diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2015-07-02 03:31:31 -0400 |
|---|---|---|
| committer | Tomas Babej <tbabej@redhat.com> | 2015-07-08 00:25:46 +0200 |
| commit | bed6f402e2d5587c35ff7e84ba3b80026c6db73d (patch) | |
| tree | fe20caae489a567855f0dbe56605f85a80a1d8a5 | |
| parent | 62e8002bc43ddd890c3db35a123cb7daf35e3121 (diff) | |
| download | freeipa-bed6f402e2d5587c35ff7e84ba3b80026c6db73d.tar.gz freeipa-bed6f402e2d5587c35ff7e84ba3b80026c6db73d.tar.xz freeipa-bed6f402e2d5587c35ff7e84ba3b80026c6db73d.zip | |
certprofile: add option to export profile config
Add the `--out=FILENAME' option to `certprofile-show'. When given,
it exports the profile configuration from Dogtag and writes it to
the named file.
Fixes: https://fedorahosted.org/freeipa/ticket/5091
Reviewed-By: Martin Basti <mbasti@redhat.com>
| -rw-r--r-- | API.txt | 3 | ||||
| -rw-r--r-- | VERSION | 4 | ||||
| -rw-r--r-- | ipalib/plugins/certprofile.py | 39 | ||||
| -rw-r--r-- | ipaserver/plugins/dogtag.py | 8 |
4 files changed, 48 insertions, 6 deletions
@@ -747,9 +747,10 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: PrimaryKey('value', None, None) command: certprofile_show -args: 1,4,3 +args: 1,5,3 arg: Str('cn', attribute=True, cli_name='id', multivalue=False, primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') +option: Str('out?') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Flag('rights', autofill=True, default=False) option: Str('version?', exclude='webui') @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=139 -# Last change: edewata - added ipaVaultPublicKey attribute +IPA_API_VERSION_MINOR=140 +# Last change: ftweedal: add certprofile-show --out option diff --git a/ipalib/plugins/certprofile.py b/ipalib/plugins/certprofile.py index 9e1e47e94..abb62434e 100644 --- a/ipalib/plugins/certprofile.py +++ b/ipalib/plugins/certprofile.py @@ -5,7 +5,7 @@ import re from ipalib import api, Bool, File, Str -from ipalib import output +from ipalib import output, util from ipalib.plugable import Registry from ipalib.plugins.virtual import VirtualCommand from ipalib.plugins.baseldap import ( @@ -175,9 +175,42 @@ class certprofile_find(LDAPSearch): class certprofile_show(LDAPRetrieve): __doc__ = _("Display the properties of a Certificate Profile.") - def execute(self, *args, **kwargs): + has_output_params = LDAPRetrieve.has_output_params + ( + Str('config', + label=_('Profile configuration'), + ), + ) + + takes_options = LDAPRetrieve.takes_options + ( + Str('out?', + doc=_('Write profile configuration to file'), + ), + ) + + def execute(self, *keys, **options): ca_enabled_check() - return super(certprofile_show, self).execute(*args, **kwargs) + result = super(certprofile_show, self).execute(*keys, **options) + + if 'out' in options: + with self.api.Backend.ra_certprofile as profile_api: + result['result']['config'] = profile_api.read_profile(keys[0]) + + return result + + def forward(self, *keys, **options): + if 'out' in options: + util.check_writable_file(options['out']) + + result = super(certprofile_show, self).forward(*keys, **options) + if 'out' in options and 'config' in result['result']: + with open(options['out'], 'w') as f: + f.write(result['result'].pop('config')) + result['summary'] = ( + _("Profile configuration stored in file '%(file)s'") + % dict(file=options['out']) + ) + + return result @register() diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index 3dc8f5c93..eb2a6ae84 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -2081,6 +2081,14 @@ class ra_certprofile(RestClient): body=profile_data ) + def read_profile(self, profile_id): + """ + Read the profile configuration from Dogtag + """ + status, status_text, resp_headers, resp_body = self._ssldo( + 'GET', profile_id + '/raw') + return resp_body + def enable_profile(self, profile_id): """ Enable the profile in Dogtag |