summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFraser Tweedale <ftweedal@redhat.com>2015-07-24 09:31:26 -0400
committerMartin Basti <mbasti@redhat.com>2015-07-31 16:11:17 +0200
commit896783bae817ef16ca1cb31a0c434fe863287cc3 (patch)
tree8f46f616b5228a1dd444c27dc036b2f983778aa9
parenta4ade199aa594307cdd6bc43d1729cc42e92fd1e (diff)
downloadfreeipa-896783bae817ef16ca1cb31a0c434fe863287cc3.zip
freeipa-896783bae817ef16ca1cb31a0c434fe863287cc3.tar.gz
freeipa-896783bae817ef16ca1cb31a0c434fe863287cc3.tar.xz
user-show: add --out option to save certificates to file
Add the --out option to user-show, bringing it into line with host-show and service-show with the ability to save the user's certificate(s) to a file. https://fedorahosted.org/freeipa/ticket/5171 Reviewed-By: Martin Basti <mbasti@redhat.com>
-rw-r--r--API.txt3
-rw-r--r--VERSION4
-rw-r--r--ipalib/plugins/user.py27
3 files changed, 30 insertions, 4 deletions
diff --git a/API.txt b/API.txt
index 2b7e00d..04f2f89 100644
--- a/API.txt
+++ b/API.txt
@@ -5360,10 +5360,11 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: PrimaryKey('value', None, None)
command: user_show
-args: 1,5,3
+args: 1,6,3
arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=True)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
option: Flag('no_members', autofill=True, default=False, exclude='webui')
+option: Str('out?')
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
option: Flag('rights', autofill=True, default=False)
option: Str('version?', exclude='webui')
diff --git a/VERSION b/VERSION
index 2b78af5..a3d586d 100644
--- a/VERSION
+++ b/VERSION
@@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
# #
########################################################
IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=147
-# Last change: mbasti - Consolidate DNS RR in API and schema
+IPA_API_VERSION_MINOR=148
+# Last change: ftweedal - add --out option to user-show
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 206b380..0209b29 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -23,7 +23,7 @@ import string
import posixpath
import os
-from ipalib import api, errors
+from ipalib import api, errors, util
from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime
from ipalib.plugins.baseuser import baseuser, baseuser_add, baseuser_del, \
baseuser_mod, baseuser_find, baseuser_show, \
@@ -38,6 +38,7 @@ from ipalib.plugins import baseldap
from ipalib.request import context
from ipalib import _, ngettext
from ipalib import output
+from ipalib import x509
from ipaplatform.paths import paths
from ipapython.ipautil import ipa_generate_password
from ipapython.ipavalidate import Email
@@ -765,6 +766,11 @@ class user_show(baseuser_show):
__doc__ = _('Display information about a user.')
has_output_params = baseuser_show.has_output_params + user_output_params
+ takes_options = baseuser_show.takes_options + (
+ Str('out?',
+ doc=_('file to store certificate in'),
+ ),
+ )
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
convert_nsaccountlock(entry_attrs)
@@ -772,6 +778,25 @@ class user_show(baseuser_show):
self.obj.get_preserved_attribute(entry_attrs, options)
return dn
+ def forward(self, *keys, **options):
+ if 'out' in options:
+ util.check_writable_file(options['out'])
+ result = super(user_show, self).forward(*keys, **options)
+ if 'usercertificate' in result['result']:
+ x509.write_certificate_list(
+ result['result']['usercertificate'],
+ options['out']
+ )
+ result['summary'] = (
+ _('Certificate(s) stored in file \'%(file)s\'')
+ % dict(file=options['out'])
+ )
+ return result
+ else:
+ raise errors.NoCertificateError(entry=keys[-1])
+ else:
+ return super(user_show, self).forward(*keys, **options)
+
@register()
class user_undel(LDAPQuery):
__doc__ = _('Undelete a delete user account.')