Rename default est group from estclient to EST Users

Additionally, update docs reference.

.github/workflows/est-ds-realm-separate-test.yml

@@ -241,11 +241,11 @@ jobs:
           userPassword: Secret.123
           EOF
           
-      - name: Add EST user to estclient group
+      - name: Add EST user to EST Users group
         run: |
           docker exec -i est ldapmodify -x -H ldap://estds.example.com:3389 \
               -D "cn=Directory Manager"  -w Secret.123 <<EOF
-          dn: cn=estclient,ou=groups,dc=est,dc=pki,dc=example,dc=com
+          dn: cn=EST Users,ou=groups,dc=est,dc=pki,dc=example,dc=com
           changetype: modify
           add: uniqueMember
           uniqueMember: uid=est-test-user,ou=People,dc=est,dc=pki,dc=example,dc=com

.github/workflows/est-ds-realm-test.yml

@@ -248,11 +248,11 @@ jobs:
           userPassword: Secret.123
           EOF
           
-      - name: Add EST user to estclient group
+      - name: Add EST user to EST Users group
         run: |
           docker exec -i pki ldapmodify -x -H ldap://ds.example.com:3389 \
               -D "cn=Directory Manager"  -w Secret.123 << EOF
-          dn: cn=estclient,ou=groups,dc=est,dc=pki,dc=example,dc=com
+          dn: cn=EST Users,ou=groups,dc=est,dc=pki,dc=example,dc=com
           changetype: modify
           add: uniqueMember
           uniqueMember: uid=est-test-user,ou=People,dc=est,dc=pki,dc=example,dc=com

.github/workflows/est-postgresql-realm-test.yml

@@ -316,7 +316,7 @@ jobs:
           DIGEST=$(docker exec pki tomcat-digest Secret.123 | sed 's/.*://')
 
           docker exec postgresql psql -U est -t -A -c "INSERT INTO users VALUES ('est-test-user', 'EST TEST USER', '$DIGEST');"  est 
-          docker exec postgresql psql -U est -t -A -c "INSERT INTO group_members VALUES ('estclient', 'est-test-user');"  est 
+          docker exec postgresql psql -U est -t -A -c "INSERT INTO group_members VALUES ('EST Users', 'est-test-user');"  est 
 
       - name: Install est client
         run: |

.github/workflows/est-separate-provided-certs-test.yml

@@ -277,11 +277,11 @@ jobs:
           userPassword: Secret.123
           EOF
           
-      - name: Add EST user to estclient group
+      - name: Add EST user to EST Users group
         run: |
           docker exec -i est ldapmodify -x -H ldap://estds.example.com:3389 \
               -D "cn=Directory Manager"  -w Secret.123 << EOF
-          dn: cn=estclient,ou=groups,dc=est,dc=pki,dc=example,dc=com
+          dn: cn=EST Users,ou=groups,dc=est,dc=pki,dc=example,dc=com
           changetype: modify
           add: uniqueMember
           uniqueMember: uid=est-test-user,ou=People,dc=est,dc=pki,dc=example,dc=com

base/est/bin/estauthz

@@ -1,6 +1,6 @@
 #!/usr/bin/python3
 import json, sys
-ALLOWED_ROLE = 'estclient'
+ALLOWED_ROLE = 'EST Users'
 obj = json.loads(sys.stdin.read())
 if not ALLOWED_ROLE in obj['authzData']['principal']['roles']:
     print(f'Principal does not have required role {ALLOWED_ROLE!r}')

base/est/shared/realm/ds/create.ldif

@@ -12,8 +12,9 @@ ou: groups
 objectClass: top
 objectClass: organizationalUnit
 
-dn: cn=estclient,ou=groups,dc=est,dc=pki,dc=example,dc=com
+dn: cn=EST Users,ou=groups,dc=est,dc=pki,dc=example,dc=com
 objectClass: top
 objectClass: groupOfUniqueNames
-cn: estclient
+cn: EST Users
+description: Users enabled to enroll certificate
 

base/est/shared/realm/postgresql/create.sql

@@ -22,4 +22,4 @@ CREATE TABLE "group_members" (
     PRIMARY KEY ("group_id", "user_id")
 );
 
-INSERT INTO groups VALUES ('estclient', 'EST users');
+INSERT INTO groups VALUES ('EST Users', 'Users enabled to enroll certificates');

docs/admin/est/Managing_DS_Realm.adoc → docs/admin/est/Managing-DS-Realm.adoc

@@ -3,7 +3,7 @@
 The user DB requires a node containing the users (_inetOrgPerson_) and
 a node containing the groups (_groupOfUniqueNames_). Therefore, if the
 base dn is `dc=pki,dc=example,dc=com` it is possible to add a user
-and associate to _estclient_ group using the following commands:
+and associate to _EST Users_ group using the following commands:
 
 ----
 ldapadd -x -H ldap://estds.example.com:389 \
@@ -22,7 +22,7 @@ EOF
 
 ldapmodify -x -H ldap://estds.example.com:389 \
     -D "cn=Directory Manager"  -w Secret.123 << EOF
-dn: cn=estclient,ou=groups,dc=est,dc=pki,dc=example,dc=com
+dn: cn=EST Users,ou=groups,dc=est,dc=pki,dc=example,dc=com
 changetype: modify
 add: uniqueMember
 uniqueMember: uid=est-test-user,ou=People,dc=est,dc=pki,dc=example,dc=com

docs/admin/est/Managing_PostgreSQL_Realm.adoc → docs/admin/est/Managing-PostgreSQL-Realm.adoc

@@ -1,10 +1,10 @@
 = Managing PostgreSQL Realm =
 
-To add a user and associate to the _estclient_ group it is possible to execeute the following commands:
+To add a user and associate to the _EST Users_ group it is possible to execeute the following commands:
 
 ----
 $ psql -U est -t -A -c "INSERT INTO users VALUES ('est-test-user', 'EST TEST USER', '<tomcat_digest>');"  est 
-$ psql -U est -t -A -c "INSERT INTO group_members VALUES ('estclient', 'est-test-user');"  est 
+$ psql -U est -t -A -c "INSERT INTO group_members VALUES ('EST Users', 'est-test-user');"  est 
 ----
 
 Note: the tomcat digest for the password can be obtained with the command:

docs/installation/est/Installing_EST_pki-server.adoc → docs/installation/est/Installing-EST-pki-server.adoc

@@ -1,6 +1,6 @@
 = EST installation using `pki-server` =
 
-After the prerequisite in xref:../est/Installing_EST.adoc[Installing EST], it is
+After the prerequisite in xref:../est/Installing-EST.adoc[Installing EST], it is
 possible to install *EST*.
 
 A PKI Tomcat instance has to be already available, if it is not present then it
@@ -46,7 +46,7 @@ Note: to use TLS mutual authentication instead of _username/password_, one needs
 
 An example on how to get the certificate and configure EST with TLS
 mutual configuration is provided in the `pkispawn` installation guide
-xref:../est/Installing_EST_pkispawn.adoc#installation-on-separate-instance-with-certificates[here].
+xref:../est/Installing-EST-pkispawn.adoc#installation-on-separate-instance-with-certificates[here].
 
 Configure request authorization. The class
 `org.dogtagpki.est.ExternalProcessRequestAuthorizer` allows to

docs/installation/est/Installing_EST_pkispawn.adoc → docs/installation/est/Installing-EST-pkispawn.adoc

@@ -1,6 +1,6 @@
 = EST installation using `pkispawn` =
 
-After the prerequisite in xref:../est/Installing_EST.adoc[Installing
+After the prerequisite in xref:../est/Installing-EST.adoc[Installing
 EST], it is possible to install *EST*.
 
 

docs/installation/est/Installing_EST.adoc → docs/installation/est/Installing-EST.adoc

@@ -69,7 +69,7 @@ Note: before enabling the profile verify if the options satisfy the requirement
 user DB. _LDAP_, _PostreSQL_ and file based DB are supported. The DB
 has to be prepared in advance for authentication to work. Instructions
 to set up the user DB are available in
-xref:../est/SetUpRealmDB.adoc[Set Up Realm DB].
+xref:../est/Set-Up-Realm-DB.adoc[Set Up Realm DB].
 
 
 
@@ -79,10 +79,10 @@ xref:../est/SetUpRealmDB.adoc[Set Up Realm DB].
 There are two options for the installation:
 
     * Basic installation with `pkispawn`
-      xref:../est/Installing_EST_pkispawn.adoc[Installing_EST_pkispawn];
+      xref:../est/Installing-EST-pkispawn.adoc[Installing EST pkispawn];
 
     * Advanced installation with `pki-server`
-      xref:../est/Installing_EST_pki-server.adoc[Installing_EST_pki-server],
+      xref:../est/Installing-EST-pki-server.adoc[Installing EST pki-server],
       which requires more manual configuration but provides more
       control over the installation process since each step can be
       verified and eventually customised and repeated.
@@ -94,9 +94,9 @@ Before enrolling certificates EST users must be added in the user
 database.  The user management is not part of EST commands and has to
 be done outside EST. Guide on how To add user into DS realm is
 available in the page
-xref:../../admin/est/Managing_DS_Realm.adoc[Managing DS Realm] while
+xref:../../admin/est/Managing-DS-Realm.adoc[Managing DS Realm] while
 for _PostgreSQL_ in the page
-xref:../../admin/est/Managing_PostgreSQL_Realm.adoc[Managing
+xref:../../admin/est/Managing-PostgreSQL-Realm.adoc[Managing
 PostgreSQL Realm].
 
 

docs/installation/est/Installing_EST.md

@@ -1 +1 @@
-This page has been converted/moved to [Installing_EST.adoc](../est/Installing_EST.adoc)
+This page has been converted/moved to [Installing-EST.adoc](../est/Installing-EST.adoc)

docs/installation/est/SetUpRealmDB.adoc → docs/installation/est/Set-Up-Realm-DB.adoc

@@ -20,7 +20,7 @@ ldapadd -x -H ldap://<ds_server_hostname>:<ds_server_port> \
     -f /usr/share/pki/est/conf/realm/ds/create.ldif
 ----
 
-The command creates also the group _estclient_ and it is used as
+The command creates also the group _EST Users_ and it is used as
 default group for user to access EST. Using a different group will
 require to modify the authorization script
 `/usr/share/pki/est/bin/estauthz`.
@@ -48,7 +48,7 @@ with the user information. The tables can be created with the command:
 $ psql -U est -t -A -f /usr/share/pki/est/conf/realm/postgresql/create.sql
 ----
 
-The command creates also the group _estclient_ and it is used as
+The command creates also the group _EST Users_ and it is used as
 default group for user to access EST. Using a different group will
 require to modify the authorization script
 `/usr/share/pki/est/bin/estauthz`.