilter(prev => prev === filterValue ? '' : filterValue);
|
|
}}
|
|
/>
|
|
))}
|
|
</div>
|
|
</div>
|
|
|
|
{/* Configured Issuers Table */}
|
|
<div className="px-6 pb-4">
|
|
<div className="flex items-center justify-between mb-3">
|
|
<h3 className="text-sm font-semibold text-ink-muted">Configured Issuers</h3>
|
|
<div className="flex items-center gap-2">
|
|
<select
|
|
value={typeFilter}
|
|
onChange={(e) => setTypeFilter(e.target.value)}
|
|
className="text-xs px-2 py-1.5 bg-surface border border-surface-border rounded text-ink focus:outline-none focus:border-brand-500"
|
|
>
|
|
<option value="">All Types</option>
|
|
{issuerTypes.filter(t => !t.comingSoon).map(t => (
|
|
<option key={t.id} value={t.id}>{t.name}</option>
|
|
))}
|
|
</select>
|
|
</div>
|
|
</div>
|
|
<DataTable
|
|
columns={columns}
|
|
data={filteredIssuers}
|
|
isLoading={isLoading}
|
|
emptyMessage={typeFilter ? `No ${typeLabels[typeFilter] || typeFilter} issuers configured` : 'No issuers configured'}
|
|
/>
|
|
</div>
|
|
</>
|
|
)}
|
|
</div>
|
|
|
|
{/* Config Detail Modal */}
|
|
{configModal && (
|
|
<ConfigDetailModal
|
|
title={configModal.title}
|
|
config={configModal.config}
|
|
onClose={() => setConfigModal(null)}
|
|
/>
|
|
)}
|
|
|
|
{/* Create Issuer Modal */}
|
|
{showCreateModal && (
|
|
<CreateIssuerModal
|
|
preselectedType={preselectedType}
|
|
onSubmit={(name, type, config) => {
|
|
createMutation.mutate({ name, type, config });
|
|
}}
|
|
onCancel={() => {
|
|
setShowCreateModal(false);
|
|
setPreselectedType(null);
|
|
}}
|
|
isSubmitting={createMutation.isPending}
|
|
/>
|
|
)}
|
|
|
|
{/* B-1 closure: EditIssuerModal — rename-only. */}
|
|
<EditIssuerModal
|
|
issuer={editingIssuer}
|
|
onClose={() => setEditingIssuer(null)}
|
|
onSave={(name) => {
|
|
if (!editingIssuer) return;
|
|
updateMutation.mutate({
|
|
id: editingIssuer.id,
|
|
data: {
|
|
name,
|
|
// Preserve type + config + enabled — the rename-only
|
|
// contract. Credential blob stays encrypted at rest.
|
|
type: editingIssuer.type,
|
|
config: editingIssuer.config,
|
|
enabled: editingIssuer.enabled,
|
|
},
|
|
});
|
|
}}
|
|
isSaving={updateMutation.isPending}
|
|
error={updateMutation.error ? (updateMutation.error as Error).message : null}
|
|
/>
|
|
</>
|
|
);
|
|
}
|
|
|
|
// ─── EditIssuerModal — rename-only Edit modal (B-1) ─────────────
|
|
//
|
|
// Locked: type, config (credentials), enabled. Editable: name only.
|
|
// The audit's "destructive rename workflow" complaint is specifically
|
|
// about renames; B-1 closes that hazard. Credential rotation still
|
|
// requires delete-and-recreate (see CHANGELOG B-1 known follow-ups).
|
|
interface EditIssuerModalProps {
|
|
issuer: Issuer | null;
|
|
onClose: () => void;
|
|
onSave: (name: string) => void;
|
|
isSaving: boolean;
|
|
error: string | null;
|
|
}
|
|
|
|
function EditIssuerModal({ issuer, onClose, onSave, isSaving, error }: EditIssuerModalProps) {
|
|
const [name, setName] = useState('');
|
|
useEffect(() => { if (issuer) setName(issuer.name); }, [issuer]);
|
|
|
|
if (!issuer) return null;
|
|
|
|
const handleSubmit = (e: React.FormEvent) => {
|
|
e.preventDefault();
|
|
if (!name.trim()) return;
|
|
onSave(name.trim());
|
|
};
|
|
|
|
return (
|
|
<div className="fixed inset-0 bg-black/40 flex items-center justify-center z-50" onClick={onClose}>
|
|
<div className="bg-surface border border-surface-border rounded p-5 w-full max-w-md shadow-xl" onClick={e => e.stopPropagation()}>
|
|
<h2 className="text-lg font-semibold text-ink mb-4">Edit Issuer</h2>
|
|
<p className="text-xs text-ink-muted mb-4 font-mono">{issuer.id}</p>
|
|
{error && <div className="mb-4 p-3 bg-red-50 border border-red-200 rounded text-sm text-red-700">{error}</div>}
|
|
<form onSubmit={handleSubmit} className="space-y-4">
|
|
<div>
|
|
<label className="block text-sm font-medium text-ink mb-1">Name *</label>
|
|
<input value={name} onChange={e => setName(e.target.value)} required
|
|
className="w-full bg-white border border-surface-border rounded px-3 py-2 text-sm text-ink focus:outline-none focus:border-brand-400" />
|
|
</div>
|
|
<div>
|
|
<label className="block text-sm font-medium text-ink-muted mb-1">Type (locked)</label>
|
|
<input value={issuer.type} disabled
|
|
className="w-full bg-surface-border/50 border border-surface-border rounded px-3 py-2 text-sm text-ink-muted font-mono" />
|
|
<p className="text-xs text-ink-faint mt-1">
|
|
To change issuer type or rotate credentials, delete and recreate.
|
|
See CHANGELOG B-1 known follow-ups.
|
|
</p>
|
|
</div>
|
|
<div className="flex gap-2 pt-4">
|
|
<button type="submit" disabled={isSaving} className="flex-1 btn btn-primary disabled:opacity-50 disabled:cursor-not-allowed">
|
|
{isSaving ? 'Saving...' : 'Save Changes'}
|
|
</button>
|
|
<button type="button" onClick={onClose} className="flex-1 btn btn-ghost">Cancel</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
);
|
|
}
|
|
|
|
// ─── Catalog Card ───────────────────────────────────────────────
|
|
|
|
interface CatalogCardProps {
|
|
type: IssuerTypeConfig;
|
|
status: 'connected' | 'available' | 'coming_soon';
|
|
count: number;
|
|
onConfigure: () => void;
|
|
onFilter: () => void;
|
|
}
|
|
|
|
function CatalogCard({ type, status, count, onConfigure, onFilter }: CatalogCardProps) {
|
|
const statusConfig = {
|
|
connected: { label: `${count} configured`, cls: 'bg-emerald-500/10 text-emerald-400 border-emerald-500/30' },
|
|
available: { label: 'Available', cls: 'bg-brand-500/10 text-brand-400 border-brand-500/30' },
|
|
coming_soon: { label: 'Coming Soon', cls: 'bg-gray-500/10 text-gray-400 border-gray-500/30' },
|
|
};
|
|
const { label, cls } = statusConfig[status];
|
|
|
|
return (
|
|
<div className={`p-4 border rounded-lg ${status === 'coming_soon' ? 'border-surface-border/50 opacity-60' : 'border-surface-border'}`}>
|
|
<div className="flex items-start justify-between mb-2">
|
|
<div className="flex items-center gap-2">
|
|
<span className="text-lg">{type.icon}</span>
|
|
<span className="font-medium text-ink text-sm">{type.name}</span>
|
|
</div>
|
|
<span className={`text-xs px-2 py-0.5 rounded-full border ${cls}`}>{label}</span>
|
|
</div>
|
|
<p className="text-xs text-ink-muted mb-3">{type.description}</p>
|
|
{status === 'connected' && (
|
|
<button
|
|
onClick={onFilter}
|
|
className="text-xs text-brand-400 hover:text-brand-500 transition-colors"
|
|
>
|
|
View issuers
|
|
</button>
|
|
)}
|
|
{status === 'available' && (
|
|
<button
|
|
onClick={onConfigure}
|
|
className="text-xs px-3 py-1 bg-brand-600 text-white rounded hover:bg-brand-700 transition-colors"
|
|
>
|
|
Configure
|
|
</button>
|
|
)}
|
|
</div>
|
|
);
|
|
}
|
|
|
|
// ─── Create Issuer Modal ────────────────────────────────────────
|
|
|
|
interface CreateIssuerModalProps {
|
|
preselectedType: string | null;
|
|
onSubmit: (name: string, type: string, config: Record<string, unknown>) => void;
|
|
onCancel: () => void;
|
|
isSubmitting: boolean;
|
|
}
|
|
|
|
function CreateIssuerModal({ preselectedType, onSubmit, onCancel, isSubmitting }: CreateIssuerModalProps) {
|
|
const [step, setStep] = useState<'type' | 'config'>(preselectedType ? 'config' : 'type');
|
|
const [selectedType, setSelectedType] = useState<string | null>(preselectedType);
|
|
const [form, setForm] = useState<Record<string, unknown>>(() => {
|
|
if (preselectedType) {
|
|
const tc = issuerTypes.find(t => t.id === preselectedType);
|
|
const defaults: Record<string, unknown> = {};
|
|
tc?.configFields.forEach(f => { if (f.defaultValue) defaults[f.key] = f.defaultValue; });
|
|
return defaults;
|
|
}
|
|
return {};
|
|
});
|
|
|
|
const selectedTypeConfig = issuerTypes.find(t => t.id === selectedType);
|
|
|
|
function handleTypeSelect(typeId: string) {
|
|
setSelectedType(typeId);
|
|
const tc = issuerTypes.find(t => t.id === typeId);
|
|
const defaults: Record<string, unknown> = {};
|
|
tc?.configFields.forEach(f => { if (f.defaultValue) defaults[f.key] = f.defaultValue; });
|
|
setForm(defaults);
|
|
setStep('config');
|
|
}
|
|
|
|
function handleSubmit() {
|
|
if (!selectedType || !form.name) return;
|
|
const config = { ...form };
|
|
const name = config.name as string;
|
|
delete config.name;
|
|
onSubmit(name, selectedType, config);
|
|
}
|
|
|
|
return (
|
|
<div className="fixed inset-0 bg-black bg-opacity-50 z-50 flex items-center justify-center">
|
|
<div className="bg-surface border border-surface-border rounded-lg shadow-lg max-w-2xl w-full mx-4">
|
|
{/* Header */}
|
|
<div className="border-b border-surface-border px-6 py-4 flex justify-between items-center">
|
|
<h2 className="text-lg font-semibold text-ink">
|
|
{step === 'type' ? 'Create Issuer' : `Configure ${selectedTypeConfig?.name || 'Issuer'}`}
|
|
</h2>
|
|
<button onClick={onCancel} className="text-ink-muted hover:text-ink transition-colors">
|
|
✕
|
|
</button>
|
|
</div>
|
|
|
|
{/* Content */}
|
|
<div className="px-6 py-6">
|
|
{step === 'type' ? (
|
|
<TypeSelector onSelect={handleTypeSelect} />
|
|
) : (
|
|
<div className="space-y-5">
|
|
{/* Name field */}
|
|
<div>
|
|
<label className="block text-sm font-medium text-ink mb-2">Issuer Name *</label>
|
|
<input
|
|
type="text"
|
|
value={(form.name as string) || ''}
|
|
onChange={(e) => setForm({ ...form, name: e.target.value })}
|
|
placeholder="e.g., Production CA"
|
|
className="w-full px-3 py-2 bg-surface border border-surface-border rounded text-ink placeholder-ink-faint focus:outline-none focus:border-brand-500 transition-colors"
|
|
/>
|
|
</div>
|
|
{/* Type-specific fields via ConfigForm */}
|
|
{selectedTypeConfig && (
|
|
<ConfigForm
|
|
fields={selectedTypeConfig.configFields}
|
|
values={form}
|
|
onChange={(key, value) => setForm({ ...form, [key]: value })}
|
|
/>
|
|
)}
|
|
</div>
|
|
)}
|
|
</div>
|
|
|
|
{/* Footer */}
|
|
<div className="border-t border-surface-border px-6 py-4 flex justify-end gap-3">
|
|
{step === 'config' && (
|
|
<button
|
|
onClick={() => setStep('type')}
|
|
className="px-4 py-2 border border-surface-border rounded text-ink hover:bg-surface-hover transition-colors text-sm font-medium"
|
|
>
|
|
Back
|
|
</button>
|
|
)}
|
|
<button
|
|
onClick={onCancel}
|
|
className="px-4 py-2 border border-surface-border rounded text-ink hover:bg-surface-hover transition-colors text-sm font-medium"
|
|
>
|
|
Cancel
|
|
</button>
|
|
{step === 'config' && (
|
|
<button
|
|
onClick={handleSubmit}
|
|
disabled={isSubmitting || !form.name}
|
|
className="px-4 py-2 bg-brand-600 text-white rounded text-sm font-medium hover:bg-brand-700 transition-colors disabled:opacity-50 disabled:cursor-not-allowed"
|
|
>
|
|
{isSubmitting ? 'Creating...' : 'Create Issuer'}
|
|
</button>
|
|
)}
|
|
</div>
|
|
</div>
|
|
</div>
|
|
);
|
|
}
|