[#133] Multiple base restriction (#152)

* Updated the page request controller to check if the platform certificate being uploaded is a part a chain that already exists in the DB.  If so, throw an error.

* Updated code for unit test errors.

* This commit is to close #134.  #133 and #134 are quick changes that modify the same file and use the same added method to pull in deltas associated with the platform serial number.  This addition adds the feature to delete the chain if the base is deleted.

HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificateRequestPageController.java

@@ -38,6 +38,8 @@ import hirs.persist.CriteriaModifier;
 import hirs.persist.CrudManager;
 import hirs.persist.DBManagerException;
 import hirs.persist.OrderedListQuerier;
+import java.util.List;
+import java.util.stream.Collectors;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -251,12 +253,29 @@ public class CertificateRequestPageController extends PageController<NoPageParam
         try {
             UUID uuid = UUID.fromString(id);
             Certificate certificate = getCertificateById(certificateType, uuid, certificateManager);
-            if (null == certificate) {
+            if (certificate == null) {
                 // Use the term "record" here to avoid user confusion b/t cert and cred
                 String notFoundMessage = "Unable to locate record with ID: " + uuid;
                 messages.addError(notFoundMessage);
                 LOGGER.warn(notFoundMessage);
             } else {
+                if (certificateType.equals(PLATFORMCREDENTIAL)) {
+                    PlatformCredential platformCertificate = (PlatformCredential) certificate;
+                    List<PlatformCredential> sharedCertificates = getCertificateByBoardSN(
+                            certificateType,
+                            platformCertificate.getPlatformSerial(),
+                            certificateManager);
+
+                    if (sharedCertificates != null) {
+                        for (PlatformCredential pc : sharedCertificates) {
+                            if (!pc.isBase()) {
+                                pc.archive();
+                                certificateManager.update(pc);
+                            }
+                        }
+                    }
+                }
+
                 certificate.archive();
                 certificateManager.update(certificate);
 
@@ -368,7 +387,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
         Map<String, Object> model = new HashMap<>();
         PageMessages messages = new PageMessages();
 
-        for (MultipartFile file :files) {
+        for (MultipartFile file : files) {
             //Parse certificate
             Certificate certificate = parseCertificate(certificateType, file, messages);
 
@@ -527,6 +546,34 @@ public class CertificateRequestPageController extends PageController<NoPageParam
         }
     }
 
+    /**
+     * Gets the certificate by the platform serial number.
+     *
+     * @param certificateType String containing the certificate type
+     * @param serialNumber the platform serial number
+     * @param certificateManager the certificate manager to query
+     * @return the certificate or null if none is found
+     */
+    private List<PlatformCredential> getCertificateByBoardSN(
+            final String certificateType,
+            final String serialNumber,
+            final CertificateManager certificateManager) {
+
+        if (serialNumber == null) {
+            return null;
+        }
+
+        switch (certificateType) {
+            case PLATFORMCREDENTIAL:
+                return PlatformCredential
+                        .select(certificateManager)
+                        .byBoardSerialNumber(serialNumber)
+                        .getCertificates().stream().collect(Collectors.toList());
+            default:
+                return null;
+        }
+    }
+
     /**
      * Parses an uploaded file into a certificate and populates the given model
      * with error messages if parsing fails.
@@ -626,6 +673,29 @@ public class CertificateRequestPageController extends PageController<NoPageParam
         try {
             // save the new certificate if no match is found
             if (existingCertificate == null) {
+                if (certificateType.equals(PLATFORMCREDENTIAL)) {
+                    PlatformCredential platformCertificate = (PlatformCredential) certificate;
+                    List<PlatformCredential> sharedCertificates = getCertificateByBoardSN(
+                            certificateType,
+                            platformCertificate.getPlatformSerial(),
+                            certificateManager);
+
+                    if (sharedCertificates != null) {
+                        for (PlatformCredential pc : sharedCertificates) {
+                            if (pc.isBase()) {
+                                final String failMessage = "Storing certificate failed: "
+                                        + "platform credential "
+                                        + "chain (" + pc.getPlatformSerial()
+                                        + ") base already exists in this chain ("
+                                        + fileName + ")";
+                                messages.addError(failMessage);
+                                LOGGER.error(failMessage);
+                                return;
+                            }
+                        }
+                    }
+                }
+
                 certificateManager.save(certificate);
 
                 final String successMsg = "New certificate successfully uploaded ("