UI: Adds serial_number_source to pki role form (#29469)

* add serial_number_source to pki role form

* update test

ui/app/models/pki/role.js

@@ -72,6 +72,7 @@ export default class PkiRoleModel extends Model {
         'Additional subject fields': [
           'allowedUserIds',
           'allowedSerialNumbers',
+          'serialNumberSource',
           'requireCn',
           'useCsrCommonName',
           'useCsrSans',
@@ -244,13 +245,30 @@ export default class PkiRoleModel extends Model {
 
   /* Overriding OpenApi Additional subject field options */
   @attr({
-    label: 'Allowed serial numbers',
     subText:
       'A list of allowed serial numbers to be requested during certificate issuance. Shell-style globbing is supported. If empty, custom-specified serial numbers will be forbidden.',
     editType: 'stringArray',
   })
   allowedSerialNumbers;
 
+  @attr({
+    editType: 'radio',
+    possibleValues: [
+      {
+        value: 'json-csr',
+        subText:
+          'The subject serial number will be taken from the "serial_number" parameter and fall back to the serial number in the CSR.',
+      },
+      {
+        value: 'json',
+        subText:
+          'The subject serial number will be taken from the "serial_number" parameter but will ignore any value in the CSR.',
+      },
+    ],
+    defaultValue: 'json-csr',
+  })
+  serialNumberSource;
+
   @attr('boolean', {
     label: 'Require common name',
     subText: 'If set to false, common name will be optional when generating a certificate.',

ui/tests/integration/components/pki/pki-role-form-test.js

@@ -191,6 +191,7 @@ module('Integration | Component | pki-role-form', function (hooks) {
           key_usage: ['DigitalSignature', 'KeyAgreement', 'KeyEncipherment'],
           not_before_duration: '30s',
           require_cn: true,
+          serial_number_source: 'json-csr',
           signature_bits: '384',
           use_csr_common_name: true,
           use_csr_sans: true,