Use the Output tuple to determine the order of output

The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
author: Rob Crittenden <rcritten@redhat.com> 2010-02-12 16:34:21 -0500
committer: Jason Gerard DeRose <jderose@redhat.com> 2010-02-15 13:10:11 -0700
commit: 58746226d4b36bc40de91d4d1dd283e9faaff639 (patch)
tree: 11c4cd42b0285ff366c68274495cd1e9ee7fa7da /ipalib/plugins/cert.py
parent: 99dcf9d4f97ac8bff112d6ccc36bb5b894fa5bcd (diff)
download: freeipa-58746226d4b36bc40de91d4d1dd283e9faaff639.tar.gz
freeipa-58746226d4b36bc40de91d4d1dd283e9faaff639.tar.xz
freeipa-58746226d4b36bc40de91d4d1dd283e9faaff639.zip
1 files changed, 65 insertions, 3 deletions
diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py
index 55b3b70bb..3931d214a 100644
--- a/ipalib/plugins/cert.py
+++ b/ipalib/plugins/cert.py
@@ -35,12 +35,12 @@ from ipalib.plugins.virtual import *
 from ipalib.plugins.service import split_principal
 import base64
 from ipalib.request import context
-from ipapython import dnsclient
 from pyasn1.error import PyAsn1Error
 import logging
 import traceback
 from ipalib.request import ugettext as _
 from ipalib.request import context
+from ipalib.output import Output
 
 def get_serial(certificate):
     """
@@ -184,6 +184,25 @@ class cert_request(VirtualCommand):
             default=False,
             autofill=True
         ),
+        Str('certificate?',
+            label='Certificate',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+        Str('subject?',
+            label='Subject',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+        Str('serial_number?',
+            label='Serial number',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+    )
+
+    has_output = (
+        Output('result',
+            type=dict,
+            doc='Dictionary mapping variable name to value',
+        ),
     )
 
     def execute(self, csr, **kw):
@@ -268,7 +287,11 @@ class cert_request(VirtualCommand):
             serial = get_serial(base64.b64encode(service['usercertificate'][0]))
             # revoke the certificate and remove it from the service
             # entry before proceeding
-            api.Command['cert_revoke'](unicode(serial), revocation_reason=4)
+            try:
+                api.Command['cert_revoke'](unicode(serial), revocation_reason=4)
+            except errors.NotImplementedError:
+                # some CA's might not implement revoke
+                pass
             api.Command['service_mod'](principal, usercertificate=None)
 
         # Request the certificate
@@ -299,7 +322,18 @@ class cert_status(VirtualCommand):
     Check status of a certificate signing request.
     """
 
-    takes_args = ('request_id')
+    takes_args = (
+        Str('request_id',
+            label='Request id',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+    )
+    takes_options = (
+        Str('cert_request_status?',
+            label='Request status',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+    )
     operation = "certificate status"
 
 
@@ -318,7 +352,19 @@ class cert_get(VirtualCommand):
     """
 
     takes_args = (Str('serial_number',
+                      label='Serial number',
                       doc='serial number in decimal or if prefixed with 0x in hexadecimal'))
+    takes_options = (
+        Str('certificate?',
+            label='Certificate',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+        Str('subject?',
+            label='Subject',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+    )
+
     operation="retrieve certificate"
 
     def execute(self, serial_number):
@@ -337,6 +383,12 @@ class cert_revoke(VirtualCommand):
 
     takes_args = (Str('serial_number',
                       doc='serial number in decimal or if prefixed with 0x in hexadecimal'))
+    takes_options = (
+        Flag('revoked?',
+            label='Revoked',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+    )
     operation = "revoke certificate"
 
     # FIXME: The default is 0.  Is this really an Int param?
@@ -366,6 +418,16 @@ class cert_remove_hold(VirtualCommand):
 
     takes_args = (Str('serial_number',
                       doc='serial number in decimal or if prefixed with 0x in hexadecimal'))
+    takes_options = (
+        Flag('unrevoked?',
+            label='Unrevoked',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+        Str('error_string?',
+            label='Error',
+            flags=['no_create', 'no_update', 'no_search'],
+        ),
+    )
     operation = "certificate remove hold"
 
     def execute(self, serial_number, **kw):
author	Rob Crittenden <rcritten@redhat.com>	2010-02-12 16:34:21 -0500
committer	Jason Gerard DeRose <jderose@redhat.com>	2010-02-15 13:10:11 -0700
commit	58746226d4b36bc40de91d4d1dd283e9faaff639 (patch)
tree	11c4cd42b0285ff366c68274495cd1e9ee7fa7da /ipalib/plugins/cert.py
parent	99dcf9d4f97ac8bff112d6ccc36bb5b894fa5bcd (diff)
download	freeipa-58746226d4b36bc40de91d4d1dd283e9faaff639.tar.gz freeipa-58746226d4b36bc40de91d4d1dd283e9faaff639.tar.xz freeipa-58746226d4b36bc40de91d4d1dd283e9faaff639.zip