dohertj2/lmxopcua
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

refactor(adminui): tidy cert-audit review nits (fallthrough comment + single PkiStoreRoot read)

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-19 01:51:38 -04:00
parent 88d5ba45bf
commit 6223bc970a
2 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Server/ZB.MOM.WW.OtOpcUa.AdminUI/Certificates/CertificateStoreManager.cs
+7
View File
@@ -29,6 +29,13 @@ public sealed class CertificateStoreManager
private readonly string _pkiRoot;
private readonly IAuditWriter _audit;
/// <summary>
/// The resolved PKI store root directory (e.g. <c>pki</c>). Derived once from
/// <c>OpcUa:PkiStoreRoot</c> in the production ctor; callers should read this property
/// rather than re-resolving the config key independently.
/// </summary>
public string PkiRoot => _pkiRoot;
/// <summary>Production ctor — reads <c>OpcUa:PkiStoreRoot</c> (default <c>pki</c>).</summary>
/// <param name="config">App configuration.</param>
/// <param name="audit">The audit writer that persists Trust/Untrust/Delete actions to <c>ConfigAuditLog</c>.</param>
src/Server/ZB.MOM.WW.OtOpcUa.AdminUI/Components/Pages/Certificates.razor
+7 -1
View File
@@ -127,7 +127,7 @@ else
private void LoadAll()
{
DisposeRows();
var pkiRoot = Config.GetValue<string?>("OpcUa:PkiStoreRoot") ?? "pki";
var pkiRoot = CertManager.PkiRoot; // Single source: manager already resolved OpcUa:PkiStoreRoot (default "pki").
_rows = new()
{
LoadStore("Own", StoreKind.Own, Path.Combine(pkiRoot, "own", "certs")),
@@ -200,8 +200,14 @@ else
{
StoreKind.Trusted => CertManager.Delete("trusted", p.Thumbprint, actor),
StoreKind.Rejected => CertManager.Delete("rejected", p.Thumbprint, actor),
// Unreachable defensive guard — action buttons only render for Trusted/Rejected stores
// + the 3 literal verbs (Trust/Untrust/Delete); this arm never executes, so it
// intentionally does not route through CertificateStoreManager/audit.
_ => CertActionResult.Fail($"cannot delete from {p.Kind}"),
},
// Unreachable defensive guard — action buttons only render for Trusted/Rejected stores
// + the 3 literal verbs (Trust/Untrust/Delete); this arm never executes, so it
// intentionally does not route through CertificateStoreManager/audit.
_ => CertActionResult.Fail("unknown action"),
};
_statusError = !result.Success;